Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Microsoft has made serious efforts to push the driver stack up to user space, since Windows Vista.

They use a theorem prover to validate drivers.

Static analysis is a enforced on the Windows source code via the Security Development Lifecycle Checks.

VC++ has quite a few security options that are enabled and used to compile the kernel.

After the whole Windows XP Swiss cheese episodes they ramped up quite a few security processes.

Windows 10 allows for individual application sandboxing.



Time to return to that old chestnut of a microkernel vs monolithic kernel debate?


Microkernels have won, just the GNU/Linux community seems be unaware of it and keep repeating the words of the leader.

Not only we have millions of embedded devices shipping microkernel OSes on them, we also have the transition to type-1 hypervisors, and now the slow adoption of unikernels.

Also Apple, Microsoft and Google are increasing the scope of sandboxing on their OSes.


Probably. I don't really consider it settled, anyway.


Interesting thanks! Where did you find this out? I have only just started reading Windows Internals Part 1 (which covers Windows 7) so I am intrigued where info regarding Windows 10 comes from.


Lots of MSDN, BUILD and Channel9 videos and blog entries.

There were some BUILD 2016 presentations about Window 10 sandboxing, but I would need to search for them, which I cannot currently do.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: