Hardware-based rootkit detection proven unreliable

Discussion in 'malware problems & news' started by malformed, Mar 4, 2007.

Thread Status:
Not open for further replies.
  1. malformed

    malformed Former Poster

    Joined:
    Sep 23, 2006
    Posts:
    124
    Location:
    In the Shadows
    http://blogs.zdnet.com/security/?p=109
     
  2. controler

    controler Guest

    I didn't know Jamie Butler had worked for the NSA.

    Back in the early 80's they use to teach computer techs how to troubleshoot
    motherboards down to the component level. I guess people's time was not worth as much then LOL
    Their just isn't any point in doing that when a motherboard is not that expensive now days. This has gone the same way as the VCR. It became easier to buy a new VCR then to get your old one fixed. It hasn't quit got to that stage yet with desktops or laptops but is getting close. Unless you sit at a bench and troubleshoot a few kinds of motherboards, it is just not worth a technician's time. Direct access to the buss would be nice I guess with a seperate peice of hardware inbetween the CPU. I don't even think it would be that less cost effective for the mobo manufactures to implement it, however a good technician could still do it if they didn't have to make the interface device themselves and could just buy aftermarket parts just like you can a car.
    Oh oh I can see a vision of people creating these interface parts. You would still have to physicaly go in a cut traces unless your chips are socketed LOL


    con
     
  3. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    NEWS Rootkits evade hardware detection

    http://www.infoworld.com/article/07/03/05/HNrootkitevade_1.html

    while most play cat and mouse with rootkits in software there are a number of hardware based products sold to enterprise, however its been releaved at Black Hat these too are able to be hoodwinked.

     
Loading...
Thread Status:
Not open for further replies.