Forgot your password?
typodupeerror

Comment: Already in use for NEXUS, sort of. (Score 1) 221

by sarahemm (#33573126) Attached to: Dept. of Homeland Security To Test Iris Scanners
The summary makes it sound like nobody is using iris scanning technology now, but Homeland Security has been using it for the NEXUS program (to cross between Canada/US without talking to anyone) for years. I've been looking into a machine's "eyes" for a couple years now, and it's been really reliable from my point of view. It looks like what is actually new is that this system can pick up irises from a few feet away, instead of 8-12 inches.
Security

+ - VM-based rootkits proved easily detectable->

Submitted by paleshadows
paleshadows (1127459) writes "A year and a half has passed since SubVirt, the first VMM (virtual machine monitor) based rootkit, was introduced. The idea spawned two lively slashdot discussions: the first, which followed the initial report about SubVirt, and the second, which was conducted after Joanna Rutkowska has recycled the idea (apparently without giving credit to the initial authors). Conversely, in this year's HotOS workshop, researchers from Stanford, CMU, VMware, and XenSource have published a paper titled " Compatibility Is Not Transparency: VMM Detection Myths and Realities" which shows that VMM-based rootkits are actually easily detectable. The introduction of the paper explains that

"While commodity VMMs conform to the PC architecture, virtual implementations of this architecture differ substantially from physical implementations. These differences are not incidental: performance demands and practical engineering limitations necessitate divergences (sometimes radical ones) from native hardware, both in semantics and performance. Consequently, we believe the potential for preventing VMM detection under close scrutiny is illusory — and fundamentally in conflict with the technical limitations of virtualized platforms."

The paper concludes by saying that

"Perhaps the most concise argument against the utility of VMBRs (VM-based rootkits) is: "Why bother?" VMBRs change the malware defender's problem from a very difficult one (discovering whether the trusted computing base of a system has been compromised), to the much easier problem of detecting a VMM.""

Link to Original Source

"Out of register space (ugh)" -- vi

Working...