Every day, new viruses emerge that compromise the security of millions of computers – both personal and corporate. As government agencies increasingly rely upon commercial software for Top Secret computer systems, they found themselves facing a difficult dilemma: continue using their 80’s era software or upgrade to the latest commercial systems, while exposing themselves to the security vulnerabilities that plague everyday users.
From 1999-2001, Robert Meushaw, the director of the NSA’s Information Assurance Reserach Laboratory (NIARL), and his team worked on a solution that coul dgive hte best of both worlds. The system he developed, codenamed NetTop, uses a “sandbox” technique whereby inherently insecure software (such as Microsoft Windows and MS Office) is granted access to a limited portion of the computer. Even if one of the insecure applications was infected with a virus, it is unable to spread beyond the specific machine.
Unfortunately, the results were disappointing. Two crucial missteps ultimately led to its slow adoption within government agencies and by the general public.
The first problem was that NetTop compromised security for functionality. By being neither 100% secure, nor 100% functional, security experts were unsatisfied, and users were frustrated.
The second problem was around cost. Each “virtual” system required its own licenses. Thus, Top Secret computers that accessed six separate networks would require 6 licenses for Microsoft Windows on a single computer! Furthermore, the virtualization component was developed by a for-profit startup named VMWare (now publicly traded NYSE: VMW). As VMWare grew larger and more successful, Microsoft started to tamp down the competition by restricting its licensing terms to make virtualization even less cost-effective.
The end result has been another expensive government project with limited application and a dim future.