software and privacy features

[GyomeiHimejima9906]

example: if an unauthorized malware/user requests access to protected files before MP starts the file in question will not be protected and the program folder is not protected in any way
(I suggest for folder protection to add a user named MPman who is the owner of the folder, and then make it readable by all but not editable and add a utility for the update that runs as MPman and can then update the MP installation files)

possibility to set file and folders access to a enclave only

[DavidXanatos]

The plan is to have MP driver start first, currently this is not done as for testing its provided as a portable installation, once there will be a version with an installer the driver will start early and provide always protection, including a mechanism to prevent the driver from being unloaded.

Also any malware with admin privileges can read the entire volume as a block device and access this way the content of any file, this can not be blocked on the OS volume, hence to keep data really secure they need to be on a separate volume where any access can be moderated, for example an encrypted volume like provided by MP.

[GyomeiHimejima9906]

i mean that MP instalation are not protected and a malware can delate it with windows reboot function or similar ways

[DavidXanatos]

Driver protection will be added, also any reboot will automatically unmount any encrypted volume.

The problem is as described that if you have a malware with admin privileges you can not prevent it from reading the OS volume as a block device and bypassing any ACLs that may be set on the filesystem level.

[Miademora]

The problem is as described that if you have a malware with admin privileges you can not prevent it from reading the OS volume as a block device and bypassing any ACLs that may be set on the filesystem level.

would the addition of drive-encryption like bitlocker/veracrypt prevent that?

[DavidXanatos]

would the addition of drive-encryption like bitlocker/veracrypt prevent that?

Addition LOL, haven't you watched the demo video linked in every release: https://youtu.be/NkVR5ktvqBc?t=1674 ? I know its awfully long and my video is not very YouTube worthy,
Anyhow container based volume encryption is already in included for exact this purpose.

Also it demonstrates how to access a file on disk using a disk editor: https://youtu.be/NkVR5ktvqBc?t=1609

[GyomeiHimejima9906]

The problem is as described that if you have a malware with admin privileges you can not prevent it from reading the OS volume as a block device and bypassing any ACLs that may be set on the filesystem level

a possible solutions is: while installing randomizing folder and main executuble file name

[GyomeiHimejima9906]

for example "urnvbkldxmpvca" instead "Major Rpivacy" NOTE: the nme should be generated when installing on pc not on source code or packed folder

[Proposer233]

The plan is to have MP driver start first,

See #20