Random ramblings: "Defeating Windows Driver Signature Enforcement #1: default drivers"http://j00ru.vexillium.org/?p=1169
@aionescu regarding swap/hiber file protections - fair point, but it's rather redundant for security without ring-3 access anyway, right?
-
-
@j00ru you could duplicate the handle to pagefile.sys in the past and screw with it. Also helps against offline attacks. -
@aionescu there is/was ever in the past a pagefile.sys handle in any usermode process that you could duplicate? -
@j00ru admin could duplicate system handles :) -
@aionescu oh! funny :)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.