Security researchers have released a proof-of-concept rootkit for Windows 7, in the hopes that its availability will assist in the prompt development of an antidote. Indian security researchers Vipin Kumar and Nitin Kumar demonstrated the toolkit, dubbed Vbootkit 2.0, at the Hack In The Box security conference in Dubai last …
"We would really like Microsoft to release one single edition with all features available to all user[s] instead of crippled editions,"
By "crippled" do you think they mean "crippled by being Microsoft code?" or do they mean "crippled like the latest OS from MS".
or perhaps they mean "crippled because it doesn't work as advertised" (Vista capable!)
I seriously hope they don't release one single edition of windows with all features available to all users. Think of the bloat, the sluggish repsonse. The Gb sized registry etc etc.
.. any info on how it works, is its infection methods like a trojan, a virus or a worm? (assuming not a worm because its not spreading via network but you never know)
"As things stand, Vbootkit 2.0 doesn't lend itself to remote attack."
Be that as it may, when you get a trojan whatever it uploads is LOCAL to you machine.
Info here but as stated neither lends itself to a remote attack
http://www.securityfocus.com/columnists/442 which I read a while ago - honest!
OhNoes! Rootkit Explotz!!1!
Oh wait.. it requires physical access to the machine, to boot it off another device (USB, Floppy, CD etc)
Unless its remotely execute-able, I am less alarmed.
I am sure this is of concern to your high level government types, who are prone to leaving their laptops on trains and buses, but really doesn't rate that high.
Although, I could see a Sneakers ( http://www.imdb.com/title/tt0105435/ ) like situation, where you sneak into a bank, boot the work stations off a CD, Install the rootkit, and sniff, then dump out of the system.
But that would require a pretty retarded IT department, who didn't have a super duper locked down firewall... oh wait..
if I understand it correctly, LOCAL vs REMOTE is not where itexecutes how how it initiates. Rootkit virus which does not need any hard drive footprint is dam scary thing
Rock and a Hard Place
When Microsoft Unified their OS to the NT platform (with the release of XP) they could have sorted out this problem then. XP home is more or less Pro with certain networking built in . (Yes I know there are other differences but I said more or less).
Does this mean XP Pro is better than Home ? That's a big no for most home users.
the laughingly called Ultimate version would tick all the boxes and should be the only one released. Preferably at a decent price not the £145 Vista Ultimate OEM has crept up to
some linuxfanboy said . >seriously hope they don't release one single edition of windows with all features available to all users. Think of the bloat, the sluggish repsonse. The Gb sized registry etc etc.<
Who the hell has a registry in the GB size , if you don't know enough about windows to comment, don't
FYI on my vista desktop which has been installed for over a year now and is probably as bloated as it is going to get the registry files come out at 82 MB
On another note a basic install of OS X 10.5 is bigger than an install of Vista
>some linuxfanboy said .
A little presumptuous aren't we? I have a feeling the AC was trying to pull legs...
> Who the hell has a registry in the GB size ,
> if you don't know enough about windows to comment, don't
Only Windows users care about this magical "registry" thing that is the cause of all their computing issues, including and not limited to their ability to actually user a computer. Only Windows users' are stupid enough to spend money on tools that "Sweep" their machines.
Also FYI "Linux" is a kernel, I know it's been said a lot but if you're going to attempt one-up-manship you should do your research. There's no such thing as a "Linux fanboi"...
> FYI on my vista desktop which has been installed for over a year
> now and is probably as bloated as it is going to get the registry files
> come out at 82 MB
Well, it's not really the size of the registry file that matters ... it's the fact the Windows keeps most if not all of it's important configuration data there yet seems to lack the ability to manage it properly and then allows tools written by would-be-malware authors to go diddling around in there.
> On another note a basic install of OS X 10.5 is bigger than an install of Vista
Which edition of OSX and Vista? PPC binaries should be bigger than i386 ones due the smaller instruction set, and 32bit i386 binaries should be smaller than 64bit amd64 ones... what is the functionality/per megabyte of each? Without these details your statement means nothing... Sinclair Basic is like 16KB, should we all be running that instead?
live at no 42?
mine the one with naan in the pocket :D
Just to point out, the TPM is a hardware feature, not a software feature.
The TPM simply stores the key used by BitLocker drive encryption. And there are also plenty of free hard drive encyption tools that can be used.
LOL yeah right...
We would really like Microsoft to release one single edition with all features available to all user[s] instead of crippled editions,"
LOL yeah right... before we know it. winblows 8 home will include a "can only use it for 6 hours a day" feature where we will have to pay if we want to use the PC more...
"There's no such thing as a "Linux fanboi"..."
best thing I've heard all day....couldn't stop laughing.
I'm shitting it now, because the swine flu has just learn't how to fly....
Did you read Brian's comment before commenting on it? You also clearly have no understanding of the registry, but somehow feel compelled to comment.
The registry, yes most of Window's settings are there, certainly all of the settings for well-behaved software. There are a couple of editing tools supplied with Windows, others available on the Internet. The registry has ACLs, which means that tools and users can only edit it if they have premission (assuming they are setup, usually they are fairly well setup). I don't know for certain, but as the builtin registry editing tools need approval from the user to run, likely 3rd part tools will as well.
Also, the vast majority of users will never need to look at the registry, pretty much everything in there is changeable from the GUI/command line. Certainly everything that Joe User would need to change.
As for an obvious linux fanboy claiming that there cannot be such a thing as a linux fanbox because linux is the kernel... Linux, as you well know, is shorthand for the linux based FOSS operating system. Ask a thousand people what linux is and they'll say it's the FOSS OS that works a bit like unix. This a typical FOSS fanboy/zealot's method of getting out of an argument, diliberately mis-understand and use symantec arguments in order to prove that that you are 733t.
I feel better
Its a good thing they released it as an rc beforehand, finding stuff like this gives me confidence in the community of Win 7 testers enough to use it when its released.
I only read the title and comments
Please help me understand,
Are you saying win7 is the rootkit, or are you saying the exploit is the rootkit, and if i install win7 as a dual boot with vista will the rootkit, whichever one it is affect my vista rootkit, or will i have to get a seperate exploit to rootkit that.
Why can I not get just one rootkit and have done with the whole business.
I agree competition is good ie M$vLinuxvMacox or whatever, however when it comes to rootkitting why not just one that does all, there is enough confusion already without adding to it.
Now does this/these rootkits work better on a Dell or an Acer and what hardware/chips/gpu's etc should I require to run the "Ultimate" rootkit.
"...use symantec arguments..."
Yes, Norton is the root of all evil ;)