What is Digg?76 Comments
- Matt2k, on 10/12/2007, -5/+33I think its a good idea. Software shouldn't typically ever need to modify those aspects of the operating system. I don't know what Outpost firewall is doing that is different from other firewall vendors, but if it means they need to eliminate some tiny feature XYZ to get their software to work, then they need to bite the bullet and do it. I'm not particularly interested in sacrificing my security because they don't want to alter their firewall product.
And the article is misleading. "Developers" as in one developer - TheJeffer, on 10/12/2007, -4/+22Agreed. Why are they needing kernel access in the first place? If they took the time to work with Microsoft, I'm sure they can find alternative ways to do things without sacrificing the security of the system. Developers pulled this same crap when Microsoft implemented DAP (Data Execution Prevention) in XP Service Pack 2. Poorly written software stopped working and they'd try to blame Microsoft. Yes, it can be a pain when OS changes force you to have to fix your broken software, but get over it. People have been crying for years for Microsoft to improve their security, and now they're actually doing it. This is a GOOD thing.
- esac, on 10/12/2007, -3/+20In Other News: Microsoft is sued in a class-action lawsuit by Symantec, Norton, McAfee, and multiple others for making their product secure and prone to viruses. By preventing spyware/malware/viruses in their new operating system, Microsoft is costing these companies billions of dollars... more at 5.
- spectre_25gt, on 10/12/2007, -6/+23So, Microsoft is disallowing access to low level areas of their OS for security reasons. Suddenly that's a bad thing? Vista is going to have an API for Anti-Malware software to take advantage of. I seriously doubt they're doing this to keep people from writing software for the platform.
In the end, though, if this put all of the "personal firewall" companies out of business, I'd be happy. All those programs do is screw up computers. - mancat, on 10/12/2007, -5/+18Sorry developers. You're going to have to deal with users not being Administrator anymore, and a few other things, including this. You guys have spent years ignoring the security features that were present in Windows, forcing Microsoft to ship their operating systems in the least default secure level because you couldn't write your apps well enough to not break completely when they encounter an "Access denied" error. Everyone has complained for years about Windows not being secure enough. Now that Microsoft is finally taking steps to respond to the market's demands and increase default security substantially, we have groups like Agnitum crying about it being "too hard" now. You know what? If you can't bring yourself to adjust your practices and software design to reflect the new security defaults and features in Vista, just stop writing software. I'm tired of stubborn third party developers holding Microsoft back from implementing good default security practices in their OS, for fear of breaking these shoddily written applications. It's really time for developers to step up and match Microsoft in its crusade to secure Windows. Those that can't, should go out of business.
- neouser99, on 10/12/2007, -7/+18if i didn't know better, i would guess you didn't read the article. save us the obvious comments next time, captain
- richbradshaw, on 10/12/2007, -2/+12Microsoft Works
- Loonacy, on 10/12/2007, -4/+14I thought it was "Military Intelligence"?
- Cymrubeats, on 10/12/2007, -2/+11So, to summarise...Agnitum want MS to make Vista less secure so Agnitum can make it secure again. Well, that makes sense to me...hold on whilst i eat my dinner, tonight i'm having broken glass and a pint of bleach.
- chucker, on 10/12/2007, -4/+12What? If Agnitum can't figure out how to implement their so-called "security software" without relying on patching the kernel, then the mistake is not with Microsoft; rather, Microsoft has done the right thing and Agnitum has merely shown themselves to be incompetent.
- PepeGSay, on 10/12/2007, -2/+10Firewalls provide a specific type of security. They do not fix a security "flaw".
- alwaysmc2, on 10/12/2007, -2/+9Has anyone ever used Microsoft's OneCare? It is very good. It does everything automatically. Conceivably you would only have to look at the application the first time you use it, and then just let it do it's work in the background from then on.
http://onecare.live.com/
All they have to do now is make a version of Vista, since the one they have now is only for XP. - Propapanda, on 10/12/2007, -2/+7I wouldn't be surprised if that ends up happening. It's pretty easy to hop on the ol' "sue Microsoft for giving it's customers more than you want them to" bandwagon.
