Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- Blue Pill Project extends VM rootkit cat-and-mouse tussle
- Blue Pill Project extends VM rootkit cat-and-mouse tussleMS ?"systems based on a microkernel architecture"please explain how the pill works.Root Kits and virues.The accountability issue is not about why a person wastes their time building a bad reputation to get attention, as the peer support saying "that's great!" isn't there if...
- Tags: Rootkits, Games, Blue Pill Project, Blue Pill, rootkit, accountability issue
- Discussion threads 2007-08-05
- Blue Pill Project extends VM rootkit cat-and-mouse tussle
- LAS VEGAS - The intellectual cat-and-mouse tussle over hiding and finding virtual machine rootkits has hit a new gear with a team of researchers dismissing the notion of "100 percent undetectable" malware and the release of source code for a new "Blue Pill" rootkit.As previously reported, Thomas Ptacek, co-founder of...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Microsoft, Metasploit, Hackers, Exploit code, Data theft, Browsers, Botnets, Black Hat
- Blog posts 2007-08-02
- Let users virtualize Vista because hypervisor rootkits are no threat
- Let users virtualize Vista because hypervisor rootkits are no threatGreat article Thomas, but I have a question[i]"...there’s much more to the X86 platform than meets the eye. That includes chipset features, obscure timing sources, and even hardware bugs, or “errata”, that sneak into the finished version of any chip. To...
- Tags: Rootkits, Virtualization, Chipsets, Semiconductors, Blue Pill, hypervisor, rootkit, hypervisor rootkit, Microsoft Windows Vista
- Discussion threads 2007-07-05
- Let users virtualize Vista because hypervisor rootkits are no threat
- Ryan Naraine is on vacation. Guest editorial by Thomas Ptacek Several weeks ago, reports surfaced that the threat of super-sophisticated "hypervisor malware" was preventing Microsoft from allowing their Windows Vista Home Edition operating system from running within virtualization software. Now, Microsoft may have a lot of good reasons for restricting...
- Tags: Windows Vista, Vulnerability research, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Microsoft, Hackers, Exploit code, Data theft, Browsers, Botnets, Black Hat, Apple
- Blog posts 2007-07-05
- Blue Pill hacker challenge update: It's a no-go
- A quick update to the challenge handed down to hacker Joanna Rutkowska to prove that her Blue Pill technology creates "100% undetectable malware."Rutkowska says she is "ready to accept" the challenge but wants her two-person team to be paid $384,000 ($200 a day each for two people working full-time for...
- Tags: Uncategorized
- Blog posts 2007-06-29
- Rutkowska faces '100ò0undetectable malware' challenge
- Rutkowska faces '100ò0undetectable malware' challengeOh what would I do...She is given a choice between two identical laptops. After reading some of her research, the best way to tell would be to check the latency of the laptops and see which one lags more. I think that if anyone...
- Tags: Rootkits, PRODUCTIVITY, SECURITY, malware, JoAnna, Blue Pill, Red Pill, pill
- Discussion threads 2007-06-28
- Rutkowska faces '100% undetectable malware' challenge
- At last year's Black Hat security conference, stealth malware researcher Joanna Rutkowska caused a stir with the introduction of Blue Pill, a new technology she claims can create malware that remains "100 percent undetectable."This year, a group of her peers will challenge Rutkowska to prove it, arguing that a...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Open source, Microsoft, Metasploit, Hackers, Exploit code, Digital rights management, Data theft, Browsers, Botnets, Apple
- Blog posts 2007-06-27
- Detecting the Blue Pill Hypervisor rootkit is possible but not trivial
- Detecting the Blue Pill Hypervisor rootkit is possible but not trivialOutside the BoxPerhaps I'm missing something, but it seems this argument is somewhat self-limiting. While a software detection mechanism runs on a subjugated OS, it may well be very difficult for that mechanism to detect Blue Pill. If,...
- Tags: Rootkits, Spyware, adware & malware, Cyberthreats, SECURITY, Viruses and worms, Blue Pill, rootkit, malware, operating system
- Discussion threads 2006-08-17
- Detecting the Blue Pill Hypervisor rootkit is possible but not trivial
- There has been much skepticism over the claim that Blue Pill the first effective Hypervisor rootkit is 100% undetectable and I myself was very skeptical of Blue Pill when I first read about it. I had an extensive email conversation with Joanna Rutkowska (of Singapore-based COSEINC) weeks before her...
- Tags: Blue Pill, Blue
- Blog posts 2006-08-17
- Blue Pill: No hoax
- By now you've probably heard of security researcher Joanna Rutkowska's "Blue Pill" concept -- a way take advantage of hardware virtualization features of AMD and Intel processors to surreptitiously log keystrokes or do whatever else an attacker might want. This technique was demonstrated in front of a live audience at...
- Tags: Blue, Blue Pill
- Blog posts 2006-08-16
- Blue Pill: The first effective Hypervisor Rootkit
- Blue Pill: The first effective Hypervisor RootkitWow...w00t!I think this has been debunkedhttp://tocm.blogspot.com/2006/07/spend-more-time-reading-less-time.html#commentsArthasVery Nice IndeedRight now, I would assume the only way to detect whether or not a blue pill was installed was to run a network traffic monitor at the gateway and look for any abnormal traffic going to unknown...
