If most malware comes through internet...

For zero-day threats:

Let only the O/S communicate through the internet without going through a browser.

Then have a locked down browser and make all non-essential programs (non O/S programs) have to go through that browser for any internet communications, no more phone-home allowed for any non-O/S programs.

Then have the browser screen things extremely tightly (i.e. err toward nothing even remotely suspicious getting through.) Might have high false positives, but if nothing essential goes through the browser, high false positives is not a problem for the core functioning of your O/S

For other threats:

No more auto-updates for anything, even your browser. If you need to do updates to non-O/S programs than download the update file from the authorized company, and scan it with an extremely high detection rate signature based scanner before running it.

Most users would not go for this, but if one were willing to use such a system, wouldn't that be locked down as close to 100% as you could get?

 

What you're talking about is just a Firewall. The issue is:

1) Programs often have to phone home. How else will they update and maintain patched?

2) "Nothing even remotely suspicious getting through" well, how do you determine what's suspicious?

A properly handled autoupdate mechanism is actually more secure than this. If they use digital signing then the autoupdater will only install what's signed with the digital key. No ability to forge signatures, etc. They would have to steal it.

And a lack of quick patching is far more dangerous anyways.

Not really.

1) You still need exposed services like DNS.

2) You still have the entire browser exposed, with a ton of attack surface that you've added by having all programs use it for their connections.

3) MITM attacks aren't solved by the above, so common browsing is still vulnerable to being sniffed, or manipulated.

4) Firewall code is still code.

5) Physical attacks like USB.

6) Attacks on the network, like the router.

7) Most of this seems to rely on detection, which means all an attacker has to do is change.

It does nothing for *local* security, so all that's needed is RCE and then it's a matter of just hooking into various programs or exploiting the kernel/ some service.

Just off the top of my head.

 

Thanks.

 

Or .................

One PC for non-eCommerce Internet usage.

One PC for non-Internet usage.

One Ubuntu/Linux boot CD with a browser for eCommerce activities.

 

Does Linux OS still use the hard drive to stores stuff etc. when run off a disk? Will it make partitions or save stuff etc.?

 

My understanding is all ver. of Linux have a "Live CD" option. Also the HDD in some vers. might be mounted after boot in read access mode only. It can be dismounted if that is a concern.