Sujet : Re: Stealing a Great Idea from the 6600
De : cr88192 (at) *nospam* gmail.com (BGB)
Groupes : comp.archDate : 30. Jul 2024, 04:40:39
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <v89nbp$s6m5$1@dont-email.me>
References : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
User-Agent : Mozilla Thunderbird
On 7/29/2024 8:40 PM, Lawrence D'Oliveiro wrote:
On Mon, 29 Jul 2024 12:31:27 -0500, BGB wrote:
Would be nice if, maybe they could add a white-list or something so that
it can stop checking files it has already looked at recently (and which
have not changed).
Any kind of exemptions from checking will sooner or later be exploited by
some piece of malware.
If a file's contents can change without something going through the filesystem APIs to change it... The system is already compromised.
If a file has not been modified, and was already confirmed good, you don't really need to verify it again...
Like, generally, "stdio.h" or similar isn't just going to randomly turn into a piece of malware on its own.
Similarly, when trying to build something like LLVM, one generally ends up with 'ld' trying to eat all the RAM, while Defender and AVG sit around trying to eat the CPU.
...
Re: Stealing a Great Idea from the 6600
Re: Stealing a Great Idea from the 6600