Linked by Eugenia Loli on Wed 4th Apr 2007 17:23 UTC, submitted by shykid
Windows At the Black Hat Conference in Amsterdam, security experts from India demonstrated a special boot loader that gets around Vista's code signing mechanisms.
Thread beginning with comment 227674
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Attack not scalable
by billnvd on Thu 5th Apr 2007 02:26 UTC in reply to "Attack not scalable"
billnvd
Member since:
2006-02-04

"Microsoft could just release a patch to look specifically for any widely-deployed bootkit and bluescreen the machine as soon as it is detected."

LOL, the worlds first ever OS vendor sponsered DOS. So once the patch is out the black hats just see what can trigger it and now you have 200,000 vista machines blue screening.

Great idea there chief!

Reply Parent Score: 2

RE[2]: Attack not scalable
by PlatformAgnostic on Thu 5th Apr 2007 03:17 in reply to "RE: Attack not scalable"
PlatformAgnostic Member since:
2006-01-02

I'm assuming that a bootkit like this would be applied by the machine's administrator for the purpose of pirating protected content. I'm also supposing that you'll want to know if your machine has a bootkit taht as installed without your knowledge.

Either it harms you if you're a pirate, or informs you that you're compromised if you've been unaware. I don't see a problem with this idea.

Reply Parent Score: 2

RE[3]: Attack not scalable
by Windows Sucks on Thu 5th Apr 2007 03:29 in reply to "RE[2]: Attack not scalable"
Windows Sucks Member since:
2005-11-10

The problem here is that most people would then think their PC was dead and spend money trying to get it fixed. It would be a MESS. It would be like the blaster worm where you PC would just keep rebooting. But in this case it would just keep giving you a crazy blue screen. (And MS never puts good messages in those blue screens!)

They need to add a checker to Windows Defender or something. Then it could tell you if you have strange code running. Without crashing your PC every time you boot up.

Reply Parent Score: 2