| Author |
Message |
GibsonSG
Tail-Wagger
Joined: 26 Aug 2003
Age: 28
Posts: 2966
Location: Lubbock, TX
|
Posted:
Fri Jun 30, 2006 8:13 am Post subject: Take the blue pill... |
|
|
|
|
|
|
Nesarin
Toilet Drinker
Joined: 22 May 2003
Posts: 297
Location: ND
|
|
Posted:
Fri Jun 30, 2006 8:38 am Post subject: |
|
The fact that it was created doesn't bother me nearly as much as the fact that they completely intend to release the code for it. Cause god knows that we need to put an indefensable weapon in the hands of crappy malware producers.  |
_________________
OH BALLZ!!
|
|
|
|
|
|
CMTG
Leg Humper
Joined: 23 Feb 2002
Posts: 4944
Location: On average, Cheltenham.
|
|
Posted:
Fri Jun 30, 2006 8:57 am Post subject: |
|
Nesarin wrote:The fact that it was created doesn't bother me nearly as much as the fact that they completely intend to release the code for it. Cause god knows that we need to put an indefensable weapon in the hands of crappy malware producers.
The fact that they released the source code is a good thing. It means we (and by we I mean anti-spyware people) can study it to develop even better detection techniques.
The golden rule in computer security is: Attacks never get worse, they always get better. So it's much better that something like this has been developed in the lab before it's developed in the wild. And it would have been developed in wild whether the source code was available or not because as I said, attacks always better.
We're one step ahead of the game for once! |
_________________
Pie. I wish I could
constrain my hungry greed but...
Sadly, defeated.
Charlene's Law: There's no such thing as can't.
Charlene's Corollary: Unless it's followed by be arsed.
|
|
|
|
|
|
Nesarin
Toilet Drinker
Joined: 22 May 2003
Posts: 297
Location: ND
|
|
Posted:
Fri Jun 30, 2006 10:49 am Post subject: |
|
CheeseMonger The Great wrote:Nesarin wrote:The fact that it was created doesn't bother me nearly as much as the fact that they completely intend to release the code for it. Cause god knows that we need to put an indefensable weapon in the hands of crappy malware producers.
The fact that they released the source code is a good thing. It means we (and by we I mean anti-spyware people) can study it to develop even better detection techniques.
The golden rule in computer security is: Attacks never get worse, they always get better. So it's much better that something like this has been developed in the lab before it's developed in the wild. And it would have been developed in wild whether the source code was available or not because as I said, attacks always better.
We're one step ahead of the game for once!
While I feel you're right about being nice to be ahead of the curve, I'm thinking that it's going to take much longer to create a cure than it is going to take to have people wreak havoc on the general populace's machines, especially if the only known way to detect it is a flaw in the pacifica chip itself. It makes it sound like the architecture itself would have to be implemented with the flaw as standard issue. Of course I may be reading this and thinking about it incorrectly. It's Friday, and my brain has already checked out for the "holiday weekend"
 |
_________________
OH BALLZ!!
|
|
|
|
|
|
Doomhammer
Leg Humper
Joined: 01 Jun 2004
Posts: 4702
Location: Utah
|
|
Posted:
Sat Sep 16, 2006 8:44 pm Post subject: |
|
I listened to a podcast the other day that discussed this...
Basically, they said that in theory it would be impossible to detect these. Period. But... The piece of malware, whose purpose is to collect information, must at some point send that information back to whoever sent out the malware. Supposedly, the easiest way to detect these would be to simply wait until they send out data, then nail them. |
_________________
"The depth of your jealousy concerning my leetness astounds even me." - Ethan - CTRL+ALT+DEL
"Spare monies for a noob? Heal plz? How I mine for fish?" - Leo - VGCats # 160
"I hurt in my everywhere." - VGCats
Q: If a tree falls when nobody can hear it, does it make a sound?
A: Chuck Norris can hear it.
Lycander wrote:
see, the typical responses I see from Doomy follow a vein of: "wtf d00d, why are you doing it like that? do it like ME, because I'm ultimate roxxor LOLBBQ"
'Tis true LOL !
|
|
|
|
|
|
squito
Moderator
Joined: 05 Dec 2000
Posts: 5941
Location: USA
|
|
Posted:
Sun Sep 17, 2006 5:28 am Post subject: |
|
|
|
|
|
|
anglachel
Guide Dog
Joined: 08 Nov 2003
Posts: 8403
Location: MN
|
|
Posted:
Sun Sep 17, 2006 6:07 am Post subject: |
|
Doomhammer wrote:I listened to a podcast the other day that discussed this...
Basically, they said that in theory it would be impossible to detect these. Period. But... The piece of malware, whose purpose is to collect information, must at some point send that information back to whoever sent out the malware. Supposedly, the easiest way to detect these would be to simply wait until they send out data, then nail them.
best time to catch any spyware is when it is being installed.
as for it sending things out lots of crapware I"ve seen starts another process with a executable that it removes imedately after it is loaded into memory. root kit remains hidden. heck the fanciest one I've ever seen would start up another app for anything it was going to do, including kill rootkit revealer. but they all need to start from some where when the computer loads (other then possible this blue pill stuff, I want to see how this works before I talk about it to much) so if you find the start up command in the registry, and blow it away, and can keep it blown away (i.e. it doesn't recreate it right away) through a restart, then you will have control of the computer again. |
_________________
Quidquid latine dictum sit, altum sonatur.
Death to Shuttleworth!
|
|
|
|
|
|
|
|
LWD 
FAQ 
Memberlist 
Usergroups 
Active Topics 
Register 
Profile 
Log in to check your private messages 
Log in 
Who is Online 
Image Gallery 
Chat 
Search 
