@j00ru There was another important (and much more secure change after IsGameOver()) -- page hash/signing for the hibernation and swap file.
-
-
-
@aionescu regarding swap/hiber file protections - fair point, but it's rather redundant for security without ring-3 access anyway, right? -
@j00ru you could duplicate the handle to pagefile.sys in the past and screw with it. Also helps against offline attacks. -
@aionescu there is/was ever in the past a pagefile.sys handle in any usermode process that you could duplicate? -
@j00ru admin could duplicate system handles :) -
@aionescu oh! funny :)
End of conversation
New conversation -
-
-
@j00ru very interesting reading for Saturday's night! :) -
@NTarakanov Good to hear, I'm going to sleep :P
End of conversation
New conversation -
-
-
@j00ru interesting sunday morning light reading :)Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
RT
@j00ru Random ramblings: "Defeating Windows Driver Signature Enforcement #1: default drivers"http://j00ru.vexillium.org/?p=1169Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@j00ru by posting this info, You've just exploded info bomb! I like such activity :) keep it upThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.