[Lazarus] Embarcadero vs Lazarus/FPC (Oracle vs Google)

Mark Morgan Lloyd markMLl.lazarus at telemetry.co.uk
Thu May 10 13:03:34 CEST 2012

Lukasz Sokol wrote:
> On 08/05/2012 10:00, Mark Morgan Lloyd wrote:
>> Hans-Peter Diettrich wrote:
>>> In the last c't magazine I found an side-cut on the German
>>> "Bundestrojaner", a spy software developed for the secret service:
>>> "Since the AV software is booted from a clean CD, and has full
>>> control over the machine, there is no disk space where a rootkit or
>>> other spyware could hide itself."
>> Never a safe assumption: a rootkit can hide itself in Flash, and in
>> particular can hide itself in the "hidden" System Management Mode
>> BIOS space (Phrack 65).
> Hans grumbled on this in next line ;)

No, he grumbled that money had been spent writing something that could 
be defeated by loading a different operating system. I'm pointing out 
that there are at least two categories of malware (or state-sanctioned 
spyware) which apply to any OS, since they are hidden at a lower level 
(Flash or SMM BIOS).

It's very much comparable to Geohot's hack of the Sony Playstation: he 
attacked the MMU before Sony's loader attempted to run, and was able to 
extract compromising information.

Mark Morgan Lloyd
markMLl .AT. telemetry.co .DOT. uk

[Opinions above are the author's, not those of his employers or colleagues]

More information about the Lazarus mailing list