Slashdot Mirror


DARPA Funded Startup to 'Bird-Dog' Rootkits

Ski_Bird writes "DARPA is funding a startup the supposedly has a unique approach to detect rootkits. The startup, Komoku, is ready to 'emerge from stealth mode with hardware and software-based technologies to fight the rapid spread of malicious rootkits.' They have a PCI card that doesn't necessarily determine that a rootkit is installed, only that the O/S has changed dramatically enough to warrant investigation. Microsoft, however, demonstrated a rootkit running in a virtual machine outside of the user's O/S workspace that made detection impossible."

6 of 124 comments (clear)

  1. Re:Hardware can't be fooled like the operating sys by Anonymous Coward · · Score: 5, Funny

    I'm more interested in what Sony has to say about this development.

  2. emerge? by Hack+Jandy · · Score: 4, Funny

    emerge from stealth mode

    For some reason I can't get this to work. I read the man pages but it seems like emerge doesn't have a stealth mode? Let me know if I am missing something here before i go back to Ubuntu.

    1. Re:emerge? by Godji · · Score: 1, Funny

      Oh cut it out, both stealth and mode are obviously package.mask-ed, ye bloody n00b!!! RTFM! Go back to whatever BSD you came from!

      l337 haxx0r hates n00bz!!!

      P.S. The next time you post attach 'emerge --info'.

  3. A lot of good it will do... (was:Notification) by Lead+Butthead · · Score: 3, Funny
    I'm a little curious as to how the card is going to notify the user the system may have been compromised. If it involves the host OS in any way (dialog box) it could be bypassed by the rootkit. Maybe an LED on the card will switch from green to red? How often are you going to remember to check it?
    A lot of good it will do if it's triggered everytime Microsoft releases a "security update."
    --
    ELOI, ELOI, LAMA SABACHTHANI!?
  4. Re:Government Rootkit by davidsyes · · Score: 2, Funny

    Just last week I was (re)wondering whether or not all our provided/purchased cable-modems are under a national security order to be "backdoorable". Hell, the telcos have been in bed with the government for maybe all of their existence, at least the past 20 years, I suppose.

    Then, I started pondering... "Hmmm... if Slashdot itself is a government DARPA project....to weed out targettable, unloyal, unsavor engineers and geeks..."

    --
    Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
  5. Windows... by XMilkProject · · Score: 3, Funny

    Microsoft, however, demonstrated a rootkit running in a virtual machine outside of the user's O/S workspace that made detection impossible.

    Windows: It's so insecure, not even DARPA can stop it.

    (it's funny... laugh)

    --
    Big ones, small ones, some as big as yer 'ead!
    Give 'em a twist, a flick o' the wrist...