- Crypty, on 10/12/2007, -8/+12It wouldn't be all that bad for MS force their choice security app on people. Rather than norton(utter *****), we can have a security program that is updated frequently(like it or not, MS is really on top of the updates thing)
It also allows MS to better control malware on their OS. A main complaint of windows users is the abundance of viruses, and consequently the ***** of norton. With the MS scanner as part of the Vista package, they will really be pressured to do a good job with it, or end up losing more customers to OSX/Linux. I think this could be a positive turn of events when it comes to keeping malware at bay. - Magadass, on 10/12/2007, -0/+4I havent had a Virus or a security breach on my Windows machine for nearly 7 years now, not a single one. I dont run Antivirus, I turn automatic updates on so it installs at its own will and never bugs me and I havent resinstalled windows in nearly 3 years and it runs great! Granted I do run CrapCleaner to get rid of the ***** Uninstaller crap that some vendors make but thats about it.
I really dont get what everyone talks about, I mean yeah if your some joe smoe user and your stupid enough to click on some random exe in your email from some stranger that doesnt even speak english maybe you deserve a lesson! - maninblac1, on 10/12/2007, -0/+4It's both a dirty trick and a breath of free air. Sure you can't use third party software, but your defense tools from windows are free anyway, unless you're a sucker and by LiveCare. But, Frankly, NO program should have kernel level rights, EVER. This is an OS, this is the main program that runs all other programs, no third party program should ever a permissions set anywhere near the OS. There should be 1, and only 1 kernel program, the OS. All else should be user level.
This philosophy that some programs or users are allowed run at kernel level or near it is rediculous. It's not necessary, with today's modern hardware it's not going to matter if you have to do a process switch or mode switch or a thread switch. The performance will be transparent to user. Microsoft's philosophy should be, i think "stay the f--k out of our code and write it yourself", that's how they can fix their security.
And if it's not good enough for the industry, well have them create another level, Kernel, environment and user level higherarchy. How hard is it to develope a no flaws system. - Phil246, on 10/12/2007, -8/+11If you had read the article more closely you would see they have found a way around it, by using the same techniques that hackers use.
these security measures by microsoft are flawed and only add another layer of frustration for genuine developers.
quote :
"Unfortunately, it doesn't really resolve the problem, and also makes it a great deal more difficult for independent security software developers to be fully compatible with Windows."
"Nobody knows if Microsoft has done this intentionally, but we can't avoid the suspicion that this move may have been designed to force users to rely on Microsoft and only Microsoft for Windows security," - daonlyfreez, on 10/12/2007, -2/+5Agnitum creates an excellent firewall: Outpost (nothing like Norton/McAfee et altri). Moreover: They are an excellent group of former hackers dedicated to security for real...
If Vista does not 'allow' third-party security software vendors to protect the system at the lowest level, this sure poses a problem. If Vista was secure enough by itself, one wouldn't need security software, one could argue, but it is clear to most that Microsoft has not been 'on top' of threats, to say the least. Result of this policy: If you buy Vista, you would need to pay MS for your 'extra' security, including anti-virus/foistware, and you couldn't choose your own third-party program for that.
If no-access means: "well, then that leaves us no option but to go the rootkit-route", that would truly be worse, like the article states...
Now some of you might not mind MS tightening the grip, but most would... - BrainInAJar, on 10/12/2007, -2/+5"This is bad for the hobbyist who wants to tinker with such things"
I think most hobbyists who want to know how an OS works tend to stick with free software, since the source code for the kernel is right out in the open - Linkage155, on 10/12/2007, -1/+4>>alwaysmc2
Yep, OneCare has been working for me, altough I haven't gotten a virus/malware or what ever in years (if you have, learn how to use a pc) I think this should be available in Vista for free, it's time for MS to make people shut up about it being not so secure/not having any security tools for free. - BobTurbo, on 10/12/2007, -4/+7Maybe they should just write good applications in the first place.
- daonlyfreez, on 10/12/2007, -4/+7"Why are they needing kernel access in the first place?"
Err... you might not understand why, but any serious security software, especially software firewalls, need the lowest access to be effectively protecting your system, which might include 'protecting' you from hidden/unclear/unnecessary/compromising connections made by 'your most trustworthy OS vendor', Microsoft itself...
Don't you want to be able to control all?
Think about it: Do you really trust MS that much? Do you really want a MS-only controlled low-level that might compromise you, be it in the name of 'fighting piracy/child pr0n' or 'improving customer experience'?
