Rutkowska Faces 'Blue Pill' Rootkit Challenge

Controll3r writes "Three high-profile security researchers — Thomas Ptacek of Matasano Security, Nate Lawson of Root Labs and Symantec's Peter Ferrie — have issued a challenge to Joanna Rutkowska to prove that her 'Blue Pill' technology can create "100 percent undetectable" malware. The Black Hat 2007 challenge will feature two untouched laptops of the make/model of Rutkowska's choosing for her to plant Blue Pill on one. From the article: 'She picks one in secret, installs her kit, sets them up however she wants,' Lawson explained in an interview. 'We get to install our software on both and run it, [and] we point out which machine [Blue Pill] is on. If we're wrong, she keeps the laptop.' No word on whether Rutkowska will accept the challenge."

More Laptops

[stinerman]

So they have a 50/50 shot of getting it right. How about something more along the lines of 10 laptops? And then they have to say what tipped them off.

Re:More Laptops

[jonnythan]

Rutkowska already thought of that (as well as a couple of other things):

http://theinvisiblethings.blogspot.com/

"First, we believe that 2 machines are definitely not enough, because the chance of correct guess, using a completely random (read: unreliable) detection method is 50%. Thus we think that the reasonable number is 5 machines."

She then goes on to detail how at least one but no more than four of the machines are infected and that the detection method must be automatic and return only "infected" or "not infected" as output.

There are some other details she proposes, some of which are head-scratchers such as "The detector can not consume significant amount of CPU time (say > 90%) for more then, say 1 sec."

Whole thing sounds pretty interesting though :)

Re:More Laptops

[jonnythan]

From the comments section, Nate Lawson has posted his response to Joanna:

http://rdist.root.org/2007/06/28/undetectable-hype rvisor-rootkit-challenge/

Re:More Laptops

[Billosaur]

I think this calls for a double-blind experiment with a larger sample size, say 20 laptops. 10 laptops are held out and left untouched; the other ten will either be infected with Blue Pill or not based on a random coin flip. Then it would not just be a question of detecting it, but detecting it to a sufficient degree to put it beyond chance. A 50-50 shot is just too high to be regarded as accurate.

Re:More Laptops

[Smidge204]

The counter-requirements sound suspiciously lopsided to reduce the chance of detection.

In summary:

-Multiple machines. Fine.

-"bluepill.exe and bluepill.sys" wil be installed on ALL machines. Okay, I guess they don't want them to just check the drive's free space to see if extra files were added?

-ALL machines will have the driver loaded, but not necessarily be "infected". Is that a reasonable condition for a rootkit "in the wild"? If the rootkit is doing it's job you shouldn't be able to detect the driver being loaded in the first place.

-Detector.exe must be completely autonomous and return only a single flag value to indicate infection. This sounds like a completely unreasonable requirement, since even rudamentary human review of the results is a realistic real-world scenario.

-The detector can not cause system crash or halt the machine. I fail to see why this would be a requirement, unless you argue that whatever system that might be tested is mission critical and can't afford ANY unplanned downtime... unexpected crashes are bad, but shouldn't be an instant-lose condition.

-The detector can not consume significant amount of CPU time. Why not? If the user is scanning for a rootkit, they probably understand it's a fairly serious issue and should be willing to devote resources to it. Inconvenient? Sure, but again not a condition of failure.

-Compensation for working on the project. I can understand this, but really... even if Blue Pill fails to stay hidden, they "win" 6 months of full employment with no repercussions for failure to deliver a working project other than bad reputation.

Basically, it sounds to me that they aren't really claiming Blue Pill is "undetectable" - only that it is undetectable by one-click idiot-proof software that is run under conditions unlikely to be seen in the wild. I see no reason why the detection team would be prevented from using a boot CD to examine the contents of the hard drive, for example, perhaps even loading their OWN virtual machine to virtualize the malware-infected system and monitor for suspicious activity. I see it as completely fair game.
=Smidge=

Re:More Laptops

[joebok]

Rutkowska should also think about the reward: "If we're wrong, she keeps the laptop." Who the hell wants a laptop infected with undetectable malware?

