Reply To: VoodooShield and SRP

    Dan
    Keymaster
    US

    VecchioScarpone: For me personally, I hardly change any VS default settings as I do not fully understand the implications. I usually go for an errors and trials methods that often get me into trouble, so I keep clear.

     

    Off course I’m a minority as far as VS users population.

    SRP, for the little I Know I would not dare to touch it.

    Users would not notice the difference if we implement SRP… VS would act EXACTLY the way it currently does, except you would encounter more blocks, simply because anything outside of the system / program files space is blocked.  Not only that, but SRP does not whitelist / remember items that you allowed.  So if you launch an executable from the desktop when VS is OFF, you would not be able to launch the same executable later on when VS is ON, unless you somehow manually whitelist that file.

    The current kernel mode driver would be the default mechanism, but users would have the option to use SRP instead.  I am just having a difficult time finding a reason to implement SRP, especially since Microsoft is replacing it with more modern tech that is a lot more similar to the way VS currently works.  A handful of people insist that SRP is a better mechanism, without explaining exactly why they believe it is better.  I am guessing that since SRP locks everything down and does not allow users to quickly whitelist items, they somehow feel it is more secure.  Who knows?

    0
    0