17 Jun
2007
17 Jun
'07
6:44 p.m.
On 6/17/07, Anant Narayanan anant@kix.in wrote:
The problem can be eliminated by storing the drivers on ROM. Now, if you trust the manufacturer of the device, you can trust the drivers - the same scenario as divers on a CD.
It isn't. Again, it doesn't clearly distinguish between a driver installation activity and any other activity. My second scenario would still hold -- an on-device virus could still fake a driver installation routine and get in. The user wouldn't have a clue.
--
Siddhesh Poyarekar
This document validates as Plain Text