Re:More Laptops

[DamnStupidElf]

It's straightforward to detect *any* malware in this setup. If the hosts of the challenge can't find it, they deserve to lose more than just a laptop.

Step one: Pull the BIOS chips or stick a reader on them. Compare the images between the two laptops. Obviously flash them to the same revision beforehand.

Step two: Pull the hard disks and diff them in another system.

Step three: If the BIOS images are the same on the first two computers, put the drives in new computers of the same model and ask the rootkit to be demonstrated there. This step may be heating, since the contest was apparently only about two computers.

Step one covers BIOS rootkits, step two covers hard disk rootkits, and step three covers the (slightly) less likely case that the contestant will pick a model of laptop or hard disk with some other easily flashable device that can be used to store the rootkit. If the hard disk controller or hard disk itself can be flashed, it would be trivial to make it return a sector from some kernel driver with a rootkit installed only when a certain sequence of other reads have occurred since poweron. Just hash each read request, and only return the rootkit sector if the hash matches a certain value when the sector is read, and then don't return the rootkit version any more. It would just require one boot (with modified firmware) to discover the hash of sectors read by the BIOS and operating system as it boots, and then set the hash in the firmware and leave it. To discover such a hack, the people running the challenge would have to do basically the same thing, patch some firmware or load their own boot sector hack that recorded the exact sequence of reads from a boot, and then hotplug the rootkitted disk to trigger a poweron event and then play the sequence of reads (and any writes) back to the disk, possibly with the same timing, in order to discover the actual rootkit. They could also just read the firmware off the disk and try to debug it, or at least compare it to the firmware of a good drive, but both approaches require a pretty deep knowledge of the hardware and software being used, which gives the contestant an advantage.

There are almost certainly other random flashable devices laying around, especially on laptops, and any of these could be used in combination with a driver bug or some other "feature" to take over the computer. Since the contestant can pick the hardware, this is a distinct possibility. The only way to detect such a rootkit would be to load a higher level rootkit which can be prevented if the original rootkit virtualizes the entire system, but in that case it's probably quite vulerable to timing attacks to detect its presence. I think the hosts of the challenge can ultimately win, but they may spend quite a few hours on it. If they're sneaky, they'll just put their own rootkit on the laptops to begin with and record all the challenger's actions.

Re:More Laptops

[dgatwood]

There's another reason for not consuming huge amounts of CPU. The reason is fairly obvious once you think about it hard enough.

The simple test for a rootkit that puts the computer into a virtual machine (I'm assuming that's happening here) is to test for the performance impact of a VM. If you monopolize the CPU (disable interrupts to prevent anything else from being scheduled, etc.) and run some complex processing for several seconds, you would be able to easily detect the difference in time needed to complete the operation (assuming that all of the computers are otherwise configured identically).

Such a test, while workable in theory, is not workable in real-world practical use, and thus should not be allowed. Putting a time limit on detection prevents such theory-only tests from succeeding. The same for other impractical tests like scanning the entire surface of the disk for signatures, doing comparisons of expected versus actual disk I/O performance to look for virtualized hard drives, etc.

Re:More Laptops

[Aldur42]

I was under the impression that a rootkit was only supposed to be undetectable from _within_ the system. i.e. Overwriting ls with your version that hides your secret malicious files. Pulling out hard drives and placing them inside of other systems would not be a reasonable method of rootkit detection.

Re:More Laptops

[maxwell+demon]

Well, it's undetectable for software not knowing what to search for. It's of course detectable by the author of the root kit, and I'm sure a requirement will be to demonstrate that the computer really is infected, otherwise she could simply infect none, and then simply decide which ones are "infected" after the fact.

