PostgreSQL pioneer's latest brainchild promises time travel to dodge ransomware

Michael Stonbraker on the neat side effects of putting an operating system on top of a database

Database pioneer Michael Stonebraker is promising his new concept of putting the operating system on top of a database could help end ransomware.

The computer scientist behind Ingres and PostgreSQL has launched DBOS, with $8.5 million in funding, to help ease scalability in the cloud.

By putting the cloud operating system on top of a distributed DBMS, the technology promises a scalable, fault-tolerant, and cyber-resilient foundation for cloud-native applications, with the added ability to store all state, logs, and other system data in SQL-accessible tables.

Speaking to The Register, Stonebraker, DBOS co-founder and CTO, expanded on how DBOS could improve security and potentially bring an end to ransomware attacks.

In promoting the company, he said he'd spoken to tech leaders in industrial and manufacturing companies with serious concerns about ransomware. "All of them know colleagues and other companies that have been hit by ransomware attacks. Most of the successful attacks don't make papers. The problem is that a successful ransomware attack typically has all production down for days to a week at a time, which can result in [huge] losses."

Because the DBOS database layer features time travel, users with applications on the operating system could "single-step around the attack and be back up and running in seconds."

He said large companies might spend millions of dollars on endpoint security software and then take around an hour to respond to a ransomware attack.

"We've run out of performance comparisons, and we can detect attacks much more quickly. We support time travel: that allows us to rewind everything to just before the attack and get back up in seconds. That's why the security story is very attractive," he said.

Stonebraker admitted, though, that industrial businesses that could benefit from the feature were dependent on legacy technology, which might take years to move to another platform.

Muhammad Yahya Patel, global security evangelist at Check Point, welcomed the innovation in defense against ransomware. However, he pointed out that because it was a cloud-native operating system, it would mean convincing businesses to move to the cloud as a first step.

"The idea of cloud first came out many years ago and now the idea has moved to more 'cloud-appropriate,' given legacy systems and legacy code. Moving to a cloud-native model is not where everyone's at, especially with the cost," he said.

"Kudos to DBOS for going down this route and trying to tackle the challenge of the database and having the operating system separate. The features are quite good and looking at what they've put on the sort of planned roadmap, it's something to want to keep an eye on to understand more about."

Other vendors are attempting to tackle ransomware recovery along with endpoint security, he said. Meanwhile, if DBOS was used as a defense against ransomware, it would also become a target for malevolent actors.

"They'll go straight to the source of this time travel feature. They'll disable it and find a way to put some malicious content around it so they can hold it to ransom," Patel said.

While a new approach to ending ransomware is welcome, it is likely that the arms race between defenders and attackers will continue into the future, time travel or not. ®

More about

TIP US OFF

Send us news


Other stories you might like