Full Disclosure mailing list archives
Re: [Full-disclosure] Rutkowska faces ‘100% undetectable malware’ challenge, teasing?
From: wac <waldoalvarez00 () gmail com>
Date: Sun, 1 Jul 2007 05:29:31 -0400
Blah blah blah. Please someone tell Rokowska that we know about what she calls "blue pill" since we where little kids. It was exposed *years ago* (1995 to be exact > 12 years) by Mark A. Ludwig in his Giant Book of Computer viruses Page 391 from American Eagle Publications, Inc. Chapter "Protected mode stealth" Basically was moving the operating system into userland and running the virus in ring-0 making it almost undetectable. It was called Isnt not blue whatever. Yes well with vanderpool technology should be a lot easier given the hardware support. And guess what.. We are still alive even with a POC virus and it's source code available to the public. I hate that kind of noisy sensationalist press so much. That guy is always doing it. And btw I don't believe such thing to be totally undetectable. There's always a little catch. Regards Waldo On 6/30/07, Bipin Gautam <gautam.bipin () gmail com> wrote:
hi guys, ref: http://blogs.zdnet.com/security/?p=334 so are they teasing by making her the impossible challenge at this date? :) honeypot developers have been trying to battle the same issue of making the virtual machine emulate guest OS like the it is run in real hardware since some years now. ref: http://handlers.sans.org/tliston/ThwartingVMDetection_Liston_Skoudis.pdf But if Rutkowska or anyone is able to succeed to make it undetectable in current hardware that would be genius! -bipin _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: [Full-disclosure] Rutkowska faces ‘100% undetectable malware’ challenge, teasing? wac (Jul 01)