Here's another reason rootkits are the scariest technology around. We've heard some good news about virtualization as a promising defense against malware lately, but along comes Joanna Rutkowska to burst our bubble. Ms. Rutkowska outlines what she calls Blue Pill, a virtualization-based rootkit that uses AMD's SVM/Pacifica virtualization technology to take over the OS of a PC.The Inquirer reports that Ms. Rutkowska, who works as a security researcher for COSEINC, a Singapore based IT security company, says her Blue Pill rootkit is durable (that is, it isn't erased by a restart) and can be installed on the fly without restarting the host PC.

Even Vista's much-hyped anti-rootkit defense that requires kernel-mode software to have a digital signature to load is apparently no proof against Blue Pill. Ms. Rutkowska will be presenting her brainchild at a Singapore security conference, SyScan, on July 21, and at the Black Hat Briefings in Las Vegas on August 3. She promises that her demonstration will include a working prototype that runs on Windows Vista x64 and offers a "generic method" of inserting code in the Vista Beta 2 kernel without exploiting a bug or vulnerability in the Vista code.

You can read all about Blue Pill on Ms. Rutkowska's blog, invisiblethings.