Re: how to fix rootkit?

From: Milan P. Stanic <mps_at_nospam>
Date: Thu Feb 09 2012 - 11:49:43 GMT
To: debian-security@lists.debian.org

On Wed, 2012-02-08 at 22:56, Chris Davies wrote:
> Milan P. Stanic <mps@arvanta.net> wrote:
> > What about statically linked binaries on the external media (CD, DVD,
> > USB ...) which is write protected with 'execute in place' mode?
>
> You can no longer trust the kernel. Therefore you cannot trust
> ANY application that runs under that kernel, either directly or
> indirectly. Period.

Of course, you are right here. But then I don't trust the CPU's. How we
know that the manufacturer od CPU, Ethernet card or anything, didn't put
some secret code into device which could be triggered by some
specifically crafted code, data or even electrical sequence.

-- Kind regards, Milan -------------------------------------------------- Arvanta, IT Security http://www.arvanta.net Please do not send me e-mail containing HTML code or documents in proprietary format (word, excel, pps and so on) -- To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: http://lists.debian.org/20120209114943.GA5795@arvanta.net

This message: [ Message body ]
Next message: Milan P. Stanic: "Re: how to fix rootkit?"
Previous message: Rick Moen: "Re: how to fix rootkit?"
In reply to: Chris Davies: "Re: how to fix rootkit?"
Next in thread: Chris Davies: "Re: how to fix rootkit?"
Reply: Chris Davies: "Re: how to fix rootkit?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]