Stopping Computer Viruses Before They Reach You
from the is-this-that-big-of-a-deal? dept
Roland Piquepaille writes "The Washington University in St. Louis (WUSL) announced that one of its computer science teams has developed a new technology to stop computer viruses and worms before they reach your system. John Lockwood and his team didn't use software. Instead, they created an open platform that augments a network with reprogrammable hardware, called the Field-programmable Port Extender (FPX). "The FPX can scan each and every byte of every data packet transmitted through a network at a rate of 2.4 billion bits per second. In other words, the FPX could scan every word in the entire works of Shakespeare in about 1/60th of a second," said Lockwood. Real products based on the technology should appear soon. More excerpts and references are contained in my blog which also includes a photograph of an FPX module." I'm a little confused as to what the big deal is about this. It's basically doing two things: put antivirus protection at the network level instead of the end client, which isn't a new idea at all and using an FPGA hardware solution instead of software (which they seem to be saying is faster). Am I missing something, or is this not that big of a deal?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Need more details
I'd also be curious as to the number of concurrent file transfers it can maintain state info for.
[ link to this | view in chronology ]
One problem:
How the hell are your going to scan traffic if you don't know what to fscking look for.
All it takes is one worm that isn't stupid about how it discovers adjacent hosts (how about using netbios/another "native" microsoft protocol instead ICMP?) and uses a polymorphic intrusion process (no need to fill that buffer up with the same thing over and over again).
...15 minutes later, while the admin is still typing content into their nifty filter, you're entire network is wormed.
This sounds like a really weak technology that only fixes the current state of the art problems.
[ link to this | view in chronology ]
I'm a little curious...
[ link to this | view in chronology ]
Re: I'm a little curious...
[ link to this | view in chronology ]
...and it's implemented in hardware.
[ link to this | view in chronology ]