Author Topic: [FAQ] ReHIPS best practices (part 3)  (Read 963 times)

fixer

  • Administrator
  • Hero Member
  • *****
  • Posts: 1520
[FAQ] ReHIPS best practices (part 3)
« on: July 23, 2018, 09:51:30 am »
5. It's not recommended to execute files over the network. ReHIPS relies on file hash to make sure it's the same file that was allowed. But it's impossible to ensure proper hashing over the network. In other words one file contents may be sent when you try to hash the file (and everything may seem OK here), but when it comes to execution, completely different contents may be sent (possibly malicious). It's not just ReHIPS issue, UAC suffers from the same problem and it stems from network file operations. And there is no easy way fo fix it.

6. Keep all your private data in user profile folder. By default Windows tries to provide security. That's why it suggests you to save all your personal data in user profile folder (in folders Documents, Music, etc). It's the most secure way. Other users and isolated programs have no access to this folder, nor read, neither write. This folder is entirely yours and for you only. And no other folder is designed to be this way.