[Lazarus] Embarcadero vs Lazarus/FPC (Oracle vs Google)
Mark Morgan Lloyd
markMLl.lazarus at telemetry.co.uk
Thu May 10 13:03:34 CEST 2012
Lukasz Sokol wrote:
> On 08/05/2012 10:00, Mark Morgan Lloyd wrote:
>> Hans-Peter Diettrich wrote:
>>
>>> In the last c't magazine I found an side-cut on the German
>>> "Bundestrojaner", a spy software developed for the secret service:
>>>
>>> "Since the AV software is booted from a clean CD, and has full
>>> control over the machine, there is no disk space where a rootkit or
>>> other spyware could hide itself."
>> Never a safe assumption: a rootkit can hide itself in Flash, and in
>> particular can hide itself in the "hidden" System Management Mode
>> BIOS space (Phrack 65).
>>
>
> Hans grumbled on this in next line ;)
No, he grumbled that money had been spent writing something that could
be defeated by loading a different operating system. I'm pointing out
that there are at least two categories of malware (or state-sanctioned
spyware) which apply to any OS, since they are hidden at a lower level
(Flash or SMM BIOS).
It's very much comparable to Geohot's hack of the Sony Playstation: he
attacked the MMU before Sony's loader attempted to run, and was able to
extract compromising information.
--
Mark Morgan Lloyd
markMLl .AT. telemetry.co .DOT. uk
[Opinions above are the author's, not those of his employers or colleagues]
More information about the Lazarus
mailing list