Google promises end to viruses - Fortify says: don’t be hasty
July 2009 by Fortify Software
Google’s engineering director has promised that his company’s forthcoming Chrome operating system will see "the end of malware," but, says Fortify Software, the application vulnerability specialist, users shouldn’t forget their software may also be flawed.
"You can have the most bug-free operating system in the world – which is what energy companies have in the shape of the SCADA-compliant embedded firmware that drives their critical systems - but if the software has bugs in it, you’re dead in the water," said Richard Kirk, Fortify’s director.
"The plans of Linus Upson, Google’s engineering director, outlined in the latest New Scientist magazine are laudable and, if they turn out to be correct, will make computing a lot safer for everyone, but the plethora of software that is available - and being developed all the time - makes the task of eradicating viruses impossible," he added.
According to Kirk, this isn’t to decry Google’s plans for a secure operating system, although he noted that the company’s plans took a battering this week when two flaws were revealed in the Chrome browser application.
The irony of Upson’s plans is that embedded firmware versions of Windows are already in active use on SCADA-compliant systems in critical government and utility grids the world over, he explained.
The downside of using an embedded operating system is that it cannot be easily updated, but that is a small price to pay for a more secure computing environment, the Fortify director went on to say.
"Google’s promise of a flaw-free operating system with Chrome is a really great idea and we applaud that, but our business is based on helping software developers boost the security of their applications during the code audit stage," he said.
"And given that our clients anticipate code auditing to be an integral part of their development plans for some time to come, I think Google’s promise to eradicate viruses is a bit on the optimistic side," he added.