Re:The fact is (Score 3, Insightful)

It is possible to circumvent any single method of detection. And it's even possible to circumvent circumvention detection. In the real world this would become an arms race: security experts would find a way to detect the root-kit, and the next one would be able to evade that method of detection. Eventually, however, the hypervisor would spend enough cycles evading detection that the user would get tired of his bogged down machine and would just reinstall the OS.

I don't disagree with her theory, but in practice it is difficult enough to achieve that it will probably never happen.