I'm not sure but I think this is the crack-addled post that started the GRC "raw sockets are evil" meme.
GRC, if you aren't familiar, enjoys a reputation as something of an old crank in the security industry. Imagine if Dvorak shifted his focus entirely to Internet security and learned enough Visual Basic to write Windows utilities, and you've got the flavor.
One of Steve Gibson's pet controversies is the notion that raw sockets are a terrible flaw, because they allow attackers to spoof packets. When Win32 added them to the "official" API, he campaigned loudly against them and predicted a catastrophe based on Windows DDoS tools.
This is, of course, a retarded idea. There's a whole menagerie of off-the-shelf facilities programmers can use to get raw packets onto the wire, from drivers like Winpcap to entire embedded stacks like Lwip, which is what BluePill uses. Singling out raw sockets is unproductive, and speaks to a real lack of understanding of how operating systems actually work.
GRC, if you aren't familiar, enjoys a reputation as something of an old crank in the security industry. Imagine if Dvorak shifted his focus entirely to Internet security and learned enough Visual Basic to write Windows utilities, and you've got the flavor.
One of Steve Gibson's pet controversies is the notion that raw sockets are a terrible flaw, because they allow attackers to spoof packets. When Win32 added them to the "official" API, he campaigned loudly against them and predicted a catastrophe based on Windows DDoS tools.
This is, of course, a retarded idea. There's a whole menagerie of off-the-shelf facilities programmers can use to get raw packets onto the wire, from drivers like Winpcap to entire embedded stacks like Lwip, which is what BluePill uses. Singling out raw sockets is unproductive, and speaks to a real lack of understanding of how operating systems actually work.