-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, 05 Aug 2006 22:03:28 -0000,
Tim Smith <reply_in_group@xxxxxxxxxxxxxxxx> wrote:
> In article <3498133.cuec4TF64W@xxxxxxxxxxxxxxx>, Roy Schestowitz wrote:
>> Black Hat Takes Vista to Task
>>
>> ,----[ Quote ]
>>| She demonstrated two potential attack vectors. One could allow unsigned
>>| code to be loaded into the Vista kernel. The second vector involved
>>| taking advantage of AMD's Pacific Hardware Virtualization to inject a
>>| new form of super malware that Rutkowska claimed to be undetectable.
>> `----
>
> That second one also will work on Linux.
>
<quote>
Rutkowska also demonstrated a new form of super malware that she said
she could use against Vista. The attack involved compromising chipmaker
AMD's 64 SVM hardware virtualization features with a tool she called
"Blue Pill."
It creates a hypervisor that can control the operating system. A network
backdoor can then be inserted onto a compromised Blue Pill machine.
Rutkowska developed such a backdoor. She named it "Delusion." She said
it was undetectable.
</quote>
How would you get that to run on Linux? wouldn't you have to be root (or
have found a priv esc) in order to do so?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFE1TY0d90bcYOAWPYRAnNOAKDK6sIJbhPFeDe1O/C7V5deSRIdtwCgugC7
bMPBOWJafU5DMSa1FXz/Q9o=
=OdsJ
-----END PGP SIGNATURE-----
--
Jim Richardson http://www.eskimo.com/~warlock
Beer makes you feel the way you ought to feel without beer.
-- Henry Lawson
|
|