If there's no such requirement of proof, I'll happily offer a test of my completely undetectable root kit. And I'll not even demand the source of the detector program (I'll also not offer mine). :-)

Re:More Laptops

[AndrewHowe]

I'm in ur reformat command, virtualizing ur operations

Re:More Laptops

[aethogamous]

The reason is fairly obvious once you think about it hard enough.

I think everything is fairly obvious once you think about it hard enough ...

Re:More Laptops

[rtb61]

That test model is still not correct. What has to happen is that every laptop has to have the contents of it's hard disk drive changed after the test has commenced. It should reflect the real world, there are not identical laptops in real world usage. I mean anybody can do the check they are talking about, simply pull out the hard drives and do a bit by bit comparison, big deal. A real world test reflects that the laptops are running different software and different configurations and have different data stored. Ideally it should be done on PCs where you also have different hardware and drivers.

c'mon...

[cosmocain]

...a 50 percent chance? do that with about 30 laptops to rule out that the infected laptop is picked by pure luck. ;)

Cunning Plan

[sam_paris]

She should say she installed it when in actual fact she didn't...
 
Then snigger while these guys spend hours scratching their huge domed craniums wondering how she did it.

How to win the challenge

[pickyouupatnine]

Don't install root-kit on either one! ;) No seriously now, if all she was allowed to do was touch one of them.. and both laptops had the same exact everything else, then it should be simple to find ANYTHING that was added to either one. But maybe I'm being naive.

Re:How to win the challenge

[Overzeetop]

That was my thought, too.

I think they should have her set it up, then give the two laptops to a pair of teenage girls for 3 weeks with $300 to spend on any software they choose and an unencumbered internet connection. Then have them search the two. Think of it as two decks of cards, but shuffling them before you try to find the differences.

Re:How to win the challenge

[ikioi]

"...it should be simple to find ANYTHING that was added to either one."

While it might not always have been simple, it was at least in theory possible to find anything installed on a computer prior to hardware virtualization technologies being introduced. The crux of this new challenge is that the newer chips from Intel and AMD have support for cpu-based virtualization. In other words, they implemeted some of the hard parts of VMWare in the processor itself.

With one of these newer processors, the host operating system on a machine can prepare one of the CPU for a guest operating system to run in a virtual session. When the guest operating system issues an interrupt to interact with hardware, say to read a block off of the hard drive, then the processor would let the host operating system handle the request transparently to the guest operating system rather than letting the hardware itself process the request. This means that if someone could install a malicious virus in the place of the host operating system and have it run your OS as the guest operating system, then it should, in theory, be impossible for your guest operating system to detect the virus.

Perhaps another way of stating it is that the virus isn't actually added to the "machine" that the operating system runs in; the virus is actually added to a host machine outside of the one the operating system runs in. This is why this type of attack is referred to as a "blue pill" attack. That name references the premise of the Matrix movies where the world that people thought they lived in was just a virtual world being hosted by a malicious "host world" in which other entities were taking advantage of the humans in the virtual world without their knowledge.

Re:How to win the challenge

[Hoi+Polloi]

Make sure it is girls though. If you give it to a pair of teenage boys by the end it'll be full of porn and chat logs filled with "FAG!" comments.

Actually, this is good for the white hats.....

[Col.+Blackwolf]

She installs Blue Pill, and if they detect it, great. If not, she has to show them it's there to prove they missed it, and they get a clue how to find it.

Either way, they can come out ahead here...

Obvious Request I Can Think Of

[eldavojohn]

"If she has any particular requests, we'll almost certainly grant them," he added. To be successful, I can think of a couple requests. One would just be to have more than one other non-infected computer. I could do nothing to the computers and randomly pick one, thus being right. I suppose that's obvious though. Maybe have several trial runs.