"We are sorry to inform you we have blocked network access from your computer because of apparent illegal activities. Call your local MS-copper to unlock your computer. Be aware you'd need to allow the MS-copper access to your computer, show him your ID, lay out your medical record, and pay a $500 fine - not refundable on error - to unlock your workstation again. Three consecutive blocks will result in a lifetime ban"
It would actually not be that difficult to implement something like the already available digital signatures to secure softwares that are allowed to work at the lowest level... - kubudubudubuntu, on 10/12/2007, -5/+7This isn't really fair either, we should not need to buy third-party security software, where instead the software it's-self (windows) should be secure enuff.
- pickypg, on 10/12/2007, -0/+2Sounds to me like their "firewall" is more of a rootkit in and of itself, sniffing all kernel data.
- inactive, on 10/12/2007, -1/+3I completely disagree with this approach. While I am very much pleased with code being put in place to stop unallowed software from reaching the Kernel level system access, I feel totally banning it is a horrible approach.
That approach is the same as stating since you can drown in a river the best to stop it is banning people from the river. Which obviously can not and will not wok, they already said they have bypassed it. How effective is this software if its not even out of the beta stage and it has been circumvented?
What they need to do is make it require very clear user approval, possibly by the creation of 3 accounts at installation: regular operation, administrator, kernel modifier.
In kernel modifier access to completely disconnect the internet so it's impossible for a worm to exploit a computer while in kernel access mode. Then when you enter kernel access mode it display a gigantic warning "YOU SHOULD ONLY EVER NEED TO ENTER THIS LEVEL OF SYSTEM ACCESS FOR INSTALLATION OF A FIREWALL, ANTI-VIRUS OR OTHER COMPLETELY TRUSTED PRODUCT. INSTALLATION OF ANY OTHER SOFTWARE CAN RESULT IN TOTAL SYSTEM FAILURE OR COMPUTER VIRUS INFECTION."
After this point, any one that manages to get a rook kit installed with out their knowledge & consent is just an idiot and doesn't deserve to have access to the comptuer in the first place.
Trusting Microsoft to provide the entire virus and firewall protection the computer needs on a software level is expecting the fox you hired to guard your hen house to be there in the morning with all the chickens intact. - cquinnd, on 10/12/2007, -0/+2How effective is the developers arguement if they won't point out the claimed flaw in the OS that they say they were able to work around, in order to get it fixed before the final release?
- JimDigg, on 10/12/2007, -4/+6Phil246: I did read the article closely, and just because this company decided to take the "hacker" route to get their software to work, doesn't make the security changes that Microsoft made a bad thing. The company could just have easily done what was suggested and worked with Microsoft to get their product to work correctly with Windows. But they didn't, they decided, through their own laziness, to try hacking the kernel of the OS to get their software to work, and then cry on the Internet about how Microsoft is breaking their software.
Well boo hoo, poor them. Personally id rather have a more secure kernel then their software. Of course it can be reverse engineered, any software can be reverse engineered. That doesn't make the changes less secure. - pushmouse, on 10/12/2007, -3/+4Uncontested divorce.
- armbo, on 10/12/2007, -1/+2airline food
sanitary landfill
those are the only two i remember - agimat, on 10/12/2007, -2/+3This is a good thing, of course - unless your version of windows is not "WGA-compatible" or if you benefit from having third-party solutions for security.
- OBKenobi, on 10/12/2007, -1/+2[quote]Now I am sure they were wishing they had diversified their portfolio and products to other OS'es too.[/quote]
But other OSes don't need such security products. At least not yet. - inactive, on 10/12/2007, -0/+1FRAGaLOT: moron (without oxy).
- Magadass, on 10/12/2007, -1/+2Actually if you would read the article more closely, you will notice that they are speaking out of their ass, they have no idea if hackers or they will be able to find a way around it. They are only suspecting as much, which may or may not be the case, indeed everything can be reverse engineered. There is no such thing as a 100% secure way of doing things, no matter what system you use hackers will be able to reverse engineer it and get around the security measures given enough time and determination. The point here is that Microsoft is making it MUCH MUCH harder for this to be achieved, in doing so they are limiting the audience away from the majority and into the minority. Thus they ahieve a higher security perspective since the overall security exposure is minimalized, thus instead of jumping through a hole with ease they must jump through a micro fissure with security checks and road blocks.
