-----BEGIN PGP SIGNED MESSAGE-----
On Sat, 05 Aug 2006 22:03:28 -0000,
Tim Smith <reply_in_group@xxxxxxxxxxxxxxxx> wrote:
> In article <3498133.cuec4TF64W@xxxxxxxxxxxxxxx>, Roy Schestowitz wrote:
>> Black Hat Takes Vista to Task
>> ,----[ Quote ]
>>| She demonstrated two potential attack vectors. One could allow unsigned
>>| code to be loaded into the Vista kernel. The second vector involved
>>| taking advantage of AMD's Pacific Hardware Virtualization to inject a
>>| new form of super malware that Rutkowska claimed to be undetectable.
> That second one also will work on Linux.
Rutkowska also demonstrated a new form of super malware that she said
she could use against Vista. The attack involved compromising chipmaker
AMD's 64 SVM hardware virtualization features with a tool she called
It creates a hypervisor that can control the operating system. A network
backdoor can then be inserted onto a compromised Blue Pill machine.
Rutkowska developed such a backdoor. She named it "Delusion." She said
it was undetectable.
How would you get that to run on Linux? wouldn't you have to be root (or
have found a priv esc) in order to do so?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v22.214.171.124 (GNU/Linux)
-----END PGP SIGNATURE-----
Jim Richardson http://www.eskimo.com/~warlock
Beer makes you feel the way you ought to feel without beer.
-- Henry Lawson