![]() ![]() That way, a user could delete hooks for a virus without the resident virus being able to easily add itself back. In the other thread, I suggested an option to allow only deletes for the rest of the session. Maybe skip once could be the default, and other options such as Blacklist and Trust as safe. The first time a process wants to write to the registry, the user could be prompted on what to do. I suggested a registry "firewall." It could operate similar to a network firewall. Also, I included some close suggestions over in the suggestion thread. But if it is an oversight like a buffer overrun or other exploit, then sure, in theory we should be able to get rid of it.Īs for B, that sounds roughly like what Windows 7 does with UAC to a degree. Obviously, if there are long-standing bugs that have had to be coded around over the years, they would need to stay for compatibility. In theory, though, the more we're able to figure out how Windows works and duplicate it, the more vulnerable we'll be to Windows malware and exploits.Ī) Would it be possible to make ros more safe while keeping the functionality by one coding mistakes in the security structure away andī) coding the roots for a firewall in the kernel so the user could as example forbid the software to use certain exploits or dangerous hooks natively (and set the standard settings sane which could be changed by the user.įor A, yes, I don't see why we need to code non-essential bugs. The one hope on this front is that, because ReactOS is an orginal program with no Microsoft code, it will be different "under the hood", which may inherently make it less vulnerable to certain types of exploits. I think it would be naive to think that we can hope to match Microsoft's expertise in the field of making Windows less vulnerable to viruses. ![]() I don't know if there has ever been a Patch Tuesday when Microsoft didn't issue some kind of vulnerability fix. I think it's fair to say that Microsoft has more experience with this than any other organization in the world. You may, of course, be referencing the fact that Windows makes a certain effort to prevent malware from achieving its goals. If a user is dumb enough to install Windows malware on ReactOS, he will hopefully be able to. ReactOS hopes to run any software that Windows can run, which includes both viruses and anti-virus software. So, we certainly want to be able to support that.įirst of all, remember that most malware is installed with the user's permission. ![]() The older Intel processors don't have the No Execute instruction, so Windows XP cannot use its overrun/underrun protection on those. But I also remembered one other difference, and that was the processor. She used file-sharing more than I and allowed others to get on her machine to look at certain types of pictures and videos online. I was pretty sure that the way we each used our machine was different. So I had to ask myself why she was getting them and I wasn't for the most part. Now, she kept calling me to remove infections, while I might have only gotten 1. She had a Dell Dimension with either a Celeron or Pentium 4, while I had an Athlon 64 X2 based machine (the 3800). A few years back, both my friend downstairs and I both were running XP (32 bit). We certainly need to code in PAE support, which is required on 32-bit systems for the No Execute instruction. So we could use more appropriate registry values. There are things in the registry that the end user can change to harden their security. However, over the years, Microsoft may have made a few blunders in their default settings. Modern versions of Windows are not inherently insecure. However, the way we get to that point is different, so if a virus requires a specific Windows version to work because of the way it hooks itself in, it might not work under Reactos.Īnother thing to consider is the default settings. Unfortunately, that would indirectly include viruses. The goal is to make anything that can run on Windows run on Reactos. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |