[ros-dev] ReactOS and Viruses

Waldo Alvarez Cañizares wac at lab.matcom.uh.cu
Wed Nov 24 17:15:42 CET 2004 

Hi Rick:
 
Well I don't believe that would be a protection at all against viruses. Why?
 
If I where to write a virus and knowing that reactos has such protection that would not stop me at all. I could simply write a function to calculate the hash in the virus (or simply tell the OS to do it for me) and update such database. Look at windows file protection, virus laugh at it. I think the verification of the PE checksum is enough to tell if a file is corrupt and would be faster wich means a faster load. If you want to know some more about viruses look for the e-zines of 29A on the internet to find out more about the subject. Their articles are as advanced as those in phrack (the latest). I think there is not solution for viruses, users will always do insecure things and viruses will be there waiting for them to do it.
 
Regards
Waldo

________________________________

De: ros-dev-bounces at reactos.com en nombre de Rick Langschultz
Enviado el: Lun 11/22/2004 11:25 p.m.
Para: ReactOS Development List
Asunto: [ros-dev] ReactOS and Viruses


Sun will be releasing Solaris 10 shortly as a commercial product available for purchase. There is a new file system that is 128-bit, and is protected by md5 checksums, I think this is a great idea for reactos. I think before a program executes there should be a binary verifier that checks this checksum and then allows the program to run. This would help in deterring Windows viruses from attaching themselves to reactos binaries. Since ReactOS is open source it will be harder to protect a binary if there is an attack and a malicious user replaces a dll or an exe. Perhaps this can be done using a small xml file or a txt file called md5sums or something. Please let me know what you think.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 4914 bytes
Desc: not available
Url : http://reactos.com:8080/pipermail/ros-dev/attachments/20041124/dbb6a856/attachment.bin

More information about the Ros-dev mailing list