| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
New rootkit hides in hard drive's boot record | |
|
||
| Time: 09:48 EST/14:48 GMT | News Source: ComputerWorld | Posted By: Michael Dragone | ||
|
A rootkit that hides from Windows on the hard drive's boot sector is infecting PCs, security researchers said today. Once installed, the cloaking software is undetectable by most current antivirus programs. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 305 Last | Next |
The time now is
3:48:22 PM
ET.
Any comment problems? E-mail us |
| #1 By 52115 (66.181.69.250) at 1/9/2008 10:41:51 AM |
|
I guess this could happen with Linux machines as well. But the software to install this into the MBR is probably currently only Windows based.
But wouldn't BIOS MBR locks prevent this from getting installed there in the first place? I seem to remember having a computer which had this (awhile ago) and I turned it on once. Tried to install Linux and it wanted to change the MBR and it couldn't.. |
| #2 By 2960 (72.196.195.185) at 1/9/2008 3:37:46 PM |
|
I don't know, but I am SO tired of this crap. 25-40% of my service time is spent cleaning up after these jackels.
The whole zlob "hold your computer for ransom with continuous bogus 'you are infected' messsage until you pay us to remove it" thing has just gotten completely out of hand. It's utterly, totally criminal and is deserving of FBI involvement. Let's put the OS in non-changeable firmware and be done with it. I'm tired of the bullshit. TL |
| #3 By 20505 (216.102.144.11) at 1/9/2008 4:56:51 PM |
|
TL,
I couldn't agree more - put the OS on a chip. Instant on. Instant off. No chance for corruption. Makes too much sense I guess. |
| #4 By 37047 (99.241.35.182) at 1/9/2008 7:25:45 PM |
| #2, #3: The down side would be that you wouldn't be able to upgrade the OS, apply security patches or service packs, etc. But something definitely needs to be done to address this problem. |
| #5 By 12071 (203.185.215.144) at 1/9/2008 8:05:07 PM |
| It's not like boot sector viruses are anything new... why the overreactions? |
| #6 By 7754 (75.72.153.112) at 1/9/2008 10:56:40 PM |
| MBR overwrite protection is pretty standard fare on motherboards these days, isn't it? |
| #7 By 2960 (72.196.195.185) at 1/10/2008 7:59:14 AM |
|
#4,
Sure you can. Firmware updates have been going on for years. They just need a secure way of locking it down so only the authorized updates will run. At least this way you have a SINGLE point of entry that can easily be re-locked if necessary. TL |
| #8 By 2960 (72.196.195.185) at 1/10/2008 11:50:32 AM |
|
UPDATE: I was thinking about this. How to secure the firmware so updates could be done, yet only by an official entity (in this case, Microsoft).
You don't want to use passwords. Too easy to break... Automated authentication in the firmware update itself? Nope. That could be re-verse engineered, thus giving the hackers a way in. I got it! Since this would no doubt require new motherboard design, or at a minimum a PCI card to implement, have a button or switch on the motherboard back panel or card back panel that would require the user to press when the firmware update asks for it. If there is fear that the firmware update may be a forgery, there would be a phone number and key displayed that the user could call to verify it's originality before pressing that button. Rough, but workable. There are people a lot smarter than me that can work out the rest :) TL |
| #9 By 8556 (12.208.163.138) at 1/11/2008 2:09:57 PM |
| Why not just run a command line fix mbr occasionally? |
|
Write Comment
Return to News |
Displaying 1 through 25 of 305 Last | Next |
The time now is
3:48:22 PM
ET.
Any comment problems? E-mail us |
