Why, oh why?!

Discussion in 'ProcessGuard' started by Pigman, May 27, 2004.

Thread Status:
Not open for further replies.
  1. Pigman

    Pigman Registered Member

    Joined:
    May 15, 2004
    Posts:
    381
    Well, I was just looking at the description of ProcessGuard, and about to try out the free version to see if my computer wouldn't object, when I noticed something I hadn't noticed before...

    "This program is only compatible with the folowing operating systems..."

    And Win98 wasn't listed.

    Why isn't it Win98 compatible? Why, at least, isn't there a Win98 version? Plenty of people still use Windows 98.
     
  2. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, Pigman

    Not sure how to answer you on this becaue of the your response, I might get to it from you.

    Other than Windows 98 does not have the abilty to work with it as the System is to old.

    DiamondCS has aready explain it such.

    Has you do not accept help readily.



    TheQuest :cool:

    TheQuest :cool:
     
  3. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    We'd love to release a Process Guard for Win9x and wherever possible we go out of our way to ensure Win9x compatibility (for example, Port Explorer is the only dedicated port-to-process mapper in the world that supports Win9x), but there are many reasons why this simply isnt feasible for Process Guard - there are many reasons, but here are the three main ones ...

    1. The creation of Process Guard under Win9x would require the creation of a VXD driver (as opposed to the SYS driver currently used) which would take a lot more time - not only because VXDs are different (both physically and behavior-wise).

    2. Process Guard uses a lot of completely undocumented functions that only exist under Win2K/XP (and by "completely undocumented" I mean just that - Google searches return 0 hits, and these functions can't even be found in the various "Undocumented Windows" books). It takes a lot of time and patience to find, disassemble/analyse, and then build code to call these functions, and this presents two more problems: 1) Win9x doesn't even support a lot of these functions, and 2) the ones that are supported would be have to analysed all over again as they'd be different to their 2K/XP counterpart.

    3. Win9x is inherently insecure, so even if Process Guard in its current form was able to run under Win9x, there'd be a variety of attacks against Process Guard that would open up. With Windows 2K/XP, Microsoft added a variety of new security mechanisms such as security permissions (so the user needs the appropriate permissions just to get access to a process), and there are many fundamental differences also such as 2K/XP being a protected OS - processes can't see each others memory directly. These may or may not seem like big differences to you, but from the perspective of developing a kernel-mode driver that uses undocumented functions, the differences are enormous.

    Thanks for your understanding,
    Wayne
     
  4. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, Wayne - DiamondCS

    Thanks for your reply on this.

    That is what I would like to have said. :D

    I Could not have said it better. :D :D

    Thanks as aways for your help and replies.
    Take Care,
    TheQuest :cool:
     
  5. Pigman

    Pigman Registered Member

    Joined:
    May 15, 2004
    Posts:
    381
    Thanks Wayne.

    Sorry I didn't find it on the website. I should have looked harder.

    No offense intended, BTW.
     
Thread Status:
Not open for further replies.