Windows Feature Request (heh)

[Ultraviolet]

Why the fuck isn't there an option to FORBID certain executables from being run and certain DLL's and shit from being loaded by RUNDLL and SVCHOST? It should be there. It could be used to prevent a FUCKTON of viral outbreaks and such.

[Arioch]

If Microsoft did that then people would complain that they're somehow intending to prevent legitimate competing software makers from running their programs. For Microsoft this is a lose-lose scenario.

XPsp2 is doing a lot of things in moving in the right actual direction WRT guarding against worms and spyware, tho.

[DaJuice]

If users had control over which non-windows native exes and dlls could be loaded how could anyone blame microsoft?

[MaximusNukeage]

windows is ghey somtimes, it tells you what you can and cant do and is always sugesting things. like i have monguloid baby syndrome (down syndrome)

Edit: I post of topic alot

[Ultraviolet]

Maximus, that has absolutely nothing to do with anything to do with the topic here, aside from OMFG LOL WINBLOWZ SUXORZ LOLOL.

Arioch: Pff. If they give the user absolute control over forbidding processes, and don't automatically forbid any processes in the "stock" configuration, then I don't see the problem.

[Arioch]

Ha! Right. These are the same people who open e-mail attachments from unknown senders and continuously ignore security updates. Get them panicked into doing things like blocking DLL and .exe through an easy-to-use interface and they'll make their desktops completely unusable.

And before you respond with "but MS can whitelist their own DLLs" keep in mind that the first thing the new wave of trojans will do is insert themselves INTO that whitelist.

[Cyb]

how would that help... it's not like anyone knows in advance the name of some viral or spyware dll or what... and besides by the very definition of a computer virus it could rename itself and not have to worry about that

plus if this option is avaliable no doubt it would be able insert random OS dlls onto such a blacklist and fuck over the user completly (with no chance of fixing it, really)

[Arioch]

There are third-party utilities that do pretty much what you're asking for, I've read about them, but forgot their names at this point.

I think they have something to do with semaphores.

Too much hassle for me to even consider setting one up though.

[Hirogen2]

Why the fuck isn't there an option to FORBID certain executables from being run and certain DLL's and shit from being loaded by RUNDLL and SVCHOST? It should be there. It could be used to prevent a FUCKTON of viral outbreaks and such.

Well there kind of is. Sometimes -- and only sometimes(!), like it's gonna pop up when I least expect it -- executables from a network share (a Linux/SMB one, havenot tried a Windows peer) ran from a DOS box yield "Access denied" without a reason. I copy them to a local harddrive and they work. Weird.

[Penguin]

I'd like to see a firewall included (like Linux's iptables) Then again, I'd be skeptical of a Microsoft firewall for good reasons lol

Also, this may be more on ATI's end than Windows... but I'd like to see an option to enable/disable AF and AA in programs when you right-click on the shortcut. Like how you can change the compatibility mode, there should also be graphics options.

I use AA in some games and not in others so it'd be convenient

[Arioch]

Penguin said:

I'd like to see a firewall included (like Linux's iptables) Then again, I'd be skeptical of a Microsoft firewall for good reasons lol

Not a chance. Too complicated for a consumer-level product and ISA on Win2K Server can already do pretty much everything iptables can do.

There are apparently issues with synfloods on ISA but those should really be dealt with upstream anyway.

XPsp2's firewall gives fairly granular controls over ports and services on the local machine, tho. Time will tell how effective it will be.