Quote
"Krstic's system, known as the BitFrost platform, has only one user prompt (turning on the camera) and imposes limits on every program's powers. Under BitFrost, every program runs in its own virtual machine with a limited set of permissions. Thus a picture viewer can't access the web, so even if a hacker comes up with an exploit that lets him control the program, he couldn't use it to grab all the photos on the laptop and upload them to the internet. Programs downloaded to the computer can't "request a set of permissions that let (them) do bad things," Krstic said, unless that software has been certified by a trusted authority, which will be either One Laptop Per Child or one of the countries signed onto the project. Users can, however, manually assign more power to a particular program through the security control panel. While the idea of limiting permissions program by program dates back as far as 1959, according to Krstic, it's not been adopted widely because it puts the burden on application writers to deal with security. Other Linux/Unix-based systems -- including Apple's Mac OS -- run programs with authority limited to a local user, but that's not enough, said Krstic, because the program can still delete user files, even if it can't touch the underlying system files. Krstic's no fan of Microsoft's security, either -- despite Vista's imposition of limited permissions on programs, and its isolation of Internet Explorer in a virtual sandbox. "Vista's sandboxing is trying to impale sandboxing on something broken," Krstic said. Still, Krstic admits there's a drawback to his system: It limits interactions between applications."