Another obvious thing I would request is that different services software be installed (and running) on the laptops. Like maybe put MySql on one running as a service and PostGres on the other. That way they can't do something as ridiculously simple like a memory or CPU profiler to find out which one is using up (all beit small) more CPU resources & memory. That seems to be the strategy of the challenging team:

Matasano's Ptacek, who has spent a lot of time studying Rutkowska's work, said the challenge team will compare the behavior of the system to known norms to find the presence of Blue Pill. But how many times do you approach a computer that's infected & have all the behaviors of that machine mapped out? I think the real world answer to that is never. So perhaps the name of the "100% undetectable rootkit" will have to be "100% undetectable in the wild rootkit" since most of us have software on our machines (hell, even World of Warcraft did this) and not even us (the people who installed it) can adequately predict what its going to do. I guess one could always make a rootkit that (given the priviledges) targets a host process deep within a host tree and inserts itself into it. You CPU scheduler would simply be running a thread of a trusted set of processes but unless you had a behavior/benchmark for each process of that tree, you'd be hard pressed to figure out it is host to a virus. That said, I think it's entirely possible to create a nearly 100% undetectable rootkit as long as there are unknown & unprofiled processes running on that machine at the time. Just one more reason to only use open source, I guess!

Re:Obvious Request I Can Think Of

[SanityInAnarchy]

Another obvious thing I would request is that different services software be installed (and running) on the laptops. Like maybe put MySql on one running as a service and PostGres on the other.

Better yet: Let each laptop (out of maybe 20 or so, instead of just two) be used by someone for maybe a few days or a week leading up to the test. Rutkowska is the only one allowed to (deliberately) install a rootkit, or any kind of malware, but everyone else is allowed to do pretty much whatever they want. Then, let them sort out which ones have rootkits, and specifically, which one was Blue Pill.

But how many times do you approach a computer that's infected & have all the behaviors of that machine mapped out? I think the real world answer to that is never.

At least, not completely. I suspect they might still be able to figure it out, but the test could at least be made fair.

Then again, I suspect that this test was created more because many people, myself included, find that "100%" anything in security leaves a bad taste in our mouths. I admit that there's pretty much no chance anyone would be able to detect her rootkit. However, a completely unfair test (in which you can simply do a full-drive checksum from a boot CD) is all that's needed to prove it's not "100%".

Just one more reason to only use open source, I guess!

While I agree, sort of, this doesn't really make sense for the reasons you said. Unless you have a behavior/benchmark for each process on ANY system, you can't know that there isn't some infected process somewhere -- this has nothing to do with it being proprietary. I tend to suspect that open source would make it less likely for malware to get on the system in the first place, and less likely for it to get elevated to a level where a really good rootkit is possible (although I admit, most of us would probably be fooled by any rootkit), but that is only because I tend to suspect that open source is generally more secure overall.

And sendmail proves that it isn't, always.

The availability of source code, if anything, probably increases the vulnerability of the system to a really, really hard-to-detect rootkit. After all, the rootkit could recompile your kernel.

I do think you should use open source, and I do think malware is a reason, but I don't think rootkits are any less likely to happen than any other kind of malware on an open source system. Don't forget, "rootkit" is a term from the UNIX world.

not a fair test

[waspleg]

this is clearly not a fair test, no one installs rootkits on virgin installs, also giving a small set of laptops means they have a much larger chance of just guessing which one even if they're wrong from their analysis, and if the rootkit is the only thing that is on it besides an OS how hard would that be to find? look at the file access dates? with no other software installed this should be trivially easy to find.

now if they wanted to test on an E-machine .. which already comes pre-loaded with malware to wehre they'd have to actually look for blue pill code.. that might be a little more balanced and realistic since virtually all consumer pc's have some form of virus or malware as people have no clue what it is or what it does and they like their animated mouse icon even if it's stealing their CC#'s for african nationals.

Re:not a fair test

[tqbf]

If Joanna wants to stipulate that we pick Blue Pill out of a morass of pre-installed kernel and userland rootkits, we would of course agree to that term. Neither Joanna's team nor ours seems to think that's a meaningful addition to the test. Like the Vitriol rootkit Dino Dai Zovi wrote for Matasano last year, Joanna's rootkit lives in a special slice of memory inside of a special execution context carved out by the hardware. It is unlike any other X86 rootkit in how it intercepts control of the platform and how it stays resident.

