Gregory's Server@AgreeableLandscape @r000t
The same would happen on Linux.
|
13 comments
@AgreeableLandscape
> Windows doesn't even ask for your password. Just a UAC prompt. Depends on security policy on current machine. Mine for example asks admin password on UAC. @iska @r000t @AgreeableLandscape @r000t Just a UAC prompt Only true when you use admin(root) account. @AgreeableLandscape This is the level you would need to be to start doing really nasty things like keylogging, hiding processes/network/file activity, and generally making your computer gaslight you. This also means it can gaslight any antivirus you may be running. @AgreeableLandscape @r000t @iska @AgreeableLandscape @r000t bit the real question is what will it do and I'm going to use someone else's phone to find out
@AgreeableLandscape @iska @r000t You shouldn't be daily driving an admin account exactly for this reason. Same as root on Unix.
Max out UAC, don't use admin, safe.  @iska @AgreeableLandscape @r000t it's signed by a trusted party, the user is presumably granting the software admin, realistically I don't see what else the OS is supposed to do at that point
at least on linux I can't imagine ever granting a closed source userspace binary cap_sys_module. but I guess there are lots of people running windows who will grant games whatever they demand in order to play  @iska @AgreeableLandscape @r000t Nay, on linux you still need to perform the operation as root. Plus the kernel module API/ABI is not even stable, so you would have to package a different module for almost any combination of distro/kernel version you want to attack @Mek101 @AgreeableLandscape @r000t |
@iska @r000t I'm not sure of that. After all, Linux is infamous for being an absolute pain to install kernel mode drivers, and that's when you WANT to get software into the kernel. That's why it matters so much if a processor or GPU is mainline supported. Meanwhile, Windows doesn't even ask for your password. Just a UAC prompt.