Win 11 system requirements and compatibility talk

Started 5 months ago | Discussions thread
abelits
abelits Contributing Member • Posts: 810
Re: Will security requirements help with ransomware protection?

Sean Nelson wrote:

abelits wrote:

Billiam29 wrote:

The only means I could ever see being possible for OS protection against ransomware would be to restrict file system access only to code-signed executables.

It won't work. If all executables (really executables and libraries) are signed, then vulnerable executables that are present on the system must be signed, too. So whenever any vulnerability is exploited, file access is open.

Ah, but now you know exactly where that executable came from and whether or not to trust it.

Once the data is written, you have no idea how exactly it happened. Some systems keep audit log of all accesses, however that requires enormous amount of space, and those records, too may not be reliable once the system is compromised.

If such solutions are considered acceptable, It would be much easier to create a "write-only" file system where all files, once written, are read-only and immutable. That would create less trouble for the users and take up less space, too.

That would be a huge step. Unfortunately it might rule out a lot of useful software from nonprofessional sources.

It would be worthless because vulnerabilities will be still there.

 abelits's gear list:abelits's gear list
Fujifilm X-Pro1 Fujifilm X-T2 Fujifilm XF 35mm F1.4 R Fujifilm XF 14mm F2.8 R Fujifilm XF 18-55mm F2.8-4 R LM OIS +16 more
Post (hide subjects) Posted by
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
Keyboard shortcuts:
FForum PPrevious NNext WNext unread UUpvote SSubscribe RReply QQuote BBookmark MMy threads
Color scheme? Blue / Yellow