funsec mailing list archives
Re: Intel gets into AV?
From: James Kehl <shykta () dione ids pl>
Date: Sat, 29 Apr 2006 09:01:03 +0200 (CEST)
On Thu, 27 Apr 2006, Dude VanWinkle wrote:
http://www.eweek.com/article2/0,1759,1954175,00.asp?kc=EWRSS03119TX1K0000594
[snip]
This cant turn out well IMO
To some extent, better virtualization support will help VM rootkits more than it helps protect against them. When, exactly, is it necessary to convince an app in a VM that it isn't running in a VM? Malcode analysis, yes, and...? While 'red pills' work, it's still feasible to spot the subversion from the inside. Plus, what are the chances of home PCs shipping with this stuff turned on and configured sensibly? :) J _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Intel gets into AV? Dude VanWinkle (Apr 27)
- Re: Intel gets into AV? Nervox Nervox (Apr 27)
- Re: Intel gets into AV? Valdis . Kletnieks (Apr 28)
- Re: Intel gets into AV? Nervox Nervox (Apr 28)
- Re: Intel gets into AV? Valdis . Kletnieks (Apr 28)
- Re: Intel gets into AV? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 28)
- Re: Intel gets into AV? James Kehl (Apr 29)
- <Possible follow-ups>
- RE: Intel gets into AV? Justin Polazzo (Apr 28)
- Re: Intel gets into AV? Nervox Nervox (Apr 27)