Submitted 16 hours ago by floofloof@lemmy.ca to cybersecurity@infosec.pub
cross-posted from: lemmy.bestiver.se/post/1033182
Interesting, considering one of the ways to prevent Adobe from phoning home was to redirect their domains via hosts file. Perhaps that’s where they got the idea, or one of the things they added, like hey were already looking at your hosts file to check for piracy, might as well add some entries for other reasons.
I’m trying to think of legitimate reasons why an installer should be able to edit that file, and I can’t think of any. Seems like the OS should lock it down.
From what i remember, the user has to disable some safeguards, to be able to modify it.
Yeah from my intuition it sounds like this file serves as a makeshift firewall / proxy. Allowing software to override it kinda makes this weak and basically useless for a lot of purposes.
I don’t use windows that much anymore, but couldn’t you make it a read-only file?
Kissaki@programming.dev 1 hour ago
Interesting, clever technical workaround for (potentially) real user benefit. But still, they should never do that. Working around safeguards and system component borders for user convenience is a very bad idea and practice.