Fully Open Source NTFS Support Under Linux

← Back to Stories (view on slashdot.org)

Fully Open Source NTFS Support Under Linux

Posted by ryuzaki0 on Saturday July 15, 2006 @02:33AM from the long-time-coming dept.

lord_rob the only on writes "The Linux NTFS project has released a beta version of its fully open source userspace (using FUSE) 3G-Linux NTFS support driver. According to the developer, this driver beats hands down other NTFS support solutions performance-wise (including commercial Paragon NTFS driver and also Captive NTFS, which is using windows ntfs.sys driver under WINE)." That's right, writing to NTFS even works. Soon it'll mean one less recovery disk to keep around, I hope.

3 of 310 comments (clear)

Min score:

Reason:

Sort:

Great news. by LinuxGeek · 2006-07-15 02:35 · Score: 5, Interesting

This gives us another tool that can be used to repair windows systems that have been hit by some of the newest rootkits that can hide from detection when windows is running. Can't hide from a Linux boot disk and with complete write support, now these can be cleaned and studied more effectively.

--

Kindness is the language which the deaf can hear and the blind can see. - Mark Twain
1. Re:Great news. by Thing+1 · 2006-07-15 06:14 · Score: 4, Interesting
  
  You also can't hide from a different installation of Windows that has the infected disk mounted. Rootkits hide themselves by hooking into the running kernel/fs drivers - inspect the disk with a clean install and they can't hide then either.
  
  Interesting approach: install VMware Server (free), install Windows into a VM (free if you have 2003--IIRC*, Microsoft allows 4 instances, 1 host and 3 virtual), then connect the physical drive to the VM. Not sure whether VMware will bypass the drivers and allow you complete physical access as I haven't tried it but that's one of the options when creating a new virtual hard drive.
  You probably don't want to run the VM from the same drive that you attach to it, though... I haven't tested this, but it might be a nice option for investigating without taking down any services that may happen to be running on the potentially-infected PC.
  * -- is this the sound made by a crashing car?
  
  --
  I feel fantastic, and I'm still alive.
Performance by Reality+Master+101 · 2006-07-15 02:40 · Score: 4, Interesting

Unless I missed it, I notice the performance numbers are only single process. I'm suspicious of this because user-mode filesystems (as under microkernel operation systems) typically crash and burn performance-wise under simultaneous load, not under single-user use.

I know that user-mode is easier to debug, but they really should turn this into a kernel module.

--
Sometimes it's best to just let stupid people be stupid.