<sigh> I can tell by your reply that you did not even understand what was written there. I don't reply here for your sake, but rather the other readers who might be interested.
LOL Are you ready??
>> The key to understanding Windows rootkits is understanding that Windows rootkits don't have to 'get root'.
That is flat out wrong. Period.
A rootkit installs itself as a driver on any NT kernel systems. To do this however you have to be in the administrator group.
The issue is not the windows kernel or anything about windows actually. They problem is that all users, are by default, administrators. All the time.
Well, you've already contradicted that big bold statement, so the LOL is on you.
On the one hand you say it's wrong... then on the other hand you confess that —by default —all users are admins all the time. "Admin" in the case of Windows is? anyone? anyone? Bueller?
root. Right.
That's exactly what the author meant by not having to "
get" root.
Get it yet?
That's why inserting a CD from Sony was enough to get pwned w/o a password request.
That's why Windows updates online happen without user participation. Your OS is pwned.
On Mac and Unix, hackers need to "get" root... it isn't available to them by design.
That entire article is a buncha crap actually. It tries to explain it all by talking about unix file permissions. Unix has basically a 3x3 matrix for ever file on the computer. User, Group, Everyone by Read, write and execute. Windows NT has however access control lists. when are far far more more power than unix permissions. In windows, admins and specify PER-USER access controls. Example - Users have full control except for John who only has write control. Admins can read and write but not execute (security precaution), but user "jane" can also read the file. You cannot do this in Unix file system.
You are wrong. ACLs have been implemented in Unix for quite a while now. Where did you think Windows got them from?
Do you even use Mac OS X? Don't you know we have ACLs too? How can you post such ridonkulous mistakes and then try to call that article a "buncha crap". Obviously you aren't qualified to render judgement on something you yourself don't even grasp.
You don't seem to get that Windows
needs ACLs
precisely because it *
inherently* lacks the provisions for that "3x3 matrix" as you call it. ACLs don't add power (lol), they add flexibility.
There ain't a single ACL down in OSX's system because
-rwx------ root wheel
is already *enough* to totally
stop anyone that isn't root (along with similar perms on the parent folder). No ACL necessary. Windows
needs ACLs because getting root is a piece of cake. You get pwned because "ownership" isn't a part of its vocabulary
deep down where it counts.
Now... what does it take to manipulate ACLs on Windows? Again, any hacker that gets in is going to know how to shoo them away... because the underlying structure itself doesn't grok basic ownership & privileges, and thus will allow those ACLs to be tweaked. ActiveX... system control in any document? Super. VBScript? Thank you very much.
LOLOLOLOLOLOLOL this is great ... again also not true. Idk about you but I kind prefer right clicking a program and selecting "run as administrator" over going into a terminal and typing out commands. Let me tell you ... much better than right click menus.
Again, you misunderstand the article's point while simultaneously proving you don't know that OSX has other ways of granting authorization. Most such password requests appear
automatically when the user performs the questionable action. If you want a real good "LOL" just read your own post.
Oh and BSoD ... because macs never have kernel panics. It is just as easy to write a ****** driver for OSX and it is for windows.
Yeah right, it's just as easy to
"write" one.
Installing it is another matter.
Better hit the books friend, you need it.
