Keylogers
MichaelQuigley at TheWay.Org
MichaelQuigley at TheWay.Org
Thu Apr 28 20:28:49 CEST 2011
> ----- Message from Mike Acker <Mike_Acker at charter.net> on Thu, 28
> Apr 2011 10:49:13 -0400 -----
>
> To:
>
> "Robert J. Hansen" <rjh at sixdemonbag.org>
>
> cc:
>
> gnupg-users at gnupg.org, Faramir <faramir.cl at gmail.com>
>
> Subject:
>
> Re: Re: Keylogers
>
> On 14:59, Robert J. Hansen wrote:
> On Wed, 27 Apr 2011 12:56:19 -0400, Mike Acker <Mike_Acker at charter.net>
> wrote:
>
<snip>
> we shoud recognize that this inventory process is most critical for
> the operating software itself: the software that is allowed to run in
RING0.
>
> In a properly secured O/S an application program can't do any damage
> to its host O/S.
<snip>
"In a properly secured O/S an application program can't do any damage"
No damage, yes. But additional alterations can happen. Software
installations alter the base O/S--especially the Windows registry. Keep
in mind things such as Anti-virus software need to put in hooks to
intercept normal/original processing to test files/programs.
I've wondered how this same subject works with application whitelisting.
Also, I believe device drivers still run in RING0 on Windows. Although I
haven't heard/checked whether that's still true in Windows 7.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110428/35121000/attachment.htm>
More information about the Gnupg-users
mailing list