Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

Intel turning to hardware for rootkit detection

From: ljknews at mac.com (ljknews)
Date: Tue, 13 Dec 2005 11:38:19 -0500
At 10:54 AM -0500 12/13/05, Kenneth R. van Wyk wrote:

FYI, eWeek has an interesting article on Intel's "System Integrity Services," 
which aims to add hardware level protection against rootkits.  Now, it seems 
to me that they're bundling all sorts of nasty critters in with their 
definition of "rootkit" but it's worth reading, IMHO.  

The detection mechanism seems to primarily be looking primarily for non-OS 
software modifying OS inhabited memory blocks.  Wonder how they're definining 
(and maintaining the definition) of each...  I also wonder how it'll impact 
near-OS software installations like, say, device drivers, authentication 
plug-ins, and other things that need to poke pretty deeply into the OS in 
order to install.

Anyway, here's a URL to the article.

http://www.eweek.com/article2/0,1895,1900533,00.asp


Gee this sounds just like virus wars, using add-on products to make
up for weakness in the operating system.

A reliable operating system would not permit such modifications in
the first place
-- 
Larry Kilgallen
Previous By Date Next
Previous By Thread Next

Current thread: