my bios para-virtualization claim is not the same.
I totally understand the lack of credibility about the malware.
That's why I respect the professional courtesy of this forum.
acpi can do lots of things, it have lots of management on the hardware and can be configured from the os...., its a standard, have holes.
first, I have tons of work, sorry by not keeping posting.
I will when I have time.
the papers, you provide is great, but the man have...
hold your horses
an os that was compromised can infect all media inserted.
don't jump layers ok
don't put all the people that complain...
paravirtulization is not full virtualization, it allows direct hardware access to some buses or devices.(give more compativility to the malware)...
thats my main concern.
In security this cant be avoided: more security less uasability.
today you can donwload a linux live cd an boot on...
I never said that monitoring processes can be used as evidence.
I will post docs later, it was about an exploit of acpi that was part of compativility phantom device or bus and it was an exploit, the os dont...
cant give much details but goverment or enterprise for the one that hit my network.
my work notebook get infected there and later my home pc....
but some drivers that are from MS are used to manage some fake hardware.
by the way, all my media came from msdn.
1 thing is the os
2 the bios/acpi etc
if malware can get to your pc, this can.
if malware can use mbr this can use it too.
I actualy see fake bios screens and I was able to get to the original after some tricks.
the network trafick, is there and only some OS...
The problem is privilege elevation, in the old days if the users where not local admins you were safe.
Imagine if I give you a menu to configure...
I fight several versions of this malware so that’s my experience.
I can post bios or acpi tables but I consider all data that the os can...
I am the RFC Rudel from sysinternals
IT was shame that the tread have so many bad people.
I was forced to retired becouse I was target but many...
Separate names with a comma.