The fact that a security firm is whining about additional security measures being put into place always amazes me, mostly because their entire business model is reliant on an insecure OS. Buy their product and wallah you now have a secure OS, well sorta, only at a high level is it secure, the low level is still exposed. This is what they are fixing! If all of the Windows security products vanish off the markey thats a sign that Microsoft may have gotten their ***** together, but IMO its going to take 2 or 3 versions of Vista for that to happen! You can only do so much sandbox and dogfood testing before you through it into the firing range, thats where you find most of your missed security focal points! *not going to spell check* - MikeCerm, on 10/12/2007, -0/+1Windows does need a better firewall to control outbound traffic (I use Kerio on a few of my systems), but I agree with your point, if you apply it to antivirus software.
If Symantec, McAfee, PC-Cillin, and the other antivirus companies made a decent product, Microsoft wouldn't have need to launch OneCare. (and if they could give it away for free without being sued by Symantec for acting like a monopoly, they probably would have.) - Dadoo, on 10/12/2007, -0/+1"You will get bought by MS. YES! That is exactly what many small developers dream about"
Don't get me wrong: if that's your goal, fine. Seems like a waste of a lot of good work, though. More importantly, can *you* predict whether Microsoft will kill you or buy you? That's a mighty risky game to play with your money.
"That does not quite equal 'all successful software'."
Are you sure? Of all the categories you mentioned, the only products that are even worth mentioning are open source. They don't make any money. MS Word, for instance, has what, 97% of the word processing market. The remaining 3% is shared by four or five products, including the word processor in Open Office.
The point is, since Microsoft owns the OS, if they decide you're done, then you're done - even if your product is significantly better. Sorry, way too much risk for my livelihood to be at the whim of someone else. - MikeCerm, on 10/12/2007, -0/+1Jumbo shrimp
- FRAGaLOT, on 10/12/2007, -3/+4oxymoron: Windows Security
- Keveros, on 10/12/2007, -3/+4I'm sorry to say that most likely the reason they are so intent on laming Microsoft for actually securing the kernel is that they have made their money on the backs of users... And now their gravy train is moving on without them..? I believe that any application that can easily install to the kernel portion shows a weakness in the system... Any secret code or way to enter that portion will eventually leak out and be utilized by the bad code as well as the good... As a user, I use windows, I may not like some things about it but, I am not fond of the alternatives either... No matter what system you use there will always be weaknesses of some kind... I just don't want one of them to be, the ability to hijack my system and hold it for ransom..! Be it third party software or bad individuals...
- inactive, on 10/12/2007, -1/+2If MS does that all that anti-monopoly crap will be reactivated again and EU will try to ditch more money from the company.
- daonlyfreez, on 10/12/2007, -0/+1http://www.agnitum.com/r/firewall/onecare
"Expert opinion: Agnitum issues first in-depth analysis of Microsoft OneCare Firewall
The firewall security experts at Agnitum have conducted an in-depth analysis of Microsoft's new OneCare Firewall, part of Microsoft's "Live" security initiative. The results are so far below industry standards that we felt obliged to share the results of our analysis with you.
Highlights of the report, which has been published by a number of online and print magazines, include:
- The OneCare firewall failed all but the simplest leak tests and does not offer even the most basic intrusion detection capability, leaving users' PCs wide open to being hijacked into a botnet
- The OneCare firewall database of pre-approved applications is very small, and adding each new application requires several user interactions and a reboot
- Application access rules are limited to 'allowed' and 'not allowed'-users cannot configure different rules for different types or times of usage, such as allowing IE to connect with some but not all websites
- Similar limitations apply to network file access and remote desktop operations
- The Windows Defender anti-spyware component of OneCare imposes significant delays on program execution and is updated on a separate schedule than other OneCare components"
Err... - Jorg, on 10/12/2007, -1/+1"Yes this will stop the one casual root kit maker and piss off every corporation that uses kernel level software. I've got a better idea Microsoft, make better code."
*****!
They are not being prevented from creating and installing kernel level software. They are being prevented _FROM_PATCHING_THE_MS_PROVIDED_BINARIES_!
If you have been paying attention, you know that all Vistas kernel mode binaries are now signed by Microsoft and will not work if they are modified without being resigned.
Now, one of you come up with a way for a third party to modify of one of the binaries and then re-sign it with out having access to one of Microsoft's private keys, and you will never have to work again.
If they want to _REPLACE_ existing MS functions, they are going to have to do it in a supported way, not by hacking existing binaries.
1) Replace a compete kernel file with one of there own creation.
2) Work with MS to get the the source for the necessary kernel file and make their custom changes. (Is this even possible?)
In either case, the files will have to be signed by a cert obtained from Microsoft, or they will not work in vista.
Jorgie - BobTurbo, on 10/12/2007, -0/+0In my opinion, the signature based antivirus products are pretty much useless, at least on the desktop. I would prefer to use something on-demand once per month (an online scanner) and that is it. Elaborate personal firewalls and any antivirus products are an endless source of misery that cause 100 times more problems then the things they are trying unsuccessfully to stop.
Outbound firewalls in XP are rather useless from my understanding. There are a number of ways for one process to hijack a legitimate process and just send data out through that.
Maybe something built in that detects suspicious patterns of activity might be a good option as long as it does not hinder performance. I think Windows Defender is basically Vista's solution to that. Spyware and blended threats are the real problem. Viruses are going to be difficult to execute on Vista and really, the worst they can do is corrupt some files that should be backed up anyway. - MechaFenris, on 10/12/2007, -2/+2Microsoft _finally_ makes Windows more like every other OS has been for quite a while now w/r/t kernel access, running as admin, etc. and Agnitum doesn't want to modify their installer. -- Ain't it weird?
Seriously, though. This is a good thing(tm) for Windows security. Now, if they allow installation of software like other OSes (typing the admin password to gain access to certain aspects of the OS/directories), it should go a long way in changing the mindset of Windows users NOT to run as administrators... (that's the other half of the puzzle that will take some selling, since it's so entrenched in the way you do things in Windows...)
I have been increasingly annoyed at TheRegister, since they've gone from dishing dirt and scooping rumors to personal agendas against stuff they don't like or agree with (The EFF comes to mind of late, but the list is quite long.) I stopped reading OSnews because of the same tactics. Instead of being a "News" site with commentaries (which is completely fine.. it's healthy to discuss things), it became a "commentary" site with the admins bashing dissenting opinions. I'd rather not see unpopular opinions shouted down on a site that wears its bias on its sleeve. :) And the same holds true with TheRegister. - inactive, on 10/12/2007, -1/+1I think that companies like Adobe, Oracle, SAP and many others disagree.
- inactive, on 10/12/2007, -1/+1***BUY*** Windows instead of "acquiring" it via torrents or russian/chinese FTPs and you will have a computer 100% WGA-compatible.
Is it too hard to figure out?!?!?! - Ryosen, on 10/12/2007, -1/+1Relying on Microsoft for Windows security is a bit like relying on the ocean for drinking water.
- inactive, on 10/12/2007, -1/+1And I have an even better idea: shut your mouth up, biotch!
- Pankov, on 10/12/2007, -0/+0Agnitum’s technical brief about Microsoft’s approach to Kernel Patch Protection has sparked intense discussion at Digg/Slashdot.
May we participate in the debate?
Agnitum believes Microsoft’s motivation for introducing Kernel Patch Protection is clear. It is attempting to better protect the typical user of Windows XP x64 and Server 2003 x64 from rootkit vulnerabilities.
Unfortunately, the approach taken by Microsoft limits the ability of third-party software developers to protect Vista users from other vulnerabilities inherent to Windows. This affects not just Agnitum. It affects Zone Labs, McAfee, Symantec and other developers of security software.
Third-party security software uses a variety of approaches to protect Windows users. As we noted in the technical brief, http://www.agnitum.com/news/kernel_patch_protection.php:
“One of the most commonly used approaches to implementing proactive protection involves changing and monitoring the Service Dispatch Table (SDT), which is used by the OS to transfer control from user-mode to kernel (low-level system mode).”
Developers who need deep kernel integration often patch the kernel by changing the service number in the SDT, and when a call is made to invoke a system service, the third-party code is invoked instead of the kernel code -- and the third-party code then returns control to the operating system.
Kernel patch protection in the x64 versions of XP removes the ability of developers to legitimately change the service number in the SDT by hiding it – but imposes no such restriction on hackers.
Which is the point we are trying to make. On the one hand, kernel patch protection makes it more difficult for security software to defend Windows from attack. On the other hand, “surprise kernel patches” open Windows to new, broad attack. And please also note that there is no such thing as a secure firewall if that firewall lacks deep OS integration.
This is not progress. Microsoft’s approach forces users to rely on Microsoft and only Microsoft for operating-system security. If past experience is anything to go by, we know that third-party security tools are more robust and provide better protection than what Microsoft offers.
