Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Virtualized rootkits - Part 2
Federico Biancuzzi, 2007-08-29

There has been a lot of buzz around the topic of virtualized rootkits. Joanna Rutkowska has been working on a new version of Blue-Pill, her proof of concept invisible rootkit, while a team made by three prominent security experts (Thomas Ptacek, Nate Lawson, Peter Ferrie) challenged her that there is not an "invisible" rootkit, and that they were going to present at BlackHat conference various techniques to detect Blue-Pill. Federico Biancuzzi interviewed both sides to learn more. Part 2 of 2

Comments Mode:
Virtualized rootkits - Part 2 2007-08-31
Nima Bagheri
Virtualized rootkits - Part 2 2007-09-01
Nicholas weaver
Remember, also, Yi Min Wang has shown that you provably CAN'T build a persistant and stealthy rootkit if the defender is allowed to reboot the system into a trusted environment (see the Ghostbuster work).


[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/452/34699#34699




 

Privacy Statement
Copyright 2009, SecurityFocus