The bias was against Microsoft's security and the article didn't
even bother to mention Microsoft's WIndows Defender in its
crticism.
Marc Sims
Data Technician I
Prince George's Community College
>>> [EMAIL PROTECTED] Tuesday, October 10, 2006 >>>
----- Original Message -----
From: "Carl Houseman" <[EMAIL PROTECTED]>
Sent: Tuesday, October 10, 2006 11:09
> The circumstances are clearly spelled out. It's called "hooking a kernel
> API". The reasons for antivirus software doing that are clearly
> explained.
> It's not necessary for this guy to itemize every product that will be
> affected by it.
>
> As to the debate over Patchguard, it remains to be seen if that will be
> effective at blocking malware. I would guess not, since it's said that
> malware can bypass it. If anything, it will push malware to use rootkits
> more often, and that's not a Good Thing, even though though they were
> headed
> that way anyway. What Microsoft needs to do next is concentrate on
> "RootkitGuard".
>
I agree, I don't see the bias Marc mentions.
I came away with the conclusion that MS should provide a built-in means of
accomplishing the heuristical behavior detection that the 3rd parties have
been providing in prior OSes. Either that or they need to allow a 3rd party
solution to "examine" the API calls being made so as to continue to provide
this service.
Regards,
*************************************
Rick Cogan from Melbourne, FL
[EMAIL PROTECTED]
--
----------------------------------------
To Change your email Address for this list, send the following message:
CHANGE WIN-HOME your_old_address your_new_address
to: [EMAIL PROTECTED]
Note carefully that both old and new addresses are required.
