Linked by David Adams on Wed 14th Sep 2011 14:18 UTC, submitted by Discott
Privacy, Security, Encryption McAfee demonstrated the workings of its new McAfee DeepSAFE technology at the Intel Developer Forum on Tuesday. It sits beyond the operating system and close to the silicon, and by operating beyond the OS, it provides a direct view of system memory and processor activity. Among the threats that it detects are Stuxnet, SpyEye, the TDSS roorkit family and the NTRootkit.
Thread beginning with comment 489618
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Fix the OS not the security
by Phucked on Thu 15th Sep 2011 01:39 UTC in reply to "Fix the OS not the security"
Phucked
Member since:
2008-09-24

Rootkits are a result of a flaw in the person, not a flaw in the OS.


FTFY

Reply Parent Score: 3

Alfman Member since:
2011-01-28

Phucked,

"'Rootkits are a result of a flaw in the person, not a flaw in the OS.'


FTFY"



The original quote was not broken.
If a non-trusted application is able to escalate it's privilege to root without user authorization, then it is a flaw in the OS. No matter what secure suite may be installed, an attack is only possible in the first place because of a flaw in the OS. A security suite may help prevent attacks and clean up after them, but it's not an excuse to leave holes in the OS.

Of course there are trojan horse attacks which coerce the user into giving them root privileges, but then that is clearly not what this article is about.

Reply Parent Score: 5