Hacker News new | past | comments | ask | show | jobs | submit login

Hmm. I guess trashing your local LoadLibrary copy will stop 90% of software not specifically targeting Chrome... but that's still trivial to circumvent. I thought perhaps there is some Windows feature that could be taken advantage of, something like Internet Explorer's protected mode.



There is also "Protected Processes".

http://www.alex-ionescu.com/?p=34


The AV vendors need to ship the Chrome injection code to their customers, which includes the Chrome development team. And the Chrome announcement says explicitly that Google is willing to stop Chrome, so the AV vendors have to carry out the injection in such a way that it cannot even be detected after the fact.

A real challenge.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: