mouse at Rodents.Montreal.QC.CA
Tue Jan 24 19:40:00 CST 2006
>>> The Windows driver system allows layered drivers which not only
>>> allow software houses to install viral programs which hurt my
>>> system and my ability to use it, but open up security holes all the
>>> way to ring zero.
>> To be fair, lots of Unix variants do this too. Anything that
>> supports vendor-provided binary-only drivers has similar security
>> properties, whether it's Linux, OSX, or Windows.
> Which UNIX variants have the system Windows has for driver filters?
I don't know enough about Windows to remark on that aspect of it.
I was pointing out (or trying to) that if you run a binary-only driver,
you are "open[ing] up security holes all the way to ring zero" - you
are handing over the keys to your hardware's most privileged mode,
allowing whoever wrote that code to do whatever they might happen to
feel like with your system. (The same would be true of source, of
course, except that it's a good deal harder to hide malice or other
trickery from even casual inspection in source code. Also, while not
quite applicable to all source-code drivers, open-source drivers have a
culture and community that is much more proactive about getting fixes
created and distributed when problems are found.)
> Binary only drivers definitely are *NOT* a similar security problem.
Then I do not understand the problem you are referring to.
> I'm talking about something quite different.
> Read up on Starforce and things like that to see what I mean.
As far as I can see from a little googling, StarForce is different from
someone using (say) FreeBSD NDIS drivers to do similar things only in
that it's actively being done. (Well, and that FreeBSD allows you turn
off the ability to install such things without rebuilding the kernel.)
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse at rodents.montreal.qc.ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
More information about the rescue