On 12/13/05, Kenneth R. van Wyk <[EMAIL PROTECTED]> wrote: > The detection mechanism seems to primarily be looking primarily for non-OS > software modifying OS inhabited memory blocks. Wonder how they're definining > (and maintaining the definition) of each... I also wonder how it'll impact > near-OS software installations like, say, device drivers, authentication > plug-ins, and other things that need to poke pretty deeply into the OS in > order to install.
I have to admit, when I initially read about this I immediately dismissed it as nothing but marketing hype -- what little details they gave for the solution seemed to me to be less than practical and certainly would have issues adapting to targeted attempts to deceive the mechanism. I'd love to hear other peoples thoughts on the matter. -- rjf& _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php