Results 1 to 7 of 7

Thread: Spyware/Rootkits and Hardware

  1. #1
    Senior Member
    Join Date
    Jul 2005
    Posts
    277

    Spyware/Rootkits and Hardware

    what piece of the processor connects to the OS API calls or RUN statements?
    Difficult takes a day, Impossible takes a week~Kthln01!

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    All of it?

    What do you mean? Do you have any idea how a computer works?
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Senior Member
    Join Date
    Jul 2005
    Posts
    277
    i am thinking about making some type of coprocessor board (just a design idea) that will work with existing hardware and software that can collect info and report security related events to a monitoring station.

    I understand that rootkits and spyware attack statements in windows api and make everything seem normal. I know nothing about internal OS operations, so I asked how this specific piece is related or (could) relate to hardware. Maybe this is still confusing, i dont know.
    Difficult takes a day, Impossible takes a week~Kthln01!

  4. #4
    Junior Member
    Join Date
    May 2005
    Posts
    28
    That would not work effectively at the processor level, as OS API commands translate into many many consecutive processor instructions. You would have to have a list of OS API commands and their translated processor opcode instructions. You would then have to read directly from the processors registers/BUS the opcode of the instruction being executed and pattern match a consecutive string of opcodes against your stored list. This also does not take into account that most modern day processors are pipelined, which would me you would have to account for NOP buffers/fillers and smashing the pipe. Good thought, but not a practical idea.
    An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"

    My tea is extra hot.

  5. #5
    Senior Member
    Join Date
    Jul 2004
    Posts
    469
    You are asking for about 2 years worth of knowledge.

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    You have called this thread:

    Spyware/Rootkits and Hardware
    Spyware and rootkits are applications just like any other. Apart from generally residing on your hard drive, I don't think that they have any hardware requirements other than sufficient resource to run.

    I asked how this specific piece is related or (could) relate to hardware.
    It doesn't.................................and if you are thinking of a hardware security design you should look at EEPROM chips


  7. #7
    Senior Member
    Join Date
    Jul 2005
    Posts
    277
    thx all
    Difficult takes a day, Impossible takes a week~Kthln01!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •