Hacker News new | ask | show | jobs
by londons_explore 1248 days ago
Windows really ought to just hash every executable file, and then whitelist good files.

Perhaps 1 million exe files are in widespread use in the world. Anything that isn't on that list, I don't want running on my corporate network.

Compilers that make an exe file can have some new windows API that says "I just compiled this file, so it's fine to run".
1 comments
323 1248 days ago
> Perhaps 1 million exe files are in widespread use in the world.

They already do that. It's called SmartScreen.

> Compilers that make an exe file can have some new windows API that says "I just compiled this file, so it's fine to run".

I don't think you thought this through. Because then malware will either call that new API, or ship with their own compiler.

link
londons_explore 1248 days ago
> Because then malware will either call that new API,

As soon as malware is running, you have already lost.

This is for when the user has downloaded TotallyNotAVirus.exe from a dodgy website and tries to double click it.

link