Can Silicon Slay the Zombie? An Interview with an Intel Security Researcher
Some, such as viruses and worms, take advantage of trusting underlying operating systems and applications. Others, such as attempts at phishing* and pharming, prey on unduly credulous users. Yet even though most computer security concerns involve maliciously written code, it’s flat out wrong to label security a software-only problem.
“Security breaches almost always impact the underlying platform, and really, the hardware is where the buck stops,” said Victoria Stavridou-Coleman, an Intel researcher who studies issues of trust and manageability.
But is platform impact the same thing as provocative research? It’s an important question given that Stavridou-Coleman’s pre-Intel résumé is peppered with references to such topflight institutions as the University of London, Stanford, Oxford, and SRI International.
After all, in most malware tales of recent years, the underlying platforms have starred as fools, mindlessly executing instructions no matter how ill-intended the code. And mindless hardware doesn’t seem especially promising ground in which to dig for hardcore research gems.
Conventional wisdom holds, for example, that much of the recent spam from the Sober worm* came from broadband-connected consumer PCs that blithely spammed millions of addresses with infected e-mails. Infected machines quickly became zombies, spewing worm variants all over the Internet.