With the current model kernel level access is required. Real security products have to be able to operate above userland. Ideally in the future there can be a layer in between userland and kernel for this sort of thing. Maybe we use some of those extra protection rings?
You could, and in fact this is what Microsoft wanted to do. The EU said that they couldn't.
And the reason why not is simple. Anything that Microsoft thinks is a good thing to add to the API, they'll add for themselves. When the new API is released, their software is released with it. This gives them a competitive advantage over competitors who have to wait for Microsoft to have the idea that they want, and then scramble to implement it after Microsoft does.
The EU is suspicious of this for the simple reason that Microsoft has a several decade history of doing exactly that. Repeatedly. My favorite example being the release of Windows 95 with Microsoft Word available at the same time, and with WordPerfect unable to run. By the time WordPerfect had figured out how to port their software to Windows 95, they were no longer the market leader.
> Windows 95 with Microsoft Word available at the same time, and with WordPerfect unable to run
That is somewhat revisionist history. WordPerfect admitted at the time they saw OS/2 as the future and were focused on that. Only in hindsight did they realize OS/2 was going nowhere (too bad, it was better than 95) and had to rush to get a WordPerfect for 95. Worse for them, they wrote each release of WordPefect in platform specific code (mostly assembly) so it wasn't a case of port to 95 it was a case of start over mostly from scratch.
Yes WordPerfect lost to Word with 95 - but it was bad decisions on WordPerfect's part. They had opportunity to get WordPerfect on 95 much faster. I don't know if it would have been fast enough, but they didn't even try until it was too late.
The use of platform specific code was a performance necessity at the time, everyone did it. Part of the promise of Windows 95 was that it could run your Windows 3.1 programs. They bent over backwards for a ton of programs, but not WordPerfect. Microsoft also had an early access program to Windows 95. WordPerfect applied for it - and was denied access. After that the OS/2 bet was their only real hope.
The truth is that Microsoft had a long and documented history of using one monopoly to leverage into another. Over and over again they lost antitrust lawsuits, but internally regarded them as speeding tickets on the way to greater monopoly power. This history showed up in court. The internal documentation on the WordPerfect case showed up in the Netscape case, and is part of why Mocrosoft won.
It wasn't until the EU started charging Microsoft over $400 million per day for noncompliance in 2006 that Microsoft's attitude started to change. Now I see them as just normal big guys with a worse than average history. But back in the 90s and early 2000s? They EARNED the title of "evil empire".
There is another point to consider here. The state of anti-virus solutions before Microsoft released Defender was horrible (probably still is).
It was full of ad infested solutions, which would crash your computer from time to time.
Defender at least was reasonably performant and tended to be stable.
You could say that since they had access to kernel source, they were better informed, but I guess if there was an API, the provided documentation would solve the issue (not necessarily, not everyone bothers to read the docs).
But then you get back on how to enforce equal and open access for everyone (the EU did try to make Microsoft open the Word file format, but turned out it was so complicated and documented in legacy code only, that Micorsoft had trouble giving useful docs)
Yes. Defender was legitimately better than the alternatives. In fact no AV at all was better - which is something that I learned from Google's Project Zero.
This is why tech conglomerates are anti-competitive and need to be broken up. There is no reason a leading operating system company should be allowed to also be a word processing, video conferencing, and music-selling company. They will leverage their control of the operating system business to gain unearned competitive advantage in the unrelated markets.
> There is no reason a leading operating system company should be allowed to also be a word processing, video conferencing, and music-selling company.
If I write a new OS how will you force the "word processing, video conferencing, and music-selling" companies to write code for it? If they don't write the above my OS is worthless, but if my OS fails in the market anyway they just wasted a lot of money. This is why OS companies tend to have the other things, their OS cannot exist in a vacuum and the only way to ensure they have those needed tools is to write them themselves.
That only works if you are big enough. If you are BeOS trying to get your new better OS going you don't have the power to make any deals. For that matter Microsoft wasn't big enough, WordPerfect was going after IBM's OS/2.
The case brought to light an Oct. 3, 1994 memo from then-Microsoft CEO Bill Gates, who indicated that Microsoft should withhold namespace extension APIs in Windows 95 from its competitors, WordPerfect and IBM, in order to gain market advantage for Microsoft Word.
In other words, your revisionist history is wrong. Microsoft really was big enough. We know that because WordPerfect asked for early access to Windows 95. It was Microsoft who turned them down. (And no, I don't believe Gate's testimony about security. I think that Gates was bamboozling the judge, and the judge bought it.)
(I had misremembered which court case brought that memo to light. But regardless, it was obvious to the whole industry at the time. Incidentally this memo came while Microsoft was under a consent decree signed on July 25, 1994 with the Justice Department to not try to maintain their monopoly by tying specific products to Windows. Technically, they didn't here, but they were walking the line. They crossed the line with IE though, and that later resulted in the Netscape loss.)
As for BeOS, the question was how a LEADING operating system company was supposed to cope with getting software for the next version of their OS. No matter how many good things we can say about BeOS, they never got to the point of being a leading operating system company.
The way I see it, Microsoft sells some antivirus software, and also gets to decide who is allowed or not to compete with their antivirus software, by providing or denying access to the API. Obviously unfair.
I think anti-virus should be part of the core os. This does kill all third party vendors - good riddance to most of them, sorry if there is one that isn't evil (I'm not aware of it)
Once the AV vendors exist, killing them, especially by Microsoft, is clearly anticompetitive.
If you could prevail on a government to decide that, maybe it could work.
One thing I see, is that AV has a component of maintaining a DB of signatures of bad things. This does not seem at all the job of the core os. Would the Debian team maintain such a DB?
It happens all the time that the big companies take something in house and kill a market. The car radio market is all but dead now that manufactures ship decent radios.
Interesting! I guess there's no way to fix this with further regulation either, since it would be some work to prove MS had access to the API contracts before they released them.
The ultimate lesson then is to stop using MS stuff.
I think it's kind of ridiculous to then blame the regulators for the fact that Microsoft decided not to go ahead with a more competitor-friendly design.
The fact that Microsoft abandoned it as soon as a regulator pointed out how anti-competitive the design of the API was makes you wonder what Microsoft's true intention was. To me that implies the anti-competitive design was its main feature and to Microsoft it would've been pointless to continue without it.
Maybe. Not working at MS I can't say what their reasons were.
But another way of looking at this would be that perhaps they wanted to be the beta testers of the API themselves because opening it up would have been a maintenance liability for the company. Microsoft tends to be pretty good about backwards compatibility in ways that Apple is not.
We also don't know that these APIs were cancelled, they may make it into future versions of windows.
Indeed it's executed via a Jit on something like a VM. However it can still, make your system quite disfunctional if, e.g., all filesystem or network calls are blocked.
The version of the CrowdStrike sensor that caused kernel panics on RHEL/Rocky was using eBPF. It living in eBPF doesn't mean it can't cause system instability.
And as mentioned elsewhere, an eBPF module behaving badly but in valid ways can still make your system pretty unusable.
Until I started working at a SaaS company shipping to Windows enterprise customers I thought PowerShell wasn't used by anyone. Now I see it all the time. It's not fantastic, but if you're in the Windows world it beats writing CMD scripts.
As an end user though I imagine most people use bash or some other unix-world shell, especially post WSL. The "Git Bash" distribution is surprisingly useful as an everyday Windows shell.
You can install any scripting language, you can use Python or Lua for instance. PowerShell has a good integration with the OS, however and you don't need to install other tools if you want to download something or make a web request, for example.
Some organization's policies prohibits the installation other interpreters. Not because they're different interpreters; the policy is only the bare absolute minimum for that specific server to accomplish that role gets installed. Reasoning being that the more software you stuff into any server, the more chances that something that isn't supposed to be there has to get into the software supply chain.
So if Powershell (which is inbuilt in Windows) can do everything that python does, even if it's harder and clunkier to work with, guess what you're stuck with.
But does it beat curl? The main sellong point of bash is git and curl nowdays. Developer tools can craft curl invocations for web requests. Can they do powershell snippets?
UPD: I've just checked it and yes - Chromium developer tools can produce PowerShell snippets. Good.
