PPRuNe Forums - View Single Post - Profile Quota
Thread: Profile Quota
View Single Post
Old 12th November 2009 | 23:10
  #16 (permalink)  
Simonta
 
Joined: Jan 2006
Posts: 130
Likes: 0
From: UK
Hi Keef

Ignore all the comments about NTFS. For several reasons, it is considerably less vulnerable than FAT to malware - in fact, FAT is to all intents and purposes completely insecure against nasties. Only true though if you don't log on with admin or power user rights . See my previous post. When using FAT, you are effectively running as admin all the time.

It's also higher performance, with no file size limits for practical purposes and is a lot more robust than FAT.

Do a little googling if you need more reassurance but trust me, format with NTFS, make sure you always update and log on as a lowly user to surf and you will be very unlucky to get something. In fact, only 2 ways to get past the "non admin user on a fully patched NTFS system" and that's to exploit a bug (security hole which has not yet had a patch released/applied) or social engineering tricking you into running something bad with elevated rights. The overwhelming majority of nastiness out there relies on users running on FAT, as admin on NTFS or unpatched systems.

I've said it before and I'll say it again. Give me a fully patched Windows system on NTFS with me logged in as a user and I'll challenge anyone to get past me....

On FAT, you are in the wild west....

Cheers

PS. The alternate data streams (ADS) on NTFS can be a problem but not commonly used by baddies and only effective if you are admin or power user. This link is useful:

Computer Forensics - Dissecting NTFS Hidden Streams

PPS. There are *nix drivers which will happily write to NTFS. Microsoft did not do anything to to prevent access to NTFS - they simply did not publish the NTFS designs - no bad thing in my book as it all adds to the security.

start [www.linux-ntfs.org]
http://www.ntfs-3g.org/
Last edited by Simonta; 12th November 2009 at 23:26.
Simonta is offline  
Reply
0