25 Nov
2004
25 Nov
'04
9:15 p.m.
Hi Thomas:
There are some parts of your e-mail that I can't understand but I believe you try to
give some kind of solution. And yes I think is correct at some point, I was wondering once
about that, to do the same with native applications as for example what is done with java
applets running in the browser. Containing them to some set of files. I think that yes it
would be good to prevent applications corrupting other files and such things. And in fact
could be great for advanced users But ...
1 - That is not a solution for viruses, there are kernel mode virus and trojans I wonder
how that can get there. At the end human intelligence can't be stopped that easy and
of course the opposite also happens, ignorance could be huge. I wonder how a virus like
the I love you that can be written in a couple of minutes could spread that far. Believe
me that won't work.
2 - That should not be enabled by default, sometimes if you present a password to users
they will get lost. That happened to some users that switched from win98 to an NT based
one. That was news, and was true. With the solution you propose there will be a lot that
will press the Yes. Eh I even know ppl that click whatever they please when a message box
appears.
Regards
Waldo
________________________________
De: ros-dev-bounces(a)reactos.com en nombre de Thomas Larsen
Enviado el: jue 11/25/2004 12:42
Para: ReactOS Development List
Asunto: RE: [ros-dev] ReactOS and Viruses
Hi why would it be a could a idea simply becures we eliminate a lot of old viruses but we
could
allso make a function theire hold all exe files from execute when they contain some
strange
command f.eks the delete or format funtion or some other stuff or some kind of database
and the
send a signal out
Maybe
Reactos->MaybeVirusFile(Filename,Path);
VirusApps<-TestingFile(Filename,Path);
Ekstra Idea:
And a funtion to Stop new apps from run (REGEDIT RUNAPPS etc.)
Some New viruses use that way to start all the time and the user could be asked
NEW APP STARTING UP
RUN THE APP [X] DISMISS THE APP [ ] VIRUS TEST APP [ ]
Information about file
NEWER SHOW AGAIN [X]
And then make a group of apps that run i secure mode FOLDER SECURERUN
and then make a group of apps that run i unsecure mode FOLDER UNSECURERUN
So those in SECURE can´t change the reg and delete file e.g.
don´t know just and idea
but think people should care more about getting reactos to work...
Thomas
Hi Rick:
Well I don't believe that would be a protection at all against viruses. Why?
If I where to write a virus and knowing that reactos
has such protection that would not stop me
at
all. I could simply write a function to calculate the
hash in the virus (or simply tell the OS to
do it for me) and update such database. Look at windows
file protection, virus laugh at it. I
think the verification of the PE checksum is enough to tell if a file is corrupt and would
be
faster
wich means a faster load. If you want to know some more about viruses look for the e-zines
of 29A
on the internet to find out more about the subject.
Their articles are as advanced as those in
Waldo
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.com
http://reactos.com:8080/mailman/listinfo/ros-dev
27 Nov
27 Nov
11:19 a.m.
New subject: ReactOS and Viruses
ill try to make a virus engine like the program autochk maybe integrate it in to it that
ill think
would be the best solution
that could be a program that just started automatic from time to time or when asked in the
boot
menu "Ros /Fastdetect /Viruscheck and it that case reactos apps should be marked with
a special ID
generated from its size and name then the virus vendors could not just make a program
witch do it
for them when new apps where to startup and new drivers where installed or system files
changed
that would make the engine start if any think thats an could idea of course
a other idea is to split files 32bit / 16bit
e.g. shell32.dll
could be shell32.dll and shell16.dll
where shell32 ref to
theoldfunction=shell16.someoldfunction
that would make newer apps faster il think insted of just making a large heavy
file that sheems stubid to me cuz the os read the hole file into mem.
a other idea is when we had made the SUBSYSTEM Playstation or other
BOOTMENU
REACTOS
REACTOS GAMING NATIVE
REACTOS GAMING PLAYSTATION etc.
ppl could get a new interface for gaming insted of explorer and all that other useless
stuff
so they just get a allmost empty interface with all the game icons and a submenu where
play and
uninstall appear think of PLAYSTATION or GAMECUBE just press play :-) could allso make
and
suboption on the login screen but that destroy some of my idea..
just some idea�s i got like it or not plz let me no or put some into it is allso welcome
sry about
my not so clean english just a dane and still learning
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - Get yours free!
http://my.yahoo.com
7340
days inactive
7342
days old
1 comments
2 participants
participants (2)
-
Thomas Larsen -
Waldo Alvarez Cañizares