A question about hooks

Started by Stephen, July 03, 2019, 09:33:18 AM

Previous topic - Next topic

Stephen

I read a posting in the FAQ about hooks and I must admit I didn't understand what it's all about. I'm not all that proficient in IT matters! What's important to me as a user of ReHIPS is what should I do as a default about the setting regarding hooks in the Desktop Access Rights Privileges tab? Ignore it or deal with it one way or another depending on specific circumstances?

shmu26

Desktop hooks for programs such as MS Office are not a problem as regards actual malware in the wild. It is more of a theoretical problem.
If you want total security, use the separate desktop, although it is admittedly inconvenient for multi-tasking.

Just my personal opinion.

fixer

Do you refer to this FAQ blogpost https://forum.rehips.com/index.php?topic=9483.0 ?

Options from the most secure to least:
1. Use separate desktop.
2. Use main desktop and disable HOOK_CONTROL.
3. Use main desktop with enabled HOOK_CONTROL and use Isolated Hooks or Low Integrity Level.

By default ReHIPS operates in the most secure way offering separate desktop.

And don't worry anyway, even while main desktop with enabled HOOK_CONTROL and no other mitigations leave you theretically open to some threats, it's more of a paranoid possibility as I haven't seen it practically yet. I just think that we have to outline any threat, even theoretical and nearly-impossible ones.

Stephen

Many thanks for the reply. I understand it better now.