Virtualization May Be Security Problem, Not Solution - InformationWeek
IoT
IoT
Infrastructure // PC & Servers
Commentary
7/3/2006
10:51 AM
David  DeJean
David DeJean
Commentary
50%
50%
RELATED EVENTS
[Ransomware] Taking the Mystery out of Ransomware
Dec 07, 2016
Lost data. Systems locked down. Whole companies coming to a grinding halt. When it comes to ransom ...Read More>>

Virtualization May Be Security Problem, Not Solution

Here's another reason rootkits are the scariest technology around. We've heard some good news about virtualization as a promising defense against malware lately, but along comes Joanna Rutkowska to burst our bubble. Ms. Rutkowska outlines what she calls Blue Pill, a virtualization-based rootkit that uses AMD's SVM/Pacifica virt

Here's another reason rootkits are the scariest technology around. We've heard some good news about virtualization as a promising defense against malware lately, but along comes Joanna Rutkowska to burst our bubble. Ms. Rutkowska outlines what she calls Blue Pill, a virtualization-based rootkit that uses AMD's SVM/Pacifica virtualization technology to take over the OS of a PC.The Inquirer reports that Ms. Rutkowska, who works as a security researcher for COSEINC, a Singapore based IT security company, says her Blue Pill rootkit is durable (that is, it isn't erased by a restart) and can be installed on the fly without restarting the host PC.

Even Vista's much-hyped anti-rootkit defense that requires kernel-mode software to have a digital signature to load is apparently no proof against Blue Pill. Ms. Rutkowska will be presenting her brainchild at a Singapore security conference, SyScan, on July 21, and at the Black Hat Briefings in Las Vegas on August 3. She promises that her demonstration will include a working prototype that runs on Windows Vista x64 and offers a "generic method" of inserting code in the Vista Beta 2 kernel without exploiting a bug or vulnerability in the Vista code.

You can read all about Blue Pill on Ms. Rutkowska's blog, invisiblethings.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll