Posted on 06/28/2006 7:35:03 PM PDT by HAL9000
Excerpt -
A security researcher with expertise in rootkits has created a working prototype of new technology that is capable of creating malware that remains "100 percent undetectable," even on Windows Vista x64 systems.Joanna Rutkowska, a stealth malware researcher at Singapore-based IT security firm COSEINC, says the new Blue Pill concept uses AMD's SVM/Pacifica virtualization technology to create an ultra-thin hypervisor that takes complete control of the underlying operating system.
Rutkowska plans to discuss the idea and demonstrate a working prototype for Windows Vista x64 at the end at the SyScan Conference in Singapore on July 21 and at the Black Hat Briefings in Las Vegas on August 3.
The Black Hat presentation will occur on the same day Microsoft is scheduled to show off some of the key security features and functionality being fitted into Vista.
Rutkowska said the presentation will deal with a "generic method" of inserting arbitrary code into the Vista Beta 2 kernel (x64 edition) without relying on any implementation bug.
~ snip ~
(Excerpt) Read more at news.yahoo.com ...
That's nice. The arms race continues.
Skynet IS the virus!
I wonder if the same people who write anti viral code are the same people who create the virus. LOL!
For a second I thought this was another Rush Limbaugh article.
What do I win?
The creators of malignant computer viruses need some serious jail time.
Wrong!
These cretins need to be taken out behind the courthouse -- after being tried and convicted by a jury, of course -- and SHOT!!!
Nahhhhh. Forget the part about the jury. Just shoot the sumbitches.
I have an HP with a divided hard drive (forgot the term). Anyway, I was recently suffering some kind of worm which my antivir program couldn't even solve. Eventually the system locked down and was not functunal. They are now disabling the protection.
Anyway I was able to restore the complete system by selecting "restore" on booting with the program that came with the system. It takes a while but was well worth it. I was amazed and congradulate HP.
The only small problem is that it rewrites windows and critical files. Games and stuff will not have the ini file in windows. No big deal really, compared to trying to get rid of the malware.
I say we jail them and set them to work curing cancer, once they cure cancer we will free them.
Partitioned was the term I was looking for....it always comes to you....sometimes the next day!
Since they are announcing themselves in advance, I'd say, someone ought to go to work!
Next time (if you already haven't), try NOD32.
http://www.eset.com/
I hate those ultra-thin hypervisors.
Microsoft: Vista Most Secure OS Ever
The geeks and hackers are the only reason we have anything remotely like functional security. The holes, hacks and exploits they discover and sometimes drive us crazy with are already there in the software. They did not create them they only discovered them. Black Hats, White Hats and even the Script Kiddies have done more to improve security, the programs, operating systems and hardware you own than anyone will ever acknowledge.
They are a pain but they have in most cases brought about improvements, reform and change where none would have occurred.
It was a White Hat that discovered the Sony Root kit Spy ware Hack that automatically installed when people simply played Sony music disks on their computer. At the time he was hunting for Black Hat Exploits. It was the Black hats who wrote a script to exploit that Corporate Hack and give them control of your computer. Had the Black Hats not written the exploit and there would have been no basis for damages in the class action suit against Sony installing Spy ware on peoples computers. Instead Sony was forced to remove the Root Kit or disable it ( in many cases it cannot be removed without wreaking the operating system of your computer and requiring a completer reinstall of the operating system). Sony also was required to pay fines and compensate everyone who purchased one of Music CDs that had the Spy ware Root kit Installed. Sony now must now cope with a public sees them as an unethical bunch of slugs. Further other companies will think long and hard about installing commercial hacks on the people’s computers. Need more evidence? Microsoft is already backpedaling over it's operating system "Genuine Advantage" anti piracy program checking in and registering your hard drive serial number, CPU and a number of other metrics every time you log on.
Like Yin and Yang Black Hats and White Hats keep each other and Corporations most egregious wrongs in check.
W
"Rutkowska stressed that the Blue Pill technology does not rely on any bug of the underlying operating system. "I have implemented a working prototype for Vista x64, but I see no reasons why it should not be possible to port it to other operating systems, like Linux or BSD which can be run on x64 platform," she added.
FreeBSD (OS X) could be vulnerable... PING!
If you want on or off the Mac Ping List, Freepmail me.
If it cannot be detected, the prevention of the RESULTS of occupation of your system by this malware will be the primary thrust. Outgoing Firewalls will become much more important.
We need to start identifying the authors of such malware as international economic terrorists and treat them as such.
I think that Rutkowska may be referring to Linux and BSD running on AMD chips. Unless Intel is using this AMD virtualization technology it appears that Macs may escape.
That's why the PING! said "...could..." The new Intel Core processors also have a virtualization layer... it may just be time or secrecy that keeps us from knowing about a rootkit that will work on it.
Love my G4 Mac(s) even more now.
Without a virus, there'd be no need to buy an antivirus.
Sounds like a perfect self-perpetuating business plan to me......:]
but at least it doesn't take up so much HD space like the old stupid-fat and bloated subhypervisors.
if women would just start having sex with these virus writing geeks all this crap would come to a grinding stop.
Damn scary stuff. I believe I had a run in with something similar last year.
I won in the end, but it was a tough fight.
Sounds to me like a hardware based back door. Shame on AMD.
There, fixed it for you.
"if women would just start having sex with these virus writing geeks all this crap would come to a grinding stop."
ROTF!!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.