VBootkit Bypasses Vista's Code Signing
An anonymous reader writes "At the Black Hat Conference in Amsterdam, security experts from India demonstrated a special boot loader that gets around Vista's code-signing mechanisms. Indian security experts Nitin and Vipin Kumar of NV labs have developed a program called the VBootkit that launches from a CD and boots Vista, making on-the-fly changes in memory and in files being read. In a demonstration, the 'boot kit' managed to run with kernel privileges and issue system rights to a CMD shell when running on Vista, even without a Microsoft signature. The demo was run on Vista RC2. The researchers say the only reason they didn't do it on Vista final was cost. Schneier blogged the exploit."
isn't it ironic that even hackers don't like the high cost of MS software?
FTFA: "The researchers say the only reason they didn't do it on Vista final was cost."
Support NYCountryLawyer RIAA vs People
Windows Genuine Rootkit Advantage
Roots for Sure
Clippy Boot: "You seem to be wanting to run as Admin, can I help?"
C'mon folks help me out!
Engineering is the art of compromise.
Of course, it will be one of those that relies on a code of honor:
"This is the Windows Vista Boot Sector Virus kit. Please burn this ISO to a CD and boot your computer with it."
Fortunately I'm sure Vista (and hell, even the BIOS) guard the boot sector like it's fort knox.
No problem. We just send a flying circus over the BIOS, dump some VX gas on it, then march in with the industrial laser. Then we cut a hole, drop the virus in and, BOOM! Instant instability.
This is assuming, of course, Vista hasn't seduced the leader of the flying circus by this point, at which case the whole plan's shot to hell.
- VBootKit bitch slaps VISTA
- Animated cursor panic/fix
- EMI/Apple DRM shun ropa-dopes WMA
- XBox Elite HD-DVD chokes on popular title
- XBox Elite HDMI only v1.2
- Class action suit for bait/switch 'VISTA Ready' claims
Can't wait to see how the rest of the week plays out....hehehehehInterpretations of Alanis's Song "Ironic", 1) She didn't know the meaning of the word and the song's examples prove it. 2) She did know the meaning of the word and she consistently came up with examples that weren't ironic. Naming the song ironic would then be quite ironic. There's no real evidence either way. She said in an interview that it's (2) so I guess it's all to do with whether you believe her.
-Docvert converts MSWord to OpenDocument, clean HTML