as I've gotten older I've learned to see the Silver Linings in some of the more tragic situations that life throws at us like whenever I've eaten at a waffle house within five blocks of a Malcolm X Boulevard I didn't complain about the greasy food or the poor service I just look forward to the fact that I may very likely get a free show right there within the restaurant and when I reflect on the bombing of Hiroshima and Nagasaki I like to think that the modern wonders of anime wouldn't have been possible without the large doses of radiation and when billions of dollars in damage is done in just a few days from a bug in a security appliance that hooks into the windows kernel I tell myself that maybe just maybe this will be enough to get Microsoft to stop letting third-party companies crash critical systems with their buggy code I was browsing the windows it pro blog earlier today when I stumbled upon this article titled Windows resiliency best practices and the path forward that got those hopes of mine up just a little bit more so as you might have guessed this article is addressing the crowd strike incident and the broader topic of Kernel mode drivers in the Windows operating system because if the crowd strikes Falcon sensor didn't run with system privileges on Windows then the colonel could have just killed the Falcon sensor process when it tried to read in valid memory instead of taking down the whole kernel and the whole system in order to kill the process this post goes on to say that the crowd strike incident clearly shows that Windows must prioritize change and innovation in the area of endtoend resilience and one example that they give us of an innovation that could help prevent is issues like this in the future is the VBS Enclave now don't confuse the VBS from VBS Enclave with Visual Basic scripts that's the old scripting language for the windows platform that Microsoft started deprecating last year I think and really everyone should have stopped using it years prior uh but anyway the VBS in this context stands for virtualization based sec security and there's several separate posts on Microsoft's websites about VBS and VPS enclaves that you should check out if you're really curious about the deeper details of this but with regard to programs with kernel access like crowd strike Falcon the VBS Enclave could provide an isolated environment for those processes and those programs to run in so that if there's a problem with the code in the application or even if malware manages to take over that application then the process is going to be isolated from the rest of the kernel so obviously this is good news for people that want to continue to use Windows but more importantly this is great news for gamers that use Linux in case you didn't know one of the big obstacles to gaming on Linux right now is that a lot of the big popular games require an anti-che program that needs to have access to your operating system and that needs to be running in order for the game to run or at least for you to be able to play these games online now on Linux there has been a native easy anti-che client that was used for Native Linux games that had anti-che like rust War Thunder and 7day to die before they decided to abandon Linux users a couple of years ago although I do think you can still play Rust on non easy anti-che servers but the point is anti-che on Linux runs in user space it does work but it doesn't hook into the kernel which makes it a lot less effective at stopping cheaters in video games but most desktop Linux users don't want something like a proprietary anti-che program running in their kernel anyway because of the Privacy implications but also the Linux kernel is so much more open than the windows kernel and users on Linux can modify anything they want in the kernel a lot of Linux users actually build their kernel from source and you know choose what they want active in the kernel if you're using gentu for example so because users on Linux can modify almost anything they want in the kernel anyway kernel level anti-che would still be a lot less effective on Linux than it is on windows at least for the most dedicated cheaters that are going to go messing around with the kernel uh and this announcement from Microsoft kind of sounds like they're going to start restricting thirdparty access to the windows kernel and they're going to start pushing those developers to write their programs or make their programs run in a more isolated Computing environment that has lower privilege levels now what's ironic about these changes coming out now is that Microsoft actually tried implementing something similar with what they called patchu guard almost 18 years ago back in the Windows Vista days uh but there was a lot of push back for this so two of the major antivirus companies at that time were semantic and McAfee Antivirus and yes I'm talking about that McAfee Antivirus uh and you know they fought back against the patch guard premise and well the reason for that is because of course most antivirus programs also want to have kernel level access they basically run as root kits themselves in order to prevent you from getting root kits on your system uh and semantic in particular was so annoyed with patchu guard and some of these other changes that Microsoft was making to Vista that they filed an antitrust complaint to the European Union and this was enough to get Microsoft to back down from implementing the patch guard change all those years ago so I'm really hoping that antivirus companies crowd strike anti-che Developers and everybody else who wants access to the windows kernel these days uh don't get their way this time and Microsoft kicks these companies out of the kernel because it could have a huge trickle down effect for Linux Gamers if anti-che in user space becomes the norm again and since a lot of Linux Gamers probably have jobs like supporting machines that could have been affected by the crowd strike bug and they probably got a lot lot of gaming time taken away from them uh that weekend you know this change that Microsoft is making could be a huge win-win more of their games are going to work and they don't have to spend so much time fixing a bunch of crappy Windows machines if you enjoyed this video please like and share it to hack the algorithm and check out my online store base. win where you can get awesome merch like the open Bas t-shirt or the little Damon hoodie 10% discount storewide for paying in Monero XMR have a great rest of your day