“Microsoft’s bi-annual BlueHat hacker summit saw a demo of a virtual machine rootkit that could be the latest hacker tool. Dino Dai Zovi from pen test company Matasano Security showcased a hardware VM-based rootkit called Vitriol that exploits Intel’s VT-x virtualisation extension. This would in theory render Vista’s controversial PatchGuard technology useless.
Vitriol works by invisibly running the original operating system in avirtual machine, using a technology dubbed a “rootkit hypervisor” – apiece of code running on the PC chip itself. Zovi showed how Vitriol canmigrate a running OS into a hardware virtual machine on the fly, so auser would notice nothing amiss.
The malicious code would be totally inaccessible to the operatingsystem.
“This is a very clever idea, and is certainly something to watch for inthe future,” said Simon Heron, technical director at Network Box.
“In fairness to Microsoft, this concept would work on pretty much any OSrunning on Intel chips. Normal rootkits are pretty bad, but this wouldcreate some interesting problems.”
“The European Commission is considering legislation to control the useof RFID tags. Information society and media commissioner Viviane Redingsaid Europeans needed reassurance that the radio tags would not be usedfor surveillance. She announced plans for legislation to ensure privacyconcerns are met. “The Communication that I will put before theCommission for adoption at the end of this year will outline the mainoptions for action and a roadmap for a solid legal framework,” shesaid.
Reding made her address as she presented the results of a six-monthEuropean study into attitudes towards RFID. “The overriding message thatcomes out of the consultation is that citizens have concerns overprivacy issues,” she said. “The large majority are willing to beconvinced that RFID can bring benefits, but they want to be reassuredthat it will not compromise their privacy. This is the deal that we haveto strike if we want RFID to be accepted and widely taken up. This isthe deal I am looking to make.”
Almost 2,200 people took part in the survey. Seventy per cent thought itwas important to label tags and give consumers the opportunity todisable or destroy them. RFID vendors argue that self-regulation will besufficient to stop abuse of the technology, but a mere 15 per cent ofpeople in the survey agreed.
RFID tags are short-range radio chips that can help businesses keeptrack of stock items Applications from sectors including retail, theNHS, supply chain management and catering are being trialled. USpassports also contain the chips.
“As Vista’s release draws ever nearer, Microsoft is increasingly bowingto industry and regulatory pressure to ease anti-competitive features ofthe long-awaited OS. The Redmond giant has finally agreed to give rivalsecurity software makers access to the kernel of 64-bit versions ofVista. The main bone of contention has been the new PatchGuard feature,which was designed to protect the kernel code from maliciousrootkits.
Third-party vendors, such as Symantec and McAfee, have complained thatthe feature was a way to lock them out of the kernel and would stifleinnovation in the long term. “PatchGuard has already been hacked, and ifno legitimate third-party applications can access the kernel, there maybe no way to stop hackers once they have done so,” a spokesman forSymantec said. “We welcome the announcement that MS will give us accessto the kernel code, but no timeline has been given by Microsoft, andVista is due to ship soon.”
Meanwhile, The European Commission has denied rumours that MS Vistawould be delayed in Europe due to anti-trust regulations, but insiststhat no “green light” has been given.
“UK companies are far more concerned about losing confidential data thantheir US counterparts, a recent survey has revealed. While 57 per centof UK firms reported the loss of at least one laptop containingsensitive information in the past year, 81 per cent of US companiesowned up to a similar incident. Furthermore 93 per cent of UK businesseswere worried about protecting data stored on a laptop or server,compared to only 81 per cent of organisations marking it as a highpriority in the US.
Vontu, the data loss prevention company that commissioned the survey,said such a variation could be due to the US state notificationlaws.
Joseph Ansanelli, CEO of Vontu (pictured), said: “Data breaches havebecome more of a public issue in the US. Companies are now obligated tonotify their customers if such a situation arises and, as a result, thewhole area has become much more publicised.” Vontu launches in the UKthis month.
“Retail giant Tesco has entered the anti-virus software market,launching two AV packages as part of a push into budget software forhomes and small and medium-sized enterprises.
The supermarket claims its offering, Tesco Software, will “rival thebig, existing companies such as Microsoft, Symantec and McAfee”.
The range will initially include six titles, each priced at less than£20: an office suite, two security/anti-virus products, a personalfinance tool, a CD/DVD burning tool and a photo editing tool. Theproducts will initially be available at selected stores only.
EYE OF THE BEHOLDER
Terror threats have left the British public in favour of widerbiometrics use, in spite of widespread confusion about what it actuallyis.
A recent survey by document and personnel identity specialist TSSISystems showed 76 per cent of Britons are more in favour of biometricsthan they were a year ago, but 58 per cent were unaware that they may besubjected to biometric checks when travelling abroad. Three-quarters ofpeople believe that biometrics is essential for combating terrorism,with only 17 per cent viewing intelligence information as moreimportant.