I will start with a little knowledge, i have on viruses. First, like Certificate Authorities on Websites, we will provide CAs for softwares. CAs should have a network of all possible necessary framework to validate a type of software, unattached to the internet. After that, it validates a particular version of software from a certain website. If you have got that software from an unknown source, verify it with the CA online. CAs just need to pickup random bits from the original and unknown source, and verify it. Now, we will see e-mail attachments of files and softwares. If i see a file named hello.txt, why would it run, it's purpose is to show u some text. Always open a txt file in an text editor, jpg file in a photo viewer, .mpeg in a video player. E-mails should only see the files as shown to the viewer. Don't care if it's hidden .txt.exe. If it's shown as .txt, open it in a text editor. If you see code in editor, unwanted information or gibberish, delete the mail. If you see no picture or video, delete the mail. If it's not a clear known viewable type of file extension( .txt, .jpg,.mpeg,.docx), as viewed by the recipient, like .TxT ,. Mpeg, . txt.exe, . mpg.exe clearly tell them it maybe malicious and advice them to delete the mail. If there is standard non- viewable file format allow only to download and not run. After downloading , ask them to verify with the CA. If someone creates a software ( malign with no CA certificate, maybe even few lines of code) and sends it through mail, check with CA. All these for common man, who suffers most damage. Programmers who want to share their code can ignore the warning and execute. If virus or any malicious software is found, both CA and the software firm is accountable. CA software should be installed in the PC and connected to the internet. CA software will first quarantine and read the version and name of the software by getting into the internal bits and after verifying its validity, by the particular CA who verified it, CA software will allow the software to get installed. Of course you can bypass CA, incase you are a programmer. There can be multiple CAs with expertise in different areas, working separately or collaborating incase the software has multiple utilities, making the probe more worthy. Search in common CA list for the software name and version, go to that CA and verify its validity.
No comments:
Post a Comment