The idea is simple: malware is designed to target a specific platform. It hooks into a particular OS and executes on a particular CPU. One can make a cross-platform virus on the OS-level, but doing so on the CPU level is harder. x86 code doesn't run on PPC. So, let's just put linux on PPC? Maybe nice for servers, but not for Windows-grade desktop. There is one industrial-strength desktop OS on PPC: Mac OS X. There are many inexpensive PPC Mac OS X PC's on eBay. Additionally, Flash 9 is on Mac PPC. Flash support is a real stumbling block, as they are discontinuing PPC support and the open-source alternative on Linux doesn't support many popular web sites. This isn't all that disheartening: we still have a PowerPC desktop with [hardened] Mac OS X running up to Flash 9. And this system is likely immune to any shellcode that hits it. This greatly reduces attack surface of wild threats.
In order to defeat the shortcomings of limited Mac OS X support, I looked into virtualization. I believe there is a VirtualPC program that runs x86 Windows on Mac OS X PPC. A hardened version of WinXP could be used to surf .NET, Flash, Silverlight, etc. web sites. Most other stuff can be done using proprietary or open-source software in the Mac itself. Targeted exploits will still work in this scheme, but most infections aren't custom-designed to exploit just one PC. I think this general scheme of using a PPC desktop with non-Windows main OS will successfully most shell code in the wild. Specificially, a DOS attack (i.e. program crashed by exploit) is the best they will be able to do, while no botnet or similar logic will be able to run.
What do you guys think about this scheme? About PPC/Mac's providing convenience/ease-of-use + security in same package? Any comments on my WinXPx86 on MacOSX-PPC idea? Any suggestions?
Edited by army_of_one, 03 April 2009 - 02:35 PM.