[Arm-netbook] ARM's OOB para-virtualization & FreeZone in A10?
Gordan Bobic
gordan at bobich.net
Tue Jul 10 10:06:47 BST 2012
On 07/10/2012 09:13 AM, Tzafrir Cohen wrote:
> On Fri, Jul 06, 2012 at 07:39:02PM +0100, Gordan Bobic wrote:
>
>> and no on-access anti-virus scanning (you didn't even seem to
>> know what I was talking about with on-open scanning hooks when I first
>> mentioned it).
>
> One minor note: on Linux I don't see the point in such a scanner. It
> mostly serves to increase the attack surface.
How do you figure that?
You suggest that the scope of an exploit in the AV scanner a-la buffer
overrun is greater than the risk of the user running a trojan? Maybe
your users are better than mine...
Couple that with a privilege escalation kernel bug (one of these seems
to crop up once every 10 years or so, not a huge risk, but my point is
that it does happen, no matter how rarely) and you have potential for
some serious damage to occur.
> Keeping the system up-to-date is more useful than keeping a proprietary
> scanner up-to-date.
I largely agree.
Personally I don't run on-access scanning on my Linux desktops, but I
mitigate that by being behind firewalls and proxies that do the malware
scanning (AV milter on the mail server and AV scanner on clam). So the
attack scope is reasonably limited.
For the average user I would at the very least recommend Firefox and
Thunderbird AV plugins.
Gordan
More information about the arm-netbook
mailing list