From: /m 


===
"As the vendor of Outpost Firewall Pro, we have to install at the
kernel level," said Alexey Belkin, chief software architect at
Agnitum. "In addressing the potential problem of not being able to
install Outpost on new versions of Windows, we have discovered that it is
possible to drill past the new security measures introduced by Microsoft -
if we use the same techniques used by hackers."
===


> Well behaved code that calls system APIs is not affected in any way.

Of course, such "well-behaved [firewall] code" may be able to be
disabled by Microsoft phone-home applications.  That is why it is called
"well-behaved.  :)

I, for one, am glad that Agnitum protects me from that, as well as catching
the phone-home call to Microsoft's stats server every time my W2K PCs boot.
  Other firewalls I have tried to use don't always catch
that phone-home attempt, maybe because they are "well-behaved".... ;)

Microsoft wants to usurp control of my PC, Agnitum is fighting that, trying
to allow me to retain control of my PC.

 /m




On Fri, 28 Jul 2006 19:09:50 -0700, "Rich"  wrote:

>   The sales and marketing guy being quoted is either an idiot or a liar.  The
protection present in x64 systems protects against trojans and other bad
code that attempt to modify the kernel or other kernel mode components. 
Well behaved code that calls system APIs is not affected in any way.  What
makes this guy an idiot or a liar is that using the well documented Windows
API provides the means to remain compatible.  Patching and modifying random
code or data in the kernel or other components is not portable or
compatible from version to version.  Even you, mike miller, should be able
to see this as you have whined in the past when a firewall you used or
liked broke because it did stupid stuff like this.
>
>   As for making it easy for third parties to provide firewalls, Microsoft
makes a significant effort to not only allow for this but it recently made
it much easier with the Windows Filtering Platform
(http://windowssdk.msdn.microsoft.com/en-us/library/ms758462.aspx).
>
>Rich
>
>  "/m"  wrote in message
news:obblc29f5rrr2u0n1ufjep9jg55brsgndn{at}4ax.com...
>
>  ===
>  "Microsoft made a logical move with this attempt to protect Windows
>  against rootkits," said Mikhail Penkovsky, vice president of sales and
>  marketing at Agnitum. "Unfortunately, it doesn't really resolve the
>  problem, and also makes it a great deal more difficult for independent
>  security software developers to be fully compatible with Windows."
>
>  ===
>
>  Windows already has a firewall, why in the world would Microsoft want to
>  make it easy for third parties to install another firewall, one that
>  cannot be bypassed by Microsoft phone-home software?
>
>   /m

--- BBBS/NT v4.01 Flag-5