|
||||
Before you read any further, please read following BBC news and get a good background knowledge:
Viruses require a conducive environment to spread (infect) and attack. In an unprotected environment a virus can attach itself to a program. Every time the program runs, the virus runs too, and it has the chance to reproduce (by attaching to other programs) or attack. Worms require an unprotected computer where there is no firewall to protect its incoming ports, that is where the doors are wide open, so that it can happily walk in or ports are properly protected but a program listens to Internet has a security hole. Worms scans the Internet for another machine that has a specific security hole. It copies itself to the new machine using the security hole.
It is a misunderstanding that a virus scanner is the silver bullet to protect you from viruses, of course it's definitely better than nothing, but are you really protected? Anti-virus companies release new virus signatures every hour! That's the current pathetic situation. That is, you have to upgrade your virus scanner every hour. Even if you do that, are you still protected? Virus scanner is not a firewall. It is designed to scan for virus signatures. If you have read the above URLs, now you understand there is at least a virus out there (ie. beginning of a new virus technology), it clones itself every half an hour and spread it copies. Now you may realize how dangerous the situation is.
Tomahawk Desktop achieves resistance to viruses and worms by deploying series of rock-solid defenses. Only thing it does not use is a virus scanner!
Tomahawk Desktop comes with a built-in fully configured firewall. The firewall is the first defense and solves majority of headaches: a) Stops an infected computer trying to send a copy of a virus or worm to your computer by utilizing open ports. b) Stops a hacker hack into your computer through Internet, thereby, avoiding remote hacking and remote hijacking attacks, installing of viruses, stealing of files, etc. c) Save your computer from an avalanche of Internet traffic attack. The Tomahawk Desktop firewall is configured to drop any abnormal loads. d) Avoid cracking your passwords from exhaustive automated attempts. Exhaustive attacks means try all possible combinations for your password until one succeed. Tomahawk Desktop firewall is not just another piece of software running in the computer. It's part kernel, part software. 2. Users are in logically partitioned homes Every user has a home directory to store his/her files. A user's home directory is completely separate and independent from another user's home directory. Therefore, you cannot access (read, write or delete) another user's home directory or it's files or it's sub directories. 3. Separate user logins If an user need to use a computer powered by Tomahawk Desktop, he has to login first by using his userid and password. Passwords are kept one-way encrypted, that is, there is no way to recover back, a hacker can either make an exhaustive attempt to crack the password or can guess. Exhaustive cracking attempts are computationally not feasible. After he logs in he can only read, write or delete any file in his home directory. 4. User Privilege Separation There is one Superuser known as root, who can do anything in the computer, which is used to Install/uninstall programs, add/remove users, delete system files, change system security policies, disable the firewall, etc. All other users are normal users. Normal users CANNOT do any system operations. 5. Programs execution under user's privilege scope In Tomahawk Desktop, there are no programs in users' home directories. All programs in Tomahawk Desktop are installed by system package users (eg. Firefox web browser is installed by the package user firefox). Therefore, programs in the Tomahawk Desktop are owned by various system package users, you can only run them, you cannot remove or change them, because you don't own them. When you browse, read email, etc. your browser or your email client is executed under your privilege scope. That is, it runs as you. If your browser has security issues, it can do a damage to the system to the extent as much as you can do. That is, it can damage your home directory only. It cannot install, remove, change or change program settings or attach a virus to an existing program. 6. Program auto-execution can be set ONLY by the superuser (root) Viruses are designed and require to automatically execute next time when you switch on the computer. In Tomahawk Desktop, it is ONLY the superuser can install such a program. Without knowing the superuser's password there is no way a virus can install itself in such a way to automatically run it next time to continue to do it's damage. 7. Secure Open-Source Programs If the program source open to public, many thought it's a security drawback and vulnerable to attack, but it turn out to be the strongest advantage since program source is available IT security experts, anti-virus companies, universities, other research agencies, defense departments, etc. have an opportunity to see how it works and point out if there is any security vulnerability even before it is exploited. Some of the features above are features of Unix and Unix variants such as BSD. Using an Unix or its variant does not necessarily protect you. What makes the difference in Tomahawk Desktop is how we use it, how we configure it and how we weld it to the BSD kernel itself. By deploying above defenses by design and by configuration, Tomahawk Desktop does not offer a breading ground for viruses. These defenses alone won't protect you if you download a Trojan Horse and run. The Trojan Horse program claims to do one thing but it is modified to do some additional things like a damage, mail all your documents to the hacker, etc. To avoid Trojan Horses, you should download software only from a known and trusted sources. Further, there are utilities included in the Tomahawk Desktop to verify the mathematical MD5 sum or SHA1 sum to make sure the program is not secretly modified. Tomahawk Desktop relies upon Open-Source web browsers such as Firefox, Email clients such as Thunderbird, and office suits such as OpenOffice to avoid other attacks such as image rendering, scripting, email viruses, macro viruses, etc. |