65
submitted 3 months ago by Beaver@lemmy.ca to c/canada@lemmy.ca
you are viewing a single comment's thread
view the rest of the comments
[-] cyberpunk007@lemmy.ca 1 points 3 months ago

I see. How effective is a security tool that can't stop malicious software that makes itself in ring 0?

[-] Yaztromo@lemmy.world 1 points 3 months ago

You don’t have to run in Ring 0 to detect events occurring in Ring 0.

Besides which, as kexts are being obsoleted by Apple getting code to run inside Ring 0 in macOS that isn’t from Apple itself is going to be extremely difficult.

[-] cyberpunk007@lemmy.ca 1 points 3 months ago

Right, but part of the appeal of tools like crowd strike and sentinelone is that they can stop them when they're in ring 0. And rollback changes. Etc.

this post was submitted on 03 Aug 2024
65 points (92.2% liked)

Canada

7236 readers
415 users here now

What's going on Canada?



Related Communities


🍁 Meta


🗺️ Provinces / Territories


🏙️ Cities / Local Communities

Sorted alphabetically by city name.


🏒 SportsHockey

Football (NFL): incomplete

Football (CFL): incomplete

Baseball

Basketball

Soccer


💻 Schools / Universities

Sorted by province, then by total full-time enrolment.


💵 Finance, Shopping, Sales


🗣️ Politics


🍁 Social / Culture


Rules

Reminder that the rules for lemmy.ca also apply here. See the sidebar on the homepage: lemmy.ca


founded 4 years ago
MODERATORS