I’ve also worked with people that worked on the NT kernel. I couldn’t agree more. Im just waiting for the day someone exploits these anticheat kernal hooks to create the ultimate rootkit. It’ll make crowdstrike look like nothing.
The funny thing is even though it has been done, there’s not even that much of an incentive to do it because Windows on consumer side has so little defense that most attackers opt for lazy premade viruses sold on the darkweb, and Windows on enterprise side is so insanely insecure that the only groups that make high end rootkit level software are usually government backed APTs.
Microsoft also very conveniently avoided making a new filesystem from old ass NTFS because SSDs started popping up around the time Window’s IO operations were clogging every old machine with HDDs.
I remember upgrading from 7 to 8 and the disk IO just sat at a solid 100% at idle lol.
I’m curious, is this due to many unnecessary files operations (due to Windows 8 bloat), or because the file system sucks at scaling up file operations?
Both. WIndows 8 added a ton of unnecessary operations, part in due to the horrendous new PWA system they made to replace all the proven software.
NTFS meanwhile functionally reflects FAT32. It has no proper block allocation algorithm, so files get fragmented and placed in poor locations all over the physical disk. Tools like defraggler became super popular because they provided serious and visible IO gains from defragging your drives.
Compare that to ext4 which only begins to fragment once you hit something like 95%+ capacity.
Every piece of software is vulnerable (or likely vulnerable I guess), but kernel level anti cheat has been around for a while right? Why hasn’t it been exploited yet?
The driver/module, “mhypro2.sys,” doesn’t need the target system to have the game installed, and it can operate independently or even embedded in malware, offering the threat actors a powerful vulnerability that can disable security software.
I will never stop highlighting this because it’s just too funny
Yeah i mean on a level where breaks the kernel and MS is forced to stop allowing these kinds of kernel modifications like they were talking about doing after the crowdstrike incident.
Too much money. I worked on the Windows kernel from minkernel to onekernel. There were massive rewrites with the switch of the CE kernel out for minkernel when Windows Phone was in development. minkernel used to chew through eMMC memory in a few weeks on the first Windows Phone internal dev devices. Microsoft could, rewrite onekernel (I’m assuming they are still on onekernel), if they wanted. I think Windows is a dead man walking.
Microsoft keeps building up Azure Linux. Also they push Windows 365, the cloud based Windows OS for businesses (if I understand correctly). If I’m reading the tea leaves, Windows runs like shit in the cloud and is very expensive. Because of this, companies are switching to Linux containerization for their servers. Even on Azure, Linux is on 60% of the servers. Even I work exclusively on services containerized with Linux, never Windows. If Windows was so good, you’d think it would be the opposite.
Also, Microsoft makes all their money from Cloud, i.e. Linux. Which again is why Azure Linux is getting more and more development. So, imagine if you will, Windows 365 instances suddenly become Azure with a Windows userland ( Windows/Linux, not GNU/Linux). Most users wouldn’t even know. If you had problems, running your software, Microsoft could allow you to drop back to Full Windows. For every Azure Linux instance running as Windows 365, that would be a significant cost savings to Microsoft, especially when everybody does everything in Chrome. If that’s how it all unfolds, why would Microsoft want to put any major engineering dollars towards a kernel rewrite? They do have the money. I just don’t see Microsoft every fixing the kernel root kit situation. It’s 100% in their wheel house though.
There were rumours that windows would become a Linux desktop environment for a while, I can see the business case for it but the migration seems impossible
I wonder about that. I’m probably not thinking of some very important things. Edge, Office, Active Directory, Co-Pilot, a Windows DE, userland programs(could even be GNU+Windows, don’t want to forget notepad and minesweeper), Powershell, DirectX and SDKs. I think they could do it in a year or two. I just figure, if they could improve Windows in the cloud, they would have done it. And they’ve already got a massive head start with Azure Linux.
Maybe it’d be a new “Windows S Mode” situation.
Got a new cheapo laptop? Enjoy our Secure Windows Home Basic (Linux + Windows DE) and install your apps ONLY from the Windows Store (that we made sure run in the new environment)
Need full Windows? Upgrade to Pro.
I wouldn’t hate a closed windows ecosystem on Linux. We would get the kernel patches and more software would work. Even if we didn’t get kernel patches because windows is scummy and ignores the gpl, a common abi would still be amazing
I’ve also worked with people that worked on the NT kernel. I couldn’t agree more. Im just waiting for the day someone exploits these anticheat kernal hooks to create the ultimate rootkit. It’ll make crowdstrike look like nothing.
