Does OA has protection against direct disk access?

If that is indeed the case then it's disturbing. Even though i don't have or will bother with Vista, i was under the impression it was constructed or improved to better enhance against those type of potential loopholes.

Anyone else care to elaborate on this further?

 

One more thing about Vista. I activated Guest account. Then I switched to Guest account (UAC is enabled). Then I selected notepad.exe to "Run as admin". I expected to be asked for Admin password .. but nope. I was not asked and notepad.exe was started with admin rights from Guest account and with UAC enabled. Isn't it incredible ?

 

Correct You cannot open disks for raw access under LUA/RunSafer/DropMyRights.
IMO, alerting on direct/raw disk access should be restricted to SSM-like classical HIPS.

 

Anymore if this accessing Device\Physical Memory maliciousness from malware keeps up i would expect many other apps could be adding this type of an alert process.

 

Against the most evil virus it does not offer protection like most firewalls. I saw cruel things with activated oa but that is likely not the fault of oa either the fault of the os and internet in general. What firewall should withstand subhack tunneling?

 

What is this ?

 

Something cruel that most people are not aware of... undermining of privacy.. omnipresent evil eye.. man-in-the-middle

 

MiTM Attacks are also possible through secure socket layer, some people don´t believe this but it is proven, they even make special use of ssl channels/ports.

 

Access to physical memory isn't possible under LUA IIRC.