Secure Coding mailing list archives
Intel turning to hardware for rootkit detection
From: Ken at krvw.com (Kenneth R. van Wyk)
Date: Tue, 13 Dec 2005 10:54:46 -0500
FYI, eWeek has an interesting article on Intel's "System Integrity Services," which aims to add hardware level protection against rootkits. Now, it seems to me that they're bundling all sorts of nasty critters in with their definition of "rootkit" but it's worth reading, IMHO. The detection mechanism seems to primarily be looking primarily for non-OS software modifying OS inhabited memory blocks. Wonder how they're definining (and maintaining the definition) of each... I also wonder how it'll impact near-OS software installations like, say, device drivers, authentication plug-ins, and other things that need to poke pretty deeply into the OS in order to install. Anyway, here's a URL to the article. http://www.eweek.com/article2/0,1895,1900533,00.asp Cheers, Ken van Wyk -- KRvW Associates, LLC http://www.KRvW.com
Current thread:
- Intel turning to hardware for rootkit detection Kenneth R. van Wyk (Dec 13)
- Intel turning to hardware for rootkit detection ljknews (Dec 13)
- Intel turning to hardware for rootkit detection Gadi Evron (Dec 13)
- Intel turning to hardware for rootkit detection Ron Forrester (Dec 13)
- Intel turning to hardware for rootkit detection ljknews (Dec 13)
- Intel turning to hardware for rootkit detection David Eisner (Dec 13)
- Intel turning to hardware for rootkit detection Greenarrow 1 (Dec 13)
- <Possible follow-ups>
- Intel turning to hardware for rootkit detection Steven M. Bellovin (Dec 13)
- Intel turning to hardware for rootkit detection Michael S Hines (Dec 13)
- Intel turning to hardware for rootkit detection mudge (Dec 13)
- Intel turning to hardware for rootkit detection Crispin Cowan (Dec 14)
- Intel turning to hardware for rootkit detection Michael S Hines (Dec 13)
- Intel turning to hardware for rootkit detection ljknews (Dec 13)