Installing a bunch of crappy malware alongside something as slick as Blue Pill is very much the same as trying to hide a Ferarri in a junkyard lot filled with rusted out Chevy Novas. But, by all means, if Joanna wants to add meaningless obstacles --- let nobody say we allowed those obstacles to impede science!

Timing Analysis

[kmsigel]

I saw her talk at BH last year and thought it was very interesting. When it came to detection, however, she waved her hands a bit and claimed that a hypervisor could always alter anything in the PC that had to do with timing so that the OS would always think that the "normal" amount of time had passed for whatever operation it might be trying to time. The idea is that an instruction that the hypervisor intercepts will take longer than the native instruction, and you can detect that. The obvious way to do this is to use the RDTSC (read time stamp counter) instruction, which gives you CPU clock speed precision. The hypervisor can, however, change what the RDTSC instruction returns and therefore makes this timing method useless.

There are many other sources of timing information in a computer. Serial ports, parallel ports, USB ports, ethernet ports, IO space reads and writes, disk operations, the RTC (real-time clock), etc. I haven't thought too hard about using any of these things in particular, but I would be very surprised if a hypervisor could alter the behavior of all of these things in such a way that they couldn't be used as an alternate source of timing information when determining if an instruction you suspect is being intercepted is taking "too long" or not.

Given 2 identicle computers

[jshriverWVU]

Possible solutions:

1. create dd dumps of both drives and run diffs on the images. Added benefit of also seeing if any lower level filesystem stuff was changed and not just files.

2. find / -type f -exec md5sum {} \; compare md5sums to find which files are different. Though this will cause a problem with storing the md5, maybe use a ram drive or exclude /media or /mnt.

Ob Princess Bride

[The_Wilschon]

"You guessed wrong."
"You only think we guessed wrong. That's what's so funny! We switched laptops when your back was turned! Ha ha! You fool! You fell victim to one of the classic blunders! The most famous is never get involved in a land war in Asia, but only slightly less well-known is this: never go in against three high-profile security researchers when a laptop is on the line! Ahahahahaha! Ahahahaha! Ahaha-"
"And to think, all that time it was your laptop that had malware."
"They both had malware. I spent the last few years building up an immunity to blue pills."

Re:Ob Princess Bride

[Dachannien]

I spent the last few years building up an immunity to blue pills.

You're going to regret that decision in another thirty years.

The State Of The Challenge So Far

[tqbf]

Helu. I'm Thomas Ptacek, one of the four challenge team members --- Slashdot left out Dino Dai Zovi, who kicked this off by writing a virtualized rootkit at Matasano last year.

Joanna has responded to our challenge. We invited her to stipulate any terms she deemed reasonable. She proferred:

• Five (5) laptops instead of two (2), as a defense against lucky guessing.
• We can't crash the machines in the process of testing.
• We can't spike the CPU on the machine for more than one (1) second.
• We have to open source our detector, and she'll open source her rootkit.
• We have to arrange to have her paid between $384,000 and $416,000, and wait six months.

You can probably predict our response.

Here's where it stands: all parties agree that by Black Hat '07, Blue Pill will not be in a state where it is hard to detect. Our detection techniques are likely to detect Blue Pill at Black Hat. Blue Pill requires six months of engineering time to get to a state where Joanna is confident that we can't detect it.

Here's why you care: a few weeks ago, Microsoft decided that Vista Home would not allow virtualization, in part because of the threat of virtualized malware. To the best of our knowledge, there have been two (2) real hypervisor rootkits ever produced: Joanna's Blue Pill, and Matasano's Vitriol. Neither has ever been seen in the wild, because neither has been released to the public. Meanwhile, our team is preparing to demonstrate at Black Hat this year that hypervisor malware is actually even easier to detect than the kernel malware operating systems like Vista are already exposed to.

