[Lazarus] Embarcadero vs Lazarus/FPC (Oracle vs Google)

Lukasz Sokol el.es.cr at gmail.com
Thu May 10 13:41:08 CEST 2012

On 10/05/2012 12:03, Mark Morgan Lloyd wrote:
> Lukasz Sokol wrote:
>> On 08/05/2012 10:00, Mark Morgan Lloyd wrote:
>>> Hans-Peter Diettrich wrote:
>>>> In the last c't magazine I found an side-cut on the German 
>>>> "Bundestrojaner", a spy software developed for the secret
>>>> service:
>>>> "Since the AV software is booted from a clean CD, and has full 
>>>> control over the machine, there is no disk space where a
>>>> rootkit or other spyware could hide itself."
>>> Never a safe assumption: a rootkit can hide itself in Flash, and
>>> in particular can hide itself in the "hidden" System Management
>>> Mode BIOS space (Phrack 65).
>> Hans grumbled on this in next line ;)
> No, he grumbled that money had been spent writing something that
> could be defeated by loading a different operating system. 

Quoting Hans :

"Millions of taxes, spent for the development of that software, are burnt by an simple update of already existing software (Linux and AV). <grumble> "

which I gather is that he /is/ grumbling about /the/ same assumption
you deemed /not safe/... 

> I'm
> pointing out that there are at least two categories of malware (or
> state-sanctioned spyware) which apply to any OS, since they are
> hidden at a lower level (Flash or SMM BIOS).
... which you are going into more detail here...

> It's very much comparable to Geohot's hack of the Sony Playstation:
> he attacked the MMU before Sony's loader attempted to run, and was
> able to extract compromising information.
... and here :)

To recap, I had an impression you were rebutting what Hans wrote where
in reality you both wrote about the same thing :)

(this is getting too off topic, EOT from me ;)

More information about the Lazarus mailing list