Undetectable Rootkits Through Virtualization? - Slashdot

Please create an account to participate in the Slashdot moderation system

×

Undetectable Rootkits Through Virtualization? 237

Posted by Zonk on Thursday June 29, 2006 @06:28PM from the two-rooted-plants-die dept.

techmuse writes "eWeek has an article about a prototype rootkit that is implemented using a virtual machine hypervisor running on top of AMD's Pacifica virtualization implementation. The idea is that the target OS, or software running on it, would not be able to detect the rootkit, because the OS would be running virtualized on top of the rootkit. The prototype is supposed to be demonstrated at the Syscan conference and the Black Hat Briefings over the next month."

This discussion has been archived. No new comments can be posted.

Undetectable Rootkits Through Virtualization?

Search 237 Comments Log In/Create an Account

Comments Filter:

ok, but... (Score:3, Funny)

by celardore ( 844933 ) writes: on Thursday June 29, 2006 @06:31PM (#15632325)

Who runs anything *real* on a virtual server?

Share
twitter facebook
the side effects are detactable (Score:4, Funny)

by Anonymous Coward writes: on Thursday June 29, 2006 @06:41PM (#15632378)

Current virtualization doesn't virtualize anything but basic VGA graphics. That's certainly noticable.

Boss asks: are you playing games at work?!

Me: Just checking for rootkits boss!

Share
twitter facebook
A win-win situation for everyone (Score:3, Funny)

by KingSkippus ( 799657 ) * writes: on Thursday June 29, 2006 @06:48PM (#15632423) Homepage Journal

From TFA:

Rutkowska says of the Blue Pill concept, "I am very excited about the chance to work with Sony on how this technology can be used to protect their next generation of music CDs, DVDs, and high-definition Bluray discs. I believe it will be a win-win situation for everyone involved. Well, everyone important, anyway."

Share
twitter facebook
Towards a runtime for Voight-Kampff machines (Score:3, Funny)

by Elwood P Dowd ( 16933 ) writes: <judgmentalist@gmail.com> on Thursday June 29, 2006 @06:56PM (#15632478) Journal

"Is this testing whether I'm a virtual machine or a lesbian, Mr. Dowd?"

Share
twitter facebook
Whoa. Déjà vu. (Score:5, Funny)

by DysenteryInTheRanks ( 902824 ) writes: on Thursday June 29, 2006 @07:21PM (#15632629) Homepage

"A Slashdot article just went by, and then another one that looks just like it!"

"It's a glitch in the rootkit! It happens when it changes something!"

"No, I said a SLASHDOT article."

"Ah, you're probably fine then."

Share
twitter facebook
Re:ok, but... (Score:1, Funny)

by Anonymous Coward writes: on Thursday June 29, 2006 @07:40PM (#15632748)

Are you kidding? Virtually everyone!

Parent Share
twitter facebook
Re:The only defense (Score:1, Funny)

by Anonymous Coward writes: on Thursday June 29, 2006 @07:54PM (#15632836)

Are you staring blankly at me?
No, I'm staring at you like you're an effing loon who doesn't know what the hell he's talking about.

Parent Share
twitter facebook
DRM? (Score:3, Funny)

by sr180 ( 700526 ) writes: on Thursday June 29, 2006 @08:10PM (#15632923) Journal

Can we use this to bypass the DRM included in Vista?

Share
twitter facebook
What's that you say? (Score:3, Funny)

by kimvette ( 919543 ) writes: on Thursday June 29, 2006 @08:30PM (#15633040) Homepage Journal

The next version of WGA will be undetectable? Thanks, Microsoft! ;)

Share
twitter facebook
Re:Everyone but you... (Score:3, Funny)

by Distinguished Hero ( 618385 ) writes: on Thursday June 29, 2006 @08:35PM (#15633067) Homepage

I don't think they realised the 'small details' they would be impacting. For instance, before the 'upgrade' if the network went down, we could write some letters, work on some spreadsheets etc... Now with the new 'upgrade', if the network goes down, we can't do anything. Not even write a letter, send an email, none of that stuff....

Yes, gone are the wonderful days of yore when one used to be able to pass the time while the network was down by "sending an email." :P

Parent Share
twitter facebook
Re:The only defense (Score:5, Funny)

by jthill ( 303417 ) writes: on Thursday June 29, 2006 @09:15PM (#15633241)

You just think you're booting off that DVD.

Parent Share
twitter facebook
Re:ok, but... (Score:3, Funny)

by Phleg ( 523632 ) writes: <stephen AT touset DOT org> on Friday June 30, 2006 @01:42AM (#15634342)

--> The Joke <--

--> Your Head <--

Parent Share
twitter facebook
Shhhhhhhhh....... (Score:2, Funny)

by DiscoDave_25 ( 692069 ) writes: on Friday June 30, 2006 @07:55AM (#15635249)

Please don't let Sony hear...

Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

413 commentsChatGPT Leans Liberal, Research Shows
347 commentsAmazon CEO Says 'It's Probably Not Going To Work Out' For Employees Who Defy Return-to-Office Policy
327 commentsHotel Owners Start To Write Off San Francisco as Business Nosedives
323 commentsChina is Building Nuclear Reactors Faster Than Any Other Country
315 commentsChina is Calling in Loans To Dozens of Countries

I've noticed several design suggestions in your code.