A Colorado start-up by the name of Secure64 Software Corporation claims to be the only company in the world with a genuinely secure operating system.

Let's just let that worrisome thought sink in a minute.

Okay, now. This here start-up calls its operating system SourceT micro OS - and Secure64 says Source T micro OS doesn't resemble any other operating system we've ever seen before - and it's not general-purpose - because general-purpose operating systems like Microsoft and Linux are, by nature, insecure.

So the only way you can get it is underneath a $9,995 DNS application - a proprietized version of the open source (and proven) NSD widgetry - that only runs on a $6,000 Itanium machine, specifically an HP Integrity rx2660, one of those rack-mounted dual-core dual-processor Montecito jobs although initially Secure64 is only supporting the uniprocessor version of the machine.

And the reason Secure64 fancies an HP Itanium machine for its appliance is because one of its founders, CTO Bill Worley, is a former HP Fellow and chief scientist who was the lead architect of the PA-RISC chip and PA Wide Word, the basis for the Itanium. (So we figure either he's making up for past sins or trying to prove he was right all along.)

Anyway, Secure64, which as you might expect is best friends with Intel and HP - but not to the point either of them has put money in the joint - claims that it's got the first and only DNS server software that's immune to rootkits and malware and resistant to denial of service attacks. And it got that way because they built it that way from the ground up, taking advantage of certain hardware-architected security protections unique to the Itanium.

It also claims that Secure64 DNS is the world's fastest authoritative DNS and delivers over 100,000 queries a second, 10 times the capacity of a typical BIND server running on an x86 platform, three times a BIND server on the same hardware.

Theoretically Secure64 could have used SourceT in a different kind of application - and does intends to branch out over time - but like its president Steve Goodbarn says, "DNS is one of the weakest links in the IT infrastructure. If DNS servers go down, the web goes down, e-mail goes down, the entire e-business goes down."

Secure64 DNS is supposed to be able to withstand denial-of-service attacks and still respond to legitimate queries up to the saturation point of a gigabit line. In other words, no performance degradation while under attack.

According to Symantec, in the first six months of last year there were on average 6,110 DDoS attacks a day, close to 40% of which targeted ISPs, and CERT says the number ain't dropping.

DNS servers also represent a sizeable market consisting of at least nine million external servers and a lot more internal behind firewalls. Secure64 says the increase in attacks coupled with the need for performance presented by new technologies like VoIP scream for an infrastructure overhaul. Anyway, current solutions - largely BIND and Microsoft - won't scale.

Secure64 claims linear scalability and low latency.

It's also supposed to cut power consumption, eliminate operating system hardening and emergency patches and simplify configuration. It should cut down on the number of servers a company needs and reportedly interoperates with existing BIND and Microsoft DNS infrastructures, leveraging existing investments.

The features in the Itanium chip that Secure64 is exploiting are: key-based memory compartmentalization, fine-grained memory access controls, large register sets and high instruction-level parallelism. Of course, it's not all Itanium's doing; Secure64 has three patents pending.

The company, started in 2002, has raised $7.5 million in angel funding and is going to go out for $5 million-$10 million Series A round in the coming months. It currently has 23 employees. Its widgetry has been tested by such as Intel and NTT.

Secure64 says some of its betas have gone into production. It expects its initial sweet spot to be ISPs and hosting concerns and telecom carriers with hosting services. After that, it's e-businesses, banking, retail and finance.

Secure64 is selling the software. The hardware can be gotten from HP and its resellers. Secure64 wants to be a pure channel play, but for the time being it can also sell you the hardware and provide configuration services.