Scientists Unveil Lightweight Rootkit Protection

DangerFace writes "Scientists are set to unveil a lightweight system they say makes an operating system significantly more resistant to rootkits without degrading its performance. The hypervisor-based system is dubbed HookSafe, and it works by relocating kernel hooks in a guest OS to a dedicated page-aligned memory space that's tightly locked down. The team installed HookSafe on a machine running Ubuntu 8.04, and found the system successfully prevented nine real-world rootkits targeting that platform from installing or hiding themselves. The program was able to achieve that protection with only a 6 percent reduction in performance benchmarks."

_only_ a 6-percent reduction?

Hey everyone,

Please give give me _only_ 6% of your salaries and I'll sit on top your debit card. Note: no hard guarantee that someone (ex-partner etc) will not find a way to undermine my postion and deprive you of your full salary.