Clearly, kernel patch protection in its current form is not perfect. Yes, Microsoft is correct in wanting to protect users from rootkits. However, from my point of view, it is more necessary to introduce security measures that do not make users more vulnerable.
Igor Pankov,
Product Marketing Manager at Agnitum - L0t3k, on 10/12/2007, -1/+1I'm not sure I'd agree with the statement that Microsoft is really on top of updates. They sure issue a ton of them (and big ones at that), but sometimes problems go unresolved for months, or even years. That doesn't fly in the anti-malware business.
Personally, I think this is great. People have stuck to windows because businesses and application developers have stuck to windows. Businesses stick to windows because application developers and people stick to windows. Application developers stick to windows for two reasons... people and businesses are on windows, and because the entire platform is built to be a goldmine for software developers. If you take any of those three out of the mix, the whole thing falls apart.
When Microsoft gets too greedy (desktop OS, server OS, office productivity, crm, accounting, various communications platforms, and now service oriented software like anti-malware) application developers get shut out at every step. The harder MS makes it for people to make money on their platform, the more likely it is that the whole house of cards will come tumbling down.
I'm not saying that we're exactly on the verge of a revolution as some have been prognosticating since the 90's, but it's one more step. Those people are right about one thing though, greed will be Microsoft's downfall. - daonlyfreez, on 10/12/2007, -2/+2@chucker "So, I still don't see how a security company could seriously advocate kernel patching."
http://www.agnitum.com/news/kernel_patch_protection.php
"Technical Background
To provide proactive protection, security software solutions need to get control over low-level system activities like file and registry operations.
To achieve this level of control, one approach uses a documented API provided by Microsoft. However, this API does not allow ISVs (independent software vendors) to control system activity pre-emptively and on the fly. It limits the number of file and registry operations that can be controlled. It does not allow control of process memory modification and imposes a number of other restrictions. This does not help independent software vendors to provide system protection using native interfaces.
An alternate approach requires modification or replacement of code or critical structures in the kernel of the Microsoft Windows operating system using internal system calls - so-called kernel patching. Essentially, kernel patching bypasses actual Windows kernel code to invoke third-party code. However, this approach opens Windows to attack by malicious third-party code as well as legitimate attempts to extend Windows functionality.
One of the most commonly used approaches to implementing proactive protection involves changing and monitoring the Service Dispatch Table (SDT), which is used by the OS to transfer control from user-mode to kernel (low-level system mode). Developers sometimes patch the kernel by changing the service number in the SDT, and when a call is made to invoke a system service, the third-party code is invoked instead of the kernel code.
Security vendors, including Agnitum, often use this approach. Unlike other techniques suggested by Microsoft, this approach enables third-party software to protect the OS by gaining full control over file and registry operations. Microsoft, however, prefers that developers not use this approach. In fact, the company has gone so far, in the x64 versions of Windows, as to prevent call redirection involving 32-bit SDT pointers. Sadly, this poses no problem for hackers, as there are unused areas in the kernel code that can be used to create so-called "connectors." In theory, Windows Patñh Guard should interrupt this process after doing a memory space check, but hackers already know how to disable this protection.
And now along comes Kernel Patch Protection
In a recent update, Microsoft removed the ability for developers to legitimately change the service number in the SDT, introducing so-called kernel patch protection for x64-based versions of Windows Server 2003 SP1, Windows XP and later versions of Windows for x64-based systems.
Microsoft believes kernel patch protection defends code and critical structures in the Windows kernel against modification by unknown code or data. Kernel patch protection stores and periodically verifies checksums of specific kernel memory areas (network components); if a checksum mismatch is found, the result is the dreaded Blue Screen of Death (BSOD). According to Microsoft, this technique should prevent SDT modification and thwart the intentions of a number of rootkits.
Research by Agnitum security experts has determined that, in practice, kernel patch protection does not prevent hackers from reverse engineering specific OS code areas to re-acquire the desired capabilities. While it does disable compatibility with future kernel versions, quality-assurance is not a big concern for most malware writers."
Oh, and you are right about hardware firewalls being superior to software firewalls in most cases (which does not include your off-the-shelf $39.99 router btw)... -
Show 51 - 75 of 75 discussions
Browsing Digg on your phone just got easier with our enhancements to the 
© Digg Inc. 2009
— Content created and posted by Digg users is