Charles Shannon Hendrix
shannon at widomaker.com
Sun Jan 29 11:04:43 CST 2006
Thu, 26 Jan 2006 @ 20:13 -0600, Jonathan C. Patschke said:
> On Thu, 26 Jan 2006, Charles Shannon Hendrix wrote:
> >> - you are handing over the keys to your hardware's most privileged
> >> mode, allowing whoever wrote that code to do whatever they might
> >> happen to feel like with your system.
> > Yes, but that's far less likely, and it doesn't happen through an API
> > that was deliberately designed to allow it, and it is very unlikely to
> > happen from a userland software install like it can in Windows.
> Which API entry points, in particular, are you talking about?
I don't know, I don't write Windows drivers.
It's called driver filters as far as I know.
I think the primary problem is abuse, and the fact that it is too easy
to insert one maliciously.
Now we have copy protection systems using them, and not only do they
hurt performance, but they open up ring zero, and disable hardware on
I don't see Microsoft closing this up, because a lot of games are now
installing viral driver programs on Windows for copy protection.
shannon "AT" widomaker.com -- ["Castles are sacked in war, Chieftains are
scattered far, Truth is a fixed star, Eileen aroon!" -- Gerald Griffin]
More information about the rescue