- OR how with the right amount of time and drive, nothing is totally safe
- From a story by Ryan Naraine /Tracking the hackers
The research, though theoretical, points to the need for multiple solutions (hardware and software) to work in tandem during forensics. It also highlights just how scary the threat from sophisticated rootkits can be. If, Rutkowska has proven this, forensic examiners then can't depend on images collected from RAM, then it's game over.
This is a terrifying prospect, I'll keep on this item as this could render any infected computer unuseable until the system is wiped and recovered. Well as long as the machine isn't a virtually machine rootkit'd you can recover it.
Trully interesting times.
powered by performancing firefox