What is Reddit's opinion of
Windows Internals: System architecture, processes, threads, memory management, and more, Part 1 (Developer Reference)?
From 3.5 billion Reddit comments
By popularity on Reddit, this product is:
14 reviews of this product found across Reddit:
Yup! It's the name of a book :)
The second author, Alex Ionescu, is a founding member of CrowdStrike and Mark Russinovich is an OG MSFT legend.
Please research this topic further before making posts like this.
I suggest you buy a copy of Windows Internals and read up on the topic. Because calling someone out without directing them to a good source is rude.
Everything you need to know are on pages 23 to 28, but I honestly suggest you just complete the chapter from that point.
But here is a summary.
Kernel level is the absolute minimum level of access for an anticheat to do jack shit other than correct things that it determines are incorrect (packet crafting or crashing the game when it detects DLL injection, for example). You need kernel access (which I'm gonna plainly tell you every video game you have ever played that uses Direct X is flipping into Kernel mode every few seconds) to even direct read memory to begin with. This really is the only way to stop an even vaguely advanced attack short of locking the computer the heck down and turning it into the approved software only ecosystem.
The thing is that third party ultimately is the best option here as it allows these anticheats to get signatures of a wide variety of attacks. The entire business benefits from it.
Fun fact for you: all hacks are kernel level hacks. Because they have to be to access the memory.
>he source code of Windows is very confidential and only a few people have access to very little areas of its code.
The problem with this argument is that clean room reverse engineering is legal, and entire books about how the Windows kernel works are available to read. The Linux community is simply too lazy to read up on it. Plus the people that have actually studied the NT kernel are in agreement that it's a better kernel than Linux and all the Unix clones.
>Learn it once, use forever.
Sure, and you've NEVER, EVER forgotten a command or it's syntax once. Memorization takes time, memory lapses are a thing, and real OSes don't require any memorization.
It's not a business, but it's an enormous waste of time as a desktop, and the fact 99% of people immediately go back to Windows in 2 weeks still being true for over a decade is the important part. You just want to try to argue your way into getting people to believe you're right, but the market share doesn't lie. If it were a business it would be "listen to us or be fired." And that's why Linux can't ever improve. It's an entire of community of religious nuts that believes open source is superior, while ignoring and convincing themselves an extremely shitty operating system is good for all these nonsense technical reasons that ignore the big picture. Does it just work (Windows: Yes, Mac: Yes, iOS: Yes, Android: Yes, Desktop Linux: Fuck no, and that's your problem now).
I found the book Windows Internals to be essential in understanding how the OS actually works. Once you get the core concepts down the rest will fall in place more easily. If you're just starting with Win32 you can get by with an earlier edition which will be cheaper as Win32 doesn't change enough to make the earlier books out of date.
https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189
The closest book I’m aware of is the Windows Internals series. 7th edition covers windows 10 1607 and windows server 2016. Here’s a link to the book on Amazon US.
The guys writing it are a Microsoft MVP, a low level systems expert who teaches the windows internal course around the world, and the chief technology officer of Microsoft Azure.
It’s probably the most comprehensive book you’ll find on the subject. Might not be quite suited to programming, though.
The W10 kernel is proprietary, afaik there aren't any infographics that explain how it or its subsystems work.
There is a Microsoft Press book for developers that may provide some help though it does make a point to mention that Internals are subject to change without notice. The book is called Windows Internals, and the latest version, 7th Edition (Part 1) has a section on the I/O subsystem. [Amazon Link]
This really isn't a linux question though.
I’ve skimmed through Windows Internals to get a lot of in depth knowledge of Windows. Setting up a Windows VM to practice on is always a good idea too.
Amazon link for Windows internals:
Windows Internals, Part 1 (Developer Reference) https://www.amazon.com/dp/0735684189/ref=cm_sw_r_cp_api_i_hCiKEbRH5SNT7
OK then you have two different things and benchmark likely isn't what you are hoping to test for. Benchmark typically will refer to a performance discussion. What you are looking at I think is a software quality, security, supportability, etc. type analysis. XP is a long way behind the OS model changes that happened in Vista (part of the reason it was a rocky launch) to alter a number of Windows models to improve security, reliability, and serviceability.
If you really are looking into improvements vs "is it faster?" and this is for any level of serious class you probably should be digging into some of Mark Russinovich's "windows internals" books https://www.amazon.ca/Windows-Internals-Part-architecture-management/dp/0735684189/ref=sr_1_1?ie=UTF8&qid=1490126598&sr=8-1&keywords=windows+internals
I was in a room in 2004 talking with a developer who worked on XP SP2. At the time I recall him saying that SP2 was a third of the way to "where we need to be". A few years later the same person was saying that was woefully optimistic. In many ways SP2 was a different OS from XP RTM and SP1, but was only the first major step past the "Trustworthy Computing" memo of 2002
When you consider kernel changes, driver model changes (at one point the reason for blue screens), firewall, native anti-malware, pushing developers away from elevated credential assumptions, ASLR, native encryption, UEFI, UAC / split token, etc. Windows is radically different than it was in 2001 when Windows XP launched.
Start by reading through this: https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189 then we can answer any lingering questions.
The Windows Internals books by Mark Russinovich were a good source back in the day. Looks like there's a new edition which I have not read: https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189
​
You can learn a ton from ProcMon (https://docs.microsoft.com/en-us/sysinternals/downloads/procmon), which will show you all the file, registry, and process/thread activity happening on the system. This is very helpful for understanding what's going on with things.
There is a great book by Pavel Yosifovich called Windows internals. Highly recommend it.
https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189
This book series is the best place to start. It's a little older but honestly not much has changed in this regard over the past 10+ years.
This is about internals and was just released. Look for the older ones for older versions of Windows.
https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189
This might be something you'd also like, although it is more a collection rather than a specific topic: https://www.amazon.com/PoC-GTFO-MANUL-Laphroaig-ebook/dp/B074YMZF4P
A+ and Net+ and all the other +-certs are entry level. CCNA is entry level, and 70-680 is entry level.
Something to consider is that everyone has certs these days, so the certs you get must make you better than "everyone".
For example, CCNP is a rather high-end cert. You don't see a lot of CVs with this on, because people with this cert only need a Linkedin page, and the offers will come in endless streams.
MCSE is absolutely good to have if you want to go anywhere in a Microsoft environment, though Microsoft doesn't really do high-end certs anymore, so the only thing you can really aim for with an MCSE is an MVP award, but that does take some serious effort.
WCNA is worth some brownie points in the right places.
You should also supplement certs with in-depth knowledge, and recommended practices, for example,
I can't really help much with regards to Linux though. It's not really my area.
Popular alternatives to Windows Internals: System a...