You mean when EA’s new owners do that exact thing?
Don’t even try to argue that they won’t. They have never had any external repercussions for anything they’ve ever done.
The funny thing is even though it has been done, there’s not even that much of an incentive to do it because Windows on consumer side has so little defense that most attackers opt for lazy premade viruses sold on the darkweb, and Windows on enterprise side is so insanely insecure that the only groups that make high end rootkit level software are usually government backed APTs.
Microsoft also very conveniently avoided making a new filesystem from old ass NTFS because SSDs started popping up around the time Window’s IO operations were clogging every old machine with HDDs.
I remember upgrading from 7 to 8 and the disk IO just sat at a solid 100% at idle lol.
I’m curious, is this due to many unnecessary files operations (due to Windows 8 bloat), or because the file system sucks at scaling up file operations?
Both. WIndows 8 added a ton of unnecessary operations, part in due to the horrendous new PWA system they made to replace all the proven software.
NTFS meanwhile functionally reflects FAT32. It has no proper block allocation algorithm, so files get fragmented and placed in poor locations all over the physical disk. Tools like defraggler became super popular because they provided serious and visible IO gains from defragging your drives.
Compare that to ext4 which only begins to fragment once you hit something like 95%+ capacity.
Every piece of software is vulnerable (or likely vulnerable I guess), but kernel level anti cheat has been around for a while right? Why hasn’t it been exploited yet?
It has been exploited before
I will never stop highlighting this because it’s just too funny
Yeah i mean on a level where breaks the kernel and MS is forced to stop allowing these kinds of kernel modifications like they were talking about doing after the crowdstrike incident.
Isn’t that what always happens, though, that they only talk about changing things?
Too much money. I worked on the Windows kernel from minkernel to onekernel. There were massive rewrites with the switch of the CE kernel out for minkernel when Windows Phone was in development. minkernel used to chew through eMMC memory in a few weeks on the first Windows Phone internal dev devices. Microsoft could, rewrite onekernel (I’m assuming they are still on onekernel), if they wanted. I think Windows is a dead man walking.
Microsoft keeps building up Azure Linux. Also they push Windows 365, the cloud based Windows OS for businesses (if I understand correctly). If I’m reading the tea leaves, Windows runs like shit in the cloud and is very expensive. Because of this, companies are switching to Linux containerization for their servers. Even on Azure, Linux is on 60% of the servers. Even I work exclusively on services containerized with Linux, never Windows. If Windows was so good, you’d think it would be the opposite.
Also, Microsoft makes all their money from Cloud, i.e. Linux. Which again is why Azure Linux is getting more and more development. So, imagine if you will, Windows 365 instances suddenly become Azure with a Windows userland ( Windows/Linux, not GNU/Linux). Most users wouldn’t even know. If you had problems, running your software, Microsoft could allow you to drop back to Full Windows. For every Azure Linux instance running as Windows 365, that would be a significant cost savings to Microsoft, especially when everybody does everything in Chrome. If that’s how it all unfolds, why would Microsoft want to put any major engineering dollars towards a kernel rewrite? They do have the money. I just don’t see Microsoft every fixing the kernel root kit situation. It’s 100% in their wheel house though.
There were rumours that windows would become a Linux desktop environment for a while, I can see the business case for it but the migration seems impossible
I wonder about that. I’m probably not thinking of some very important things. Edge, Office, Active Directory, Co-Pilot, a Windows DE, userland programs(could even be GNU+Windows, don’t want to forget notepad and minesweeper), Powershell, DirectX and SDKs. I think they could do it in a year or two. I just figure, if they could improve Windows in the cloud, they would have done it. And they’ve already got a massive head start with Azure Linux.
Maybe it’d be a new “Windows S Mode” situation.
Got a new cheapo laptop? Enjoy our Secure Windows Home Basic (Linux + Windows DE) and install your apps ONLY from the Windows Store (that we made sure run in the new environment)
Need full Windows? Upgrade to Pro.
I wouldn’t hate a closed windows ecosystem on Linux. We would get the kernel patches and more software would work. Even if we didn’t get kernel patches because windows is scummy and ignores the gpl, a common abi would still be amazing
“common abi”? Like embracing?