Slashdot Mirror


Microsoft Warns of Impossible to Clean Spyware

darkjedi521 writes "The Inquirer has a story that the next generation of Windows spyware and exploits are starting to make use of "kernel rootkits". A paper at Microsoft Research has details on a prototype detection tool. Computerworld has more details, as well." From the article: "Newer rootkits can intercept system calls that are passed to the kernel and filter out queries generated by the software. This makes them invisible to administrators and to detection tools..."

12 of 813 comments (clear)

  1. Impossible commands... by inertia187 · · Score: 3, Funny
    Wow, Microsoft must think this command is impossible:
    A:\> format C: /AUTOTEST
    --
    A programmer is a machine for converting coffee into code.
  2. This isn't really a problem by ChuckleBug · · Score: 4, Funny

    There's a very simple SOP for Windows users that will completely eliminate the need for a fix:

    1. Buy new PC
    2. DO NOT PLUG IN NETWORK CABLE
    3. Image drive to external storage wth Ghost or the like
    4. Unplug external storage
    5. Plug in network cable
    6. Connect to Internet. Save any info needed for storage.
    7. Unplug network cable
    8. Print all info obtained in step 6
    9. Plug external storage back in
    10. Restore image made in step 3
    11. File hardcopies in cabinet
    12. Knock back 3 or more shots of your favorite liquor
    13. Unplug network cable
    14. Return to step 3 for new Internet sessions

    What could be simpler?

    1. Re:This isn't really a problem by ChuckleBug · · Score: 3, Funny

      Yeah. You got me. I typoed "unplug" when I meant "plug in." You win. I'm deeply ashamed. I wish you a wonderful weekend celebrating your decicive victory here today. Kudos.

    2. Re:This isn't really a problem by uberdave · · Score: 4, Funny
      1. Knock back 3 or more shots of your favorite liquor
      2. Buy new PC
      3. DO NOT PLUG IN NETWORK CABLE
      4. Image drive to external storage wth Ghost or the like
      5. Come to the realization that you don't have external storage
      6. Knock back 3 more shots of your favorite liquor
      7. Buy some external storage
      8. Plug in network cable
      9. Connect to Internet. Save any info needed for storage
      10. Unplug network cable
      11. Print all info obtained
      12. Plug external storage back in
      13. What the...?! Where did this spyware come from?
      14. Realize you screwed up the install
      15. Knock back 3 or more shots of your favorite liquor
      16. Search for the install disks
      17. Realize that the computer didn't come with Windows CD
      18. Knock back 3 or more shots of your favorite liquor
      19. Screw it! Download Gentoo
  3. They should know by Realistic_Dragon · · Score: 5, Funny

    They are the ones who made it impossible to delete Internet Exploiter after all.

    --
    Beep beep.
  4. Still behind the times by SeanTobin · · Score: 4, Funny

    Well, at least Windows is catching up. We've had rootkits on linux forever! :)

    --
    Karma: SELECT `karma` FROM `users` WHERE `userid`=138474;
  5. Just do what UNIX people do by temojen · · Score: 3, Funny

    Boot a clean kernel from removeable, non-writeable media (closed-session CD or write-protected floppy) when doing the rootkit detection. (some details are left to the reader as an exercise)

  6. Dark horse anti-spyware apps: by mrchaotica · · Score: 4, Funny
    • Linux
    • Mac OS X
    • BSD
    --

    "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz

  7. So? by ViceClown · · Score: 3, Funny

    Big deal! Linux has had this for like... ever now!

    Oh wait... ;-)

    --
    Have a Happy.
  8. Sheesh! by Thud457 · · Score: 3, Funny

    Why do these people compile and install trojan software? Don't they do a code review before installation?

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  9. GHOSTBUSTERS! by d_jedi · · Score: 4, Funny

    Damn.. now I'm going to have that theme song in my head all day.. :->


    When there's something weird,
    and it don't look good
    Who ya gonna call?
    MI-CRO-SOFT??! (Wait..)

    --
    I am the maverick of Slashdot
  10. Re:Unpossible to Clean SpyWare? by Anonymous Coward · · Score: 5, Funny

    Macs are magic! Don't you read Slashdot?