VBootkit Bypasses Vista's Code Signing
An anonymous reader writes "At the Black Hat Conference in Amsterdam, security experts from India demonstrated a special boot loader that gets around Vista's code-signing mechanisms. Indian security experts Nitin and Vipin Kumar of NV labs have developed a program called the VBootkit that launches from a CD and boots Vista, making on-the-fly changes in memory and in files being read. In a demonstration, the 'boot kit' managed to run with kernel privileges and issue system rights to a CMD shell when running on Vista, even without a Microsoft signature. The demo was run on Vista RC2. The researchers say the only reason they didn't do it on Vista final was cost. Schneier blogged the exploit."
isn't it ironic that even hackers don't like the high cost of MS software?
FTFA: "The researchers say the only reason they didn't do it on Vista final was cost."
Support NYCountryLawyer RIAA vs People
Windows Genuine Rootkit Advantage
Roots for Sure
Clippy Boot: "You seem to be wanting to run as Admin, can I help?"
C'mon folks help me out!
Engineering is the art of compromise.
Of course, it will be one of those that relies on a code of honor:
"This is the Windows Vista Boot Sector Virus kit. Please burn this ISO to a CD and boot your computer with it."
Fortunately I'm sure Vista (and hell, even the BIOS) guard the boot sector like it's fort knox.
No problem. We just send a flying circus over the BIOS, dump some VX gas on it, then march in with the industrial laser. Then we cut a hole, drop the virus in and, BOOM! Instant instability.
This is assuming, of course, Vista hasn't seduced the leader of the flying circus by this point, at which case the whole plan's shot to hell.
- VBootKit bitch slaps VISTA
- Animated cursor panic/fix
- EMI/Apple DRM shun ropa-dopes WMA
- XBox Elite HD-DVD chokes on popular title
- XBox Elite HDMI only v1.2
- Class action suit for bait/switch 'VISTA Ready' claims
Can't wait to see how the rest of the week plays out....hehehehehHi, I'm a Mac...
...and I'm whatever the Russian mob wants me to be.
When I first read your remark, I thought you said it cost too much memory to run Vista. That seems to make a lot of sense.
Cost of OS - $120
Price of extra gig of memory - $80
Look on Ballmer's face when Windows gets rooted - priceless!
Interpretations of Alanis's Song "Ironic", 1) She didn't know the meaning of the word and the song's examples prove it. 2) She did know the meaning of the word and she consistently came up with examples that weren't ironic. Naming the song ironic would then be quite ironic. There's no real evidence either way. She said in an interview that it's (2) so I guess it's all to do with whether you believe her.
-Docvert converts MSWord to OpenDocument, clean HTML
Sounds like the moral is that the media companies will end up demanding hardware we will have to hack just to run linux. In the meantime Vista gives us a break to prepare for that because it will be some months before it becomes clear Vista doesn't really protect content and some years for Microsoft and the manufacturers to come up with an even more draconian PC.
The researchers say the only reason they didn't do it on Vista final was cost
These researchers should have been the ones who must have received those free Vista pre-loaded Acer Ferrari laptops.