Joanna's Blue Pill work, along with all the rest of her work (check out this project, where she turns AMD security hardware against forensics devices), is top-notch. In a weird, secretive space like security, this is how science gets done. Joanna chooses a side: it's possible to make undetectable malware. We square off on the opposite side. Then we debate it using code, presentations, papers, and I guess Slashdot stories. Hopefully, in the end, we all learn something.

Hope this stays interesting for everyone. Thanks for paying attention!

Re:The State Of The Challenge So Far

[tqbf]

You should become a secure programmer, which is the rate she's working from. There aren't enough secure programmers to go around.

Virii and RootKits

[purduephotog]

I have been repairing computers for friends/coworkers for some time and Rootkits scare me. I run the MS tools, the blacklight, the A2Free, the hive comparators.... and pray that I'm not missing something. It's either that or re-install their OS, and since they come with DELL OEM licenses before Dell shipped CDs, that's a crapshoot.

The last machine I worked on actually had 'new' virii on them, which went off to AVira and Norton as a 'new' virus and was included in the next days updates. Insane.

My brother in law wants a new computer because he no longer trusts his disk - it's been infected so many times that he figures it's easier to get a new system (I've reimaged it several times to fix the problems). I keep pointing out that it only takes one infection to get ruin the new computer, but he's adamant ...

Why can't we just get along...

(and don't tell me to put Ubuntu on peoples laptops...)

A better strategy for Rutkowska

[igotmybfg]

If I were her, I would put Blue Pill on both machines. This has two advantages for her: First, the examiners' obvious strategy of comparing runtime aspects (CPU %, execution time, IO, etc) between the two machines fails, because now both machines incur the VM overhead penalty, and second, if the examiners pick out one of the machines as infected, she can 'prove' them wrong by showing the infection on the other one (given the contest rules of one clean machine, one infected machine). It's worth noting that that's not a real proof, because if the examiners really can deduce the presence of Blue Pill, then they could just show that both are infected. But this strategy definitely defeats the 'compare execution' plan that the examiners have said they are going to use.

Debunking Blue Pill myth

[mapkinase]

I found this useful:

Debunking Blue Pill myth

A Duck

[fogbrain99]

Just weigh the machines. The heavier one would have to have the extra files and stuff.

which means that

[commodoresloat]

the other laptop is a witch!

Drinking cocoa

[Tony]

A guy walks into a doctor's office. His right eye is bloody and bruised. "Doc," he says, "I've got a problem. Every time I drink cocoa at home, my eye hurts."

The doctor, shocked at the condition of his new patient's eye, runs a gamut of tests, ruling out allergies or other clinical issues. Thinking the issue may be psychosomatic, he sits his patient at a table on which rests a tin of cocoa mix, a thermos of hot water, a cup, and a spoon. He invites the gentleman to mix up the cocoa and take a sip.

The man pours hot water into the cup, and dumps in a couple of heaping spoonfuls of mix, using the spoon to mix vigorously. He then drinks from the cup, and immediately screams. Hastily placing the cup on the table, he clasps his hands to his eye.

"Interesting," the doctor proclaims. "Have you ever considered removing the spoon before drinking?"

(and don't tell me to put Ubuntu on peoples laptops...)

This seems to be a problem of your own making. If you refuse to remove the spoon, you will continue to hurt your eye.

Re:Rutkowska is such a babe.

[u38cg]

Really?

they should give her the software first

[anton_kg]

it's not clear if it's gonna be new software from Symantec or just the current version of antivirus.
If it's something new, they should give her a change to play with it first.

Re:The fact is

[itzac]

It is possible to circumvent any single method of detection. And it's even possible to circumvent circumvention detection. In the real world this would become an arms race: security experts would find a way to detect the root-kit, and the next one would be able to evade that method of detection. Eventually, however, the hypervisor would spend enough cycles evading detection that the user would get tired of his bogged down machine and would just reinstall the OS.

I don't disagree with her theory, but in practice it is difficult enough to achieve that it will probably never happen.