Boot Sector Viruses & Rootkits Poised For Comeback
Ant writes "Ars Technica says Panda Labs' first quarter 2008 malware report raises a new concern, though it comes from a surprising direction. According to the company, boot sector viruses loaded with rootkits are poised to make a comeback. This honestly sounds a bit odd, considering how long it has been since a boot virus has topped the malware charts, but it's at least theoretically possible (pdf). Such viruses have a simple method of operation. The virus copies itself into the Master Boot Record (MBR) of a hard drive, and rewrites the actual MBR data in a different section of the drive. The report also covers a number of other topics and makes predictions about the types of attacks computer users may see in the future. Forecasting these trends is always tricky."
A danger to be alert to is the possibility of viruses and rootkits that ship with the computer. Consider that most computers have a lot of parts made in China; suppose the Chinese government decides it's going to slip something into your BIOS? That is a major issue for national security, and it's not just speculation; I've seen test viruses that sit in the BIOS and do a SUID root on a specific file in /tmp on every bootup. EFI is just as vulnerable, because it's basically a complete Unix-like OS just for booting.
Klingon programs don't timeshare, they battle for supremacy.