65
submitted 3 months ago by Beaver@lemmy.ca to c/canada@lemmy.ca
you are viewing a single comment's thread
view the rest of the comments
[-] cyberpunk007@lemmy.ca 1 points 3 months ago

I see. How effective is a security tool that can't stop malicious software that makes itself in ring 0?

[-] Yaztromo@lemmy.world 1 points 3 months ago

You don’t have to run in Ring 0 to detect events occurring in Ring 0.

Besides which, as kexts are being obsoleted by Apple getting code to run inside Ring 0 in macOS that isn’t from Apple itself is going to be extremely difficult.

[-] cyberpunk007@lemmy.ca 1 points 3 months ago

Right, but part of the appeal of tools like crowd strike and sentinelone is that they can stop them when they're in ring 0. And rollback changes. Etc.

this post was submitted on 03 Aug 2024
65 points (92.2% liked)

Canada

7185 readers
314 users here now

What's going on Canada?



Communities


🍁 Meta


🗺️ Provinces / Territories


🏙️ Cities / Local Communities


🏒 SportsHockey

Football (NFL)

  • List of All Teams: unknown

Football (CFL)

  • List of All Teams: unknown

Baseball

Basketball

Soccer


💻 Universities


💵 Finance / Shopping


🗣️ Politics


🍁 Social and Culture


Rules

Reminder that the rules for lemmy.ca also apply here. See the sidebar on the homepage:

https://lemmy.ca


founded 3 years ago
MODERATORS