Re: @thames - Windows only though
Nothing is hidden from the OS, with a rootkit stuff is hidden from the end-user.
Not true, if something has write access to the OS kernel copied into RAM before it is invoked. Which is exactly what a BIOS does have. It's even able to subvert the bootloader, which comes before the OS and which is equally capable of subverting any OS it loads.
A simple example with non-malicious intent, would be to intercept disk IO operations and to cause any access above a nice round number to return an error as if the disk were that nice round number in size. This was actually used back in the days when disk manufacturers were playing sillybuggers shipping a 1002Mb drive that was bigger than a 1000Mb drive so if you bought a manufacturer X disk and used all its available capacity, you couldn't later replace it with a manufacturer Y "1Gb" disk. Of course, then manufacturer Y shipped a 1002.25Mb disk ....
There's also Ring -1, the hypervisor, to consider in the case of Intel CPUs, though I'll accept that in this context you may use OS to refer to the hypervisor itself, not the OSes that it supervises.
Biting the hand that feeds IT