I haven't profiled our Windows kernel driver across different kernel versions (maybe I should!) but I'd like to offer this perspective: the kernel is incredibly stable from my driver development point of view. The biggest reason we ship different drivers for Windows 7/8/10 is just that newer WDKs don't support anything older than 10. The kernel has remained remarkably consistent while still offering new features we can take advantage of on non-legacy systems.
I don't know why "incredibly stable" is such a remarkable thing, the whole point of an operating system and a kernel is to offer a stable API to write your applications against.
>I don't know why "incredibly stable" is such a remarkable thing
It's remarkable when you look at the landscape of Linux and Mac device drivers.
Can you run non-kernel drivers for Linux 2.6 on 6.6? Can you install a device driver from 2007 on a modern MacOS? Well, many Windows 7 drivers also work on 11. That's stability.
That's kind of the point I'm trying to make here, an operating system and kernel is supposed to provide you with something stable to build on. It's its raison d'être. Should the stability of a bridge be considered remarkable? No, it's an entire engineering discipline to making stable bridges, because an unstable bridge is useless. The same goes for an operating system and kernel.
> I can use Windows drivers from Windows XP era. Try that on Linux.
Linux has a model where all drivers should live in-tree; if we account for that, then yes, most devices that worked on Linux in 2001 will work on Linux today.
> And I can run any win32 binary, regardless how old is it. Try that on Linux.
Yes, Linux also has excellent compatibility with old win32 binaries. This is partially a joke and partially not.
I've often read that, but in my experience it's not true. Drivers before 7 don't work on 7+. Exes from win XP era often fail to run, even with the compatibility modes offered by the OS. Heck, the only times I used compatibility modes where as workarounds for binaries that didn't exist when XP support had already ended...
I thought that Windows 10+ after a certain build made signed drivers mandatory without safe mode or other workarounds? I know I’ve tried Windows 7 drivers for some things and ran into that issue.
I'm talking about the kernel space itself, not the APIs exposed to userland to interface with the kernel from your application. Internal APIs and behaviors are mostly identical over the past ~20 years, and any changes are usually moved to a new export. I don't think this should be taken for granted.
A fair amount has been changed or added, I'd say. I recommend the Windows Internals book if you're interested in learning about the Windows kernel. The 7th edition just came out.
That's fair. My comment is not well-informed with regard to whatever has happened in the last 10 years.
The impression I formed back in the late-2000s and early 2010s when I was doing this type of development was that there was very little change in the low-level NT kernel. I actually don't think this is a bad thing; going from XP to Vista was a breeze because nothing about the driver APIs changed in the slightest, and Microsoft even provided a bunch of new filesystem examples with the Vista DDK.
Oh you're totally right about the driver APIs. A fair amount has been added, but that stuff gets a new export to avoid breaking anything. For example, there's a dozen different `ExAllocate`s now. I wouldn't call myself a driver-writing expert but I'm sure that same driver for Vista could be made to target Windows 10 with little effort.
Alignment could definitely be a challenge. Perhaps a better personal solution would be to write something to combine two fonts in a way that also solves alignment. Not a very "accessible" solution but definitely easier.
pannen's commentated videos are always a treat. He started uploading again this year after a long hiatus (that started after this video) and I can't wait for more.
If you're interested in Super Mario 64 speedruns, the video[0] "The Story of the Greatest Super Mario 64 Speedrunners" is great.
Linux desktop users specifically don't have to worry about malware or ransomware until it gets significant usage. Just like people used to say Macs don't get viruses until enough people used them.
Last time I checked (could be very out of date) Linux doesn't have any way to enforce code signing requirements, even in the kernel.
The difference might be that workers have an interest in maintaining the business so they still have well paid jobs while CEOs do not necessarily have an interest in unions' well-being.
Cool and depressing. I had a preview of this feeling in the 1990's:
I went to a Nuclear Emergency Response Team (NERT) office at a base in Canada to pick up some radio equipment.
They had a wall map in there showing the base as ground zero with concentric circles covering most of the surrounding area and each ring had notes scribbled in them.
I took a quick look and didn't know what the notes meant, but my apartment was well within the annotated area....damn.
