Dailydave mailing list archives
Re: Whitepaper: Implementing and Detecting a PCI Rootkit
From: sinan.eren () immunitysec com
Date: Thu, 16 Nov 2006 22:22:53 -0500 (EST)
let me rephrase what i meant; there will be no ROM that the runtime OS can interface with. sure, if you interface directly to the board or the non-volatile memory component thats another story. Our goal is not to hide from the investigator (a.k.a the human) but to hide from the agent (a.k.a the software: AV, rootkit detectors etc). so regarding Dan Moniz's suggestions, brilliant stuff! but nothing that we will invest (or even effort). On Thu, 16 Nov 2006, Dave Korn wrote:
On 16 November 2006 18:47, sinan.eren () immunitysec com wrote:I should also note that when you have a FPGA based solution, there is no ROM to be investigated for potential malware.:) How precisely do you suppose an FPGA gets re-programmed at power-on time? They're generally volatile, remember... cheers, DaveK -- Can't think of a witty .sigline today....
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Whitepaper: Implementing and Detecting a PCI Rootkit John Heasman (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Aitel (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit sinan . eren (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dan Moniz (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Korn (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Peter Winter-Smith (Nov 17)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Aitel (Nov 17)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit sinan . eren (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Paul Wouters (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Chris Wysopal (Nov 17)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Aitel (Nov 16)
- <Possible follow-ups>
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit sinan . eren (Nov 17)