-
July 6th, 2005, 03:40 PM
#1
Spyware/Rootkits and Hardware
what piece of the processor connects to the OS API calls or RUN statements?
Difficult takes a day, Impossible takes a week~Kthln01!
-
July 6th, 2005, 04:20 PM
#2
All of it?
What do you mean? Do you have any idea how a computer works?
Oliver's Law:
Experience is something you don't get until just after you need it.
-
July 6th, 2005, 04:26 PM
#3
i am thinking about making some type of coprocessor board (just a design idea) that will work with existing hardware and software that can collect info and report security related events to a monitoring station.
I understand that rootkits and spyware attack statements in windows api and make everything seem normal. I know nothing about internal OS operations, so I asked how this specific piece is related or (could) relate to hardware. Maybe this is still confusing, i dont know.
Difficult takes a day, Impossible takes a week~Kthln01!
-
July 6th, 2005, 04:46 PM
#4
Junior Member
That would not work effectively at the processor level, as OS API commands translate into many many consecutive processor instructions. You would have to have a list of OS API commands and their translated processor opcode instructions. You would then have to read directly from the processors registers/BUS the opcode of the instruction being executed and pattern match a consecutive string of opcodes against your stored list. This also does not take into account that most modern day processors are pipelined, which would me you would have to account for NOP buffers/fillers and smashing the pipe. Good thought, but not a practical idea.
An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"
My tea is extra hot.
-
July 6th, 2005, 04:46 PM
#5
You are asking for about 2 years worth of knowledge.
-
July 6th, 2005, 04:48 PM
#6
You have called this thread:
Spyware/Rootkits and Hardware
Spyware and rootkits are applications just like any other. Apart from generally residing on your hard drive, I don't think that they have any hardware requirements other than sufficient resource to run.
I asked how this specific piece is related or (could) relate to hardware.
It doesn't.................................and if you are thinking of a hardware security design you should look at EEPROM chips
-
July 6th, 2005, 04:52 PM
#7
Difficult takes a day, Impossible takes a week~Kthln01!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|