[SC-L] Intel turning to hardware for rootkit detection
Kenneth R. van Wyk
Ken at krvw.com
Tue Dec 13 10:54:46 EST 2005
FYI, eWeek has an interesting article on Intel's "System Integrity Services,"
which aims to add hardware level protection against rootkits. Now, it seems
to me that they're bundling all sorts of nasty critters in with their
definition of "rootkit" but it's worth reading, IMHO.
The detection mechanism seems to primarily be looking primarily for non-OS
software modifying OS inhabited memory blocks. Wonder how they're definining
(and maintaining the definition) of each... I also wonder how it'll impact
near-OS software installations like, say, device drivers, authentication
plug-ins, and other things that need to poke pretty deeply into the OS in
order to install.
Anyway, here's a URL to the article.
http://www.eweek.com/article2/0,1895,1900533,00.asp
Cheers,
Ken van Wyk
--
KRvW Associates, LLC
http://www.KRvW.com
More information about the SC-L
mailing list