You are viewing a single thread.
View all comments View context
1 point

Doesn’t really matter, it was the EU regulators that ultimately nixed the API approach saying it would be anticompetitive. I mostly blame the EU for why crowd strike could happen in the first place and why there’s kernel level anti cheat.

permalink
report
parent
reply
4 points

That’s bullshit. Microsoft wanted to force others to use an API, while keep using kernel level access for Defender (which for enterprise use is a paid product). That’s text book anti competitive. Nobody ever had a problem of Microsoft rolling out and enforcing an API for that if they restrict their own security products to that API as well.

permalink
report
parent
reply
1 point

At this point I don’t want anything to have kernel level access other than the OS and some necessary hardware drivers. I’m not super familiar with MacOS, but do you know if Gatekeeper or XProtect run at ring 0? If they do run at ring 0, would you consider that anticompetitive? I’m almost certain Apple will move or did move to depreciate kernel extensions. Which means it would be the same situation Microsoft wanted to force as you described.

The other argument with Defender is you could at least have a choice to use it or not.

permalink
report
parent
reply
0 points

I’m not super familiar with MacOS, but do you know if Gatekeeper or XProtect run at ring 0?

Gatekeeper does mainly signature checking. XProtect does signature checking on an applications first launch. Both of those things would be pretty stupid to implement in ring 0, so I’m pretty sure they are not.

If they do run at ring 0, would you consider that anticompetitive?

No, as they’re not doing any active monitoring. They’re pretty much the “you downloaded this file from the internet, do you really want to run it?” of MacOS.

I’m almost certain Apple will move or did move to depreciate kernel extensions. Which means it would be the same situation Microsoft wanted to force as you described.

That is indeed the case, but I’m not aware of any Apple products relying on being a kernel extension. Apple is facing action from the EU for locking down devices from device owners, though - mainly applying to phones/tablets. On Macs you can turn pretty much everything off and do whatever you want.

The other argument with Defender is you could at least have a choice to use it or not.

Without providing a proper API Defender (both the free one, and the paid one offering more features) would be able to provide more features than 3rd parties. Microsoft also wouldn’t have an incentive to fix the APIs, as bugs don’t impact them.

The correct way forward here is introducing an API, and moving Defender to it as well - and recent comments from Microsoft point in that direction. If they don’t they’ll probably be forced by the EU in the long run - back then it was just a decision on fair competition, without looking at the technical details: Typically those rulings are just “look, you need to give everybody the same access you have, but we’ll leave it up to you how to do it”. Now we have a lot of damage, so now another department will get active and say “you’ve proven that you can’t make the correct technical decision, so we’ll make it for you”.

A recent precedent for that would be the USB-C charger cable mandate - originally this was “guys, agree on something, we don’t care what”, which mostly worked - we first had pretty much everything micro USB, and then everything USB-C. But as Apple refused the EU went “look, you had a decade to sort it out, so now we’re just telling you that you have to use USB-C”

permalink
report
parent
reply

Games

!games@sh.itjust.works

Create post

Video game news oriented community. No NanoUFO is not a bot :)

Posts.

  1. News oriented content (general reviews, previews or retrospectives allowed).
  2. Broad discussion posts (preferably not only about a specific game).
  3. No humor/memes etc…
  4. No affiliate links
  5. No advertising.
  6. No clickbait, editorialized, sensational titles. State the game in question in the title. No all caps.
  7. No self promotion.
  8. No duplicate posts, newer post will be deleted unless there is more discussion in one of the posts.
  9. No politics.

Comments.

  1. No personal attacks.
  2. Obey instance rules.
  3. No low effort comments(one or two words, emoji etc…)
  4. Please use spoiler tags for spoilers.

My goal is just to have a community where people can go and see what new game news is out for the day and comment on it.

Other communities:

Beehaw.org gaming

Lemmy.ml gaming

lemmy.ca pcgaming

Community stats

  • 6.4K

    Monthly active users

  • 3.4K

    Posts

  • 18K

    Comments

Community moderators