Yeah, to stop another CrowdStrike, but it’s not a sure thing, yet there’s talk of api’s etc and wouldn’t surprise me if certain companies got a pass.
Comment on Begun the kernel wars have
9point6@lemmy.world 8 months ago
Isn’t Microsoft about to block kernel modules like this entirely? I thought I read that somewhere
sirico@feddit.uk 8 months ago
Korne127@lemmy.world 8 months ago
I hope so much that this will happen.
fartsparkles@lemmy.world 8 months ago
Nope. They’re developing an alternative set of APIs in conjunction with security vendors for their products to use but it’s all still a long way off and will be optional to start with.
Given the volume of mission-critical devices security products are installed on (which the CrowdStrike fuckup highlighted), getting them out of kernel space would be a huge risk reduction for the world.
But an anticheat used by consumers on their personal devices for a game, not such a big deal.
While I’m sure MS will eventually deprecate and then kill off third party kernel drivers, it could take a decade since MS has so much business (both internal and within their customer base) that relies on legacy crap.
four@lemmy.zip 8 months ago
Yep, they’re planning to create a new way to do it, not disable the old way.
And I think that a decade for disabling the old way is optimistic
frezik@lemmy.blahaj.zone 8 months ago
And it’s not like the companies will update old stuff, either. They’ve shown a willingness to forget about old games as soon as the revenue dips too much. The result will be that those games will be unplayable in the future.
fartsparkles@lemmy.world 8 months ago
I have a feeling you’re right about this. I do wish Microsoft would take the Apple approach as Apple steamed ahead with deprecating kernel-mode access.
Love them or hate them, Apple take security a lot more seriously than Microsoft these days and it’s a real shame MS see security architecture as a nuisance rather than a core responsibility of their business.
Passerby6497@lemmy.world 8 months ago
I’m pretty sure the reason behind this is that they treat backwards compatibility as a higher priority in a lot of cases. There are so many odd choices I see in my day to day that I can only explain away by backwards compatibility. It’s part of the reason you see them take forever to depreciate old and insecure protocols until they get an encouragement from a vuln hitting the news.