[peppermint_gum]

What makes you think that it's "so damn hackable"?

Also, this particular attack requires administrator privileges and bypasses a security boundary that doesn't even exist on e.g. Linux. Linux doesn't have driver signatures and root can easily install a new kernel module.

[formerly_proven]

> Linux doesn't have driver signatures and root can easily install a new kernel module.

Linux supports signed kernel modules (and not just on paper, this is a widely deployed feature).

[ddtaylor]

Linux also has SELinux, root can't do everything there.

[NekkoDroid]

Yep, when booting with secure boot the kernel won't load any unsigned drivers.

[snvzz]

This claim still assumes there's no vulnerabilities in a TCB sized in the millions of LoCs.

No chance.

Look elsewhere for actual security.

Right now, elsewhere just happens to be seL4. Anything else is either still too green or an architectural non-starter.

[privacymatters4]

Just a quick look at 2024's CVEs, 0days for Windows is a security nightmare. Not singling out Windows specifically, but they have a lot.

Browsers only just recently patched browsers being able to be served javascript that scans local devices on 10.* and 192.168.* etc hitting IoT devices with exploits and payloads, hell even hitting open listening sockets on localhost and 0.0.0.0 -- that's cross platform, how many years did that go under the radar?

And now Windows is getting 'Recall' which will monitor and scan your every PC action to remember it for you using ML; I don't see that going back at all /s

[gruez]

>Browsers only just recently patched browsers being able to be served javascript that scans local devices on 10.* and 192.168.* etc hitting IoT devices with exploits and payloads, hell even hitting open listening sockets on localhost and 0.0.0.0 -- that's cross platform, how many years did that go under the radar?

Ironically windows was not hit by that, but the "secure"(?) operating systems of mac and linux were.