Comments on: Why rootkits and anti-rootkits are irrelevant https://grey-panther.net/2007/02/why-rootkits-and-anti-rootkits-are-irrelevant.html Just another WordPress site Fri, 23 Feb 2007 20:09:47 +0000 hourly 1 https://wordpress.org/?v=6.9.4 By: Cd-MaN https://grey-panther.net/2007/02/why-rootkits-and-anti-rootkits-are-irrelevant.html#comment-849 Fri, 23 Feb 2007 20:09:47 +0000 https://grey-panther.net/?p=897#comment-849 I’m actually using WinXP with a limited account in my day-to-day work. I thought that it would be a hassle but after the initial setup it all went very smoothly. Most of the programs either worked from the start or gave sensible error messages which actually suggested the correct solution. And I have to add that I run many “developer tools” which classically were regarded as the most hard to run in such environments.

PS. The fact that I’m running WinXP should make the problem even harder, because XP doesn’t ask for your password, it just silently fails, but even so I only had to use my bag of tricks (FileMon, RegMon and the new Process Monitor) only once.

]]> By: Anonymous https://grey-panther.net/2007/02/why-rootkits-and-anti-rootkits-are-irrelevant.html#comment-853 Fri, 23 Feb 2007 19:56:12 +0000 https://grey-panther.net/?p=897#comment-853 I agree, using a limited account can stop unauthorized code from getting into ring 0.
But have you ever tried using an OS like windows on a limited user account?
Its not very convenient to do so, every new program that you install will ask for an admin password. Soon you will get tired and move to an admin account.

]]>