Windows 8: Secure at the Deepest Level

JMH

JMH

Emeritus, Contributor
Joined
Apr 2, 2012
Posts
7,197
If every computer had antivirus software running, life would be tough for bot herders and cyber crooks. Their ability to orchestrate spam campaigns and denial of service attacks relies on a plentiful supply of unprotected computers. Windows 8 will put the squeeze on those creeps. It has antivirus protection built right in, enabled by default if no other antivirus is present. But the new security features at the very deepest level may be even more significant. To understand what Windows 8 adds, we need to look back at the evolution of operating system security.

The Story So Far

COM file programs for the original MS-DOS were laughably insecure by modern standards. DOS simply copied the program byte for byte from disk into memory and started it running. It made no distinction between code and data, so a buffer overrun attack could easily force execution of arbitrary code. Early file-infector viruses simply appended their own code to the program's end and replaced the very first instruction with a jump to that code.


The EXE file format, still in use today, isn't quite as open to manipulation. It does distinguish between memory areas used for code and those used for data. Windows XP SP2 introduced Data Execution Protection, which ensures that a memory area marked as data will never be executed. (Note, though, that it's possible for a hardware backdoor attack to disable this feature).
Click to expand...

http://www.pcmag.com/article2/0,2817,2408016,00.asp
 
What if, now all of a sudden we had a virus which would be able to disguise itself as an Antivirus, thus disabling the default built in protection system, making it easier for this virus to do it's thing in the background? Is that really smart? Providing a conditional for the built in Antivirus to disable itself?

I see another note at the end of the quoted text:
(Note, though, that it's possible for a hardware backdoor attack to disable this feature).
Click to expand...

Nothing has really changed in my opinion. People were still able to bypass Antiviruses to infect another's machine, so I don't see a difference as to whether it's built in or just installed. There's still loopholes presumably. To assume that your system or program/application is bulletproof is arrogance. And in the end, it's most likely not.

As soon as you assume something is perfect though, you let your guard down :thumbsup2:
 
Last edited:

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top