fantom309

Tuesday, March 6, 2007

Hardware-based rootkit detection proven unreliable

OR how with the right amount of time and drive, nothing is totally safe

From a story by Ryan Naraine /Tracking the hackers

Apparently Joanna Rutkowska, a security researcher at COSEINC Malware Labs, an elite hacker who specializes in offensive rootkit research s found several ways to manipulate the results given to hardware-based solutions (PCI cards or FireWire bus).



The research, though theoretical, points to the need for multiple solutions (hardware and software) to work in tandem during forensics. It also highlights just how scary the threat from sophisticated rootkits can be. If, Rutkowska has proven this, forensic examiners then can't depend on images collected from RAM, then it's game over.



This is a terrifying prospect, I'll keep on this item as this could render any infected computer unuseable until the system is wiped and recovered. Well as long as the machine isn't a virtually machine rootkit'd you can recover it.

Trully interesting times.





powered by performancing firefox

Posted by Fantom309 at 10:32 AM

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Blog Archive

  • ▼  2007 (20)
    • ►  April (2)
    • ▼  March (4)
      • From the Navy Times: Hackers access DFSA myPay acc...
      • Live from slashdot: FAA May Ditch Vista For Linux
      • Crack! Security expert hacks RFID in UK passport
      • Hardware-based rootkit detection proven unreliable
    • ►  February (7)
    • ►  January (7)

About Me

My photo
Fantom309
View my complete profile