The InformationWeek -- Blogs
Welcome Guest. | Log In| Register | Membership Benefits

Digital Life

Topics:   Digital Life

  • Email this page E-mail this page
  • Print this page Print this page
  • Bookmark and Share
  • icon

Virtualization May Be Security Problem, Not Solution


Posted by David DeJean, Jul 3, 2006 10:51 AM

Here's another reason rootkits are the scariest technology around. We've heard some good news about virtualization as a promising defense against malware lately, but along comes Joanna Rutkowska to burst our bubble. Ms. Rutkowska outlines what she calls Blue Pill, a virtualization-based rootkit that uses AMD's SVM/Pacifica virtualization technology to take over the OS of a PC.

The Inquirer reports that Ms. Rutkowska, who works as a security researcher for COSEINC, a Singapore based IT security company, says her Blue Pill rootkit is durable (that is, it isn't erased by a restart) and can be installed on the fly without restarting the host PC.

Even Vista's much-hyped anti-rootkit defense that requires kernel-mode software to have a digital signature to load is apparently no proof against Blue Pill. Ms. Rutkowska will be presenting her brainchild at a Singapore security conference, SyScan, on July 21, and at the Black Hat Briefings in Las Vegas on August 3. She promises that her demonstration will include a working prototype that runs on Windows Vista x64 and offers a "generic method" of inserting code in the Vista Beta 2 kernel without exploiting a bug or vulnerability in the Vista code.

You can read all about Blue Pill on Ms. Rutkowska's blog, invisiblethings.

« Firefox Keeps Up With Political Candidates | Main | A Matter Of National Security »



Sign Up Now
For InformationWeek News Alerts




This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.


 
Digital Life Video

 

  1. No Silver Bullet for Parallelism
  2. Think Parallel 2010, Five Years of Multicore
  3. It's All In the Strategy, It's All About the Design

Join The InformationWeek Group On LinkedIn


  1. Motorola Droid Users Burned Again
  2. Want A 4G iPhone? Sprint Has It
  3. Verizon Wireless Details Android 2.1 Update For Droid
  4. Palm Plans Pre And Pixi Production Halt
  5. Do SSDs Belong In Laptops?

  1. 4 Keys To Storage Management
  2. 2010 Data Center Trends Report
  3. App-Aware Networks Get Closer To Reality
  4. 10 Steps To Ace A FISMA Audit
  5. CIO Profiles: David Wennergren, Deputy CIO Of The Department Of Defense
  6. Google Releases Free Web Security Scanner

 
  Ars Technica
Boing Boing
Channel 9 Forums
CRN Blogs
Dr.Dobb's Portal: Blogs
Engadget
Gizmodo
GrokLaw 		  Lifehacker
Schneier on Security
Slashdot
TechCrunch
Techdirt
Techmeme
Valleywag
  DECEMBER 2008
NOVEMBER 2008
OCTOBER 2008
SEPTEMBER 2008
AUGUST 2008
JULY 2008
JUNE 2008
MAY 2008 		  APRIL 2008
MARCH 2008
FEBRUARY 2008
JANUARY 2008
DECEMBER 2007
NOVEMBER 2007
OCTOBER 2007
SEPTEMBER 2007