Operating System Essential Anti-Virus

Under the hood of your computer you say?  Isn’t that where an operating system is supposed to exist for the most part?

An operating system should protect itself from viruses.  You shouldn’t need to have to install software on a computer system to guard against unapproved subversion of its operating system.  There are two ways to make this happen:

By Design

The operating system should be designed with application structure and process structure that makes security compromise difficult. I’ve always come down on hard on Microsoft for building too much power into things inappropriately.  Like ActiveX – do you really want some website able to run software on your computer and make changes to your hard drive?  Microsoft’s learned the hard way that exposing  application power and flexibility is unwise.

Not to say that Linux and variants are immune – they’re not.  But in general, applications that you install on these machines never make any changes to system files, and if they do, you have to give them permission.

Active Analysis

Enter: Anti-virus software.  People on Linux and Macs still don’t mess with it much – they just keep their operating systems up to date.  Even so, some degree of active protection should also be built into the operating system itself.  Maybe the OS could provide hooks for third parties to better analyze data as it’s read, too, but at a very basic level, some sort of semi-competent approach to active data scanning should happen right there at the application level as a feature of the OS itself.

I mean: Come on.  Look at all the cool stuff that your computer comes with out of the box that’s part of the operating system:  Media players and web browsers and image viewers and very basic editor capability, etc.

Kudos to Microsoft for adding Microsoft Security Essentials – the first OS-provided anti-virus solution, to their suite.