Maybe the traffic is not diverted at the time of signing?
I also don’t know if there is any quality control that is done by ms or if it is meant to prevent changes in drivers. The latter seems the most obvious to me, since there are a lot of devices with accompanying drivers; You cannot test it yourself.
There is a basic phrase in computer science called “stop problem,” which means you can never guarantee that programs are 100% running. Strictly speaking, the statement says that you can never be sure whether a program will stop or not, but it’s almost the same thing. It is commonly said, for every scan one can think of to check your program, you can add an exception to your program to bypass that scan.
Of course, you shouldn’t conclude that all control is meaningless. But you need to keep in mind that, despite all the checks, something can always pass.
In general, we have long known that nothing is perfect and mistakes are made everywhere, both in and out of IT. In general, the solution is that you should not rely on any one ingredient. You make systems secure with overlapping layers of security that protect each other’s vulnerabilities. Just like if you had a castle secured by a wall, moat, guards, watchtowers, drawbridge, portcules, archers, etc…
This thinking still lacks information technology. I regularly ask how things are secured. On my questions I often get one answer per point: “The database is firewalled”. Then I ask what happens if the firewall goes down and they usually don’t have an answer to that, they think that’s a bit nice.
While it’s not really that hard to take some extra actions like “the database is not listening to the network” or “the database users are restricted to an IP address and must have an ssl client certificate” or “our switches and routers have ACLs that capture the firewall” errors”.
There are also those who do a very good job, but there are many who don’t really understand that and do an “IT checklist”. They don’t think structurally about the situation, but see safety as features that you either have or don’t have.