DARPA Funded Startup to 'Bird-Dog' Rootkits

DARPA Funded Startup to 'Bird-Dog' Rootkits 124

Posted by ScuttleMonkey on Monday April 24, 2006 @09:38PM from the tails-of-woe dept.

Ski_Bird writes "DARPA is funding a startup the supposedly has a unique approach to detect rootkits. The startup, Komoku, is ready to 'emerge from stealth mode with hardware and software-based technologies to fight the rapid spread of malicious rootkits.' They have a PCI card that doesn't necessarily determine that a rootkit is installed, only that the O/S has changed dramatically enough to warrant investigation. Microsoft, however, demonstrated a rootkit running in a virtual machine outside of the user's O/S workspace that made detection impossible."

DARPA Funded Startup to 'Bird-Dog' Rootkits

This discussion has been archived. No new comments can be posted.

Search 124 Comments Log In/Create an Account

Comments Filter:

Re:Hardware can't be fooled like the operating sys (Score:5, Funny)

by Anonymous Coward writes: on Monday April 24, 2006 @09:42PM (#15194130)

I'm more interested in what Sony has to say about this development.

emerge? (Score:5, Funny)

by Hack Jandy ( 781503 ) writes: on Monday April 24, 2006 @09:47PM (#15194148) Homepage

emerge from stealth mode

For some reason I can't get this to work. I read the man pages but it seems like emerge doesn't have a stealth mode? Let me know if I am missing something here before i go back to Ubuntu.

A lot of good it will do... (was:Notification) (Score:4, Funny)

by Lead Butthead ( 321013 ) writes: on Monday April 24, 2006 @10:06PM (#15194218) Journal

I'm a little curious as to how the card is going to notify the user the system may have been compromised. If it involves the host OS in any way (dialog box) it could be bypassed by the rootkit. Maybe an LED on the card will switch from green to red? How often are you going to remember to check it?
A lot of good it will do if it's triggered everytime Microsoft releases a "security update."

Re:emerge? (Score:1, Funny)

by Godji ( 957148 ) writes: on Monday April 24, 2006 @10:27PM (#15194296) Homepage

Oh cut it out, both stealth and mode are obviously package.mask-ed, ye bloody n00b!!! RTFM! Go back to whatever BSD you came from!

l337 haxx0r hates n00bz!!!

P.S. The next time you post attach 'emerge --info'.

Re:Government Rootkit (Score:3, Funny)

by davidsyes ( 765062 ) writes: on Monday April 24, 2006 @11:32PM (#15194460) Homepage Journal

Just last week I was (re)wondering whether or not all our provided/purchased cable-modems are under a national security order to be "backdoorable". Hell, the telcos have been in bed with the government for maybe all of their existence, at least the past 20 years, I suppose.

Then, I started pondering... "Hmmm... if Slashdot itself is a government DARPA project....to weed out targettable, unloyal, unsavor engineers and geeks..."

Windows... (Score:4, Funny)

by XMilkProject ( 935232 ) writes: on Monday April 24, 2006 @11:57PM (#15194551) Homepage

Microsoft, however, demonstrated a rootkit running in a virtual machine outside of the user's O/S workspace that made detection impossible.

Windows: It's so insecure, not even DARPA can stop it.

(it's funny... laugh)

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

DARPA Funded Startup to 'Bird-Dog' Rootkits 124

DARPA Funded Startup to 'Bird-Dog' Rootkits More Login

DARPA Funded Startup to 'Bird-Dog' Rootkits

Re:Hardware can't be fooled like the operating sys (Score:5, Funny)

emerge? (Score:5, Funny)

A lot of good it will do... (was:Notification) (Score:4, Funny)

Re:emerge? (Score:1, Funny)

Re:Government Rootkit (Score:3, Funny)

Windows... (Score:4, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot