[SC-L] Intel turning to hardware for rootkit detection
ljknews
ljknews at mac.com
Tue Dec 13 11:38:19 EST 2005
At 10:54 AM -0500 12/13/05, Kenneth R. van Wyk wrote:
> FYI, eWeek has an interesting article on Intel's "System Integrity Services,"
> which aims to add hardware level protection against rootkits. Now, it seems
> to me that they're bundling all sorts of nasty critters in with their
> definition of "rootkit" but it's worth reading, IMHO.
>
> The detection mechanism seems to primarily be looking primarily for non-OS
> software modifying OS inhabited memory blocks. Wonder how they're definining
> (and maintaining the definition) of each... I also wonder how it'll impact
> near-OS software installations like, say, device drivers, authentication
> plug-ins, and other things that need to poke pretty deeply into the OS in
> order to install.
>
> Anyway, here's a URL to the article.
>
> http://www.eweek.com/article2/0,1895,1900533,00.asp
Gee this sounds just like virus wars, using add-on products to make
up for weakness in the operating system.
A reliable operating system would not permit such modifications in
the first place
--
Larry Kilgallen
More information about the SC-L
mailing list