funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re[2]: Microsoft: Rootkits and Blaster

From: Pierre Vandevenne <pierre () datarescue com>
Date: Tue, 6 Dec 2005 21:27:26 +0100
Good Day,

Tuesday, December 6, 2005, 8:33:14 PM, you wrote:

BB> Dude VanWinkle wrote:

you would have to load first in order to beat a good rootkit right?
Windows Update Service is hardly ring 0, or am I totally off my
rocker?


BB> For a perfectly complete and flawless rootket, yes.  In practice, 
BB> whoever wrote their code second, wins.

Precisely! How tolerant are we going to be about what fits a "rootkit"
definition? How tolerant are we going to be about the performance of a
"rootkit detection & removal tool"?

Or, is "rootkit" going to be as popular with techies as "terrorist" is
with politicians? Through the coloured prism of my perception any
person I disagree with is a "terrorist" and any program I wouldn't want
to run on my computer if I were fully informed becomes a "rootkit"...

-- 
Best regards,
 Pierre                            mailto:pierre () datarescue com

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: