Search



AuthenticationWorld.Com

About

This page contains a single entry from the blog posted on February 11, 2007 12:35 PM.

The previous post in this blog was Vishing attacks growing.

The next post in this blog is Wireless Hacking Gets Easier.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]

« Vishing attacks growing | Main | Wireless Hacking Gets Easier »

Virtual perils growing

Last fall, I published a series of blogs on a new form of attack called "Blue Pill" using virtual hardware to create what is thought to be a currently indefensible form of attack and one to which the new Vista would also be susceptible. I was thinking of this when reading a recent blog by Brian Krebs of the Washington Post titled "Perils in Parallels?".

He was quite concerned about virtual software. In his blog he described how he had installed the Vista operating system on top of Mac OS X using "Parallels" a virtual machine program. What bothered him was that Vista could rewrite and delete any files in the Mac operating system running underneath it.

While I agree that this is serious, I expect the manufacturers to remedy this. What came to my mind was the increasing use of virtual machine software and Blue Pill. By using Blue Pill the criminals can move the entire operating system into a virtual machine without the system admins even knowing about it.

This type of attack is ready for prime time. Beware of the use of hardware virtual machines.

Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com

Posted by Guy Huntington on February 11, 2007 12:35 PM |

TrackBack

TrackBack URL for this entry:
http://www.authenticationworld.com/cgi-bin/blog/mt-tb.cgi/89

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)