- Tags: Blogging, Virtualization, rootkit, Blue Pill, blog, Xen, hypervisor, Xen developer
- Discussion threads 2006-08-15
- Blue Pill: The first effective Hypervisor Rootkit
- Blue Pill can do an on-the-fly install and simply shift your Operating System from direct control of the physical computer to a virtualized state I had a chance to sit down with Polish security researcher Joanna Rutkowska of Singapore-based COSEINC after Black Hat 2006 last week and we discussed her...
- Tags: Blue Pill, Blue
- Blog posts 2006-08-15
- Hackers at Black Hat rise to Microsoft's challenge to break Vista's security (and succeed)
- Looks like Microsoft has more work to do on Vista's security. According to InfoWorld:After security researcher Joanna Rutkowska demonstrated Thursday how it's possible to circumvent security in Microsoft's Vista beta software and install a rootkit called Blue Pill, Microsoft said it intends to find ways to stop both potential threats...
- Tags: Microsoft Windows Vista, security
- Blog posts 2006-08-04
Additional Resources
- Microsoft may need an IBM moment of clarity
- Microsoft's financial analyst meeting was a tale of a technology conglomerate: You heard a lot about search, a decent bit about the enterprise and all sorts of projects in between. But amid all the coverage--see Mary Jo's laundry list of stories--I can't help but wonder if Microsoft's...
- Tags: Steve Ballmer, Microsoft Corp., Enterprise, IBM Corp., Game Players, Virtualization, Tools & Techniques, Enterprise Software, Consumer Electronics, Personal Technology, Hardware, Management, Software, Larry Dignan
- Blog posts 2008-07-25
- If Xen and KVM are free, why do VMware and Microsoft get all of the press?
- Xen and KVM, like other virtualization tools, can be used as part of a comprehensive datacenter architecture. One of the most important value propositions offered by both of these tools is low initial cost (read "free"). Depending upon the implementation (Citrix, Red Hat, SUSE, Virtual Iron, Oracle, Sun, Qumranet, etc.)...
- Tags: Red Hat Inc., Xen, VMware Inc., Microsoft Corp., Tool, Comprehension, Productivity, Data Centers, Open Source, Storage, Hardware, Data Management, Dan Kusnetzky
- Blog posts 2008-07-25
- Mossberg: MobileMe Is Far Too Flawed To Be Reliable
- Mossberg: MobileMe Is Far Too Flawed To Be ReliableWow, you know it is bad when...You know it is bad when one of your most fervent fanboys tells you to stay away from an Apple service![i]The planned iDisk File Sharing featured was delayed[/i]More vaporware from Apple. Sounds like once again, they've...
- Tags: Desktops, Groupware, MobileMe, Mossberg
- Discussion threads 2008-07-24
- Firefly flyPhone (blue)
- Though cell phones for youth came into vogue two years ago, it wasn't long before they fell out of favor. While some parents liked the idea behind simple handsets such as the LG Migo and the Enfora TicTalk, many children weren't so impressed. They wanted more features for playground comparisons,...
- Tags: Cellular phones, display, Firefly flyPhone, Firefly, phone, cell phone
- Product reviews 2008-07-23
- Toshiba Satellite L305-S5875
- Editors' note: This review is part of our Back-to-School 2008 roundup, covering specific configurations of popular laptops that can be found in retail stores.The Toshiba Satellite L305-S5875 is a thoroughly average, entry-level laptop. It wasn't too long ago that an average, entry-level laptop meant one that was underpowered and shabbily...
- Tags: Notebooks, Toshiba Corp., Toshiba Satellite, Toshiba Satellite L305-S5875, laptop computer
- Product reviews 2008-07-23
- Free the XBOX 360!!!
- Free the XBOX 360!!!"Microsoft-approved"Why shouldn't Microsoft be concerned with the performance of software on XBox?Quoting:Microsoft makes both the hardware and software, and the environment is tightly controlled - only Microsoft-approved software need apply. [End quote]Vista shows that a product's reputation can be affected by the uninterest or mistakes of third...
- Tags: Game players, Games, Microsoft Xbox, Microsoft Corp., game, console
- Discussion threads 2008-07-23
- Ultimate Ears Triple.fi 10 Pro - headphones
- Ultimate Ears has been a familiar name to musicians and other audio professionals for a decade, but in the past few years, the company has churned out a variety of headphones for several consumer lines that range in affordability. Earphones in its Metro.fi, Super.fi, and Triple.fi lines have gained a...
- Tags: aperture, Y-cable, Ultimate Ears, Triple.fi 10, ear piece, headphone
- Product reviews 2008-07-22
- << Previous
- page 1 of 1
- Next >>
White Papers and Webcasts
Randy Nystrom, an IT systems engineer at Intel, shows how vPro saves time and money by diagnosing PC problems remotely. (1 of 4 new videos with Intel engineers on ZDNet).
The Cisco Mobility Resource Center offers FREE videos, downloads, podcasts and more, all designed to help small and medium businesses get mobile connectivity solutions, improve productivity and drive sales and revenue.
