Challenge Blue Pill
Researcher challenged to prove 100% undetectable rootkit claim.
Joanna Rutkowska, the security researcher who last year claimed that she
can create 100% undetectable malware, has been challenged by fellow
researchers to prove it. Rutkowska made the claims about her Blue Pill
rootkit technology at last year's Black Hat conference. However, Thomas
Ptacek, Nate Lawson and Peter Ferrie - who will be presenting a paper at
this year's Black Hat entitled 'Don't tell Joanna: the virtualized rootkit
is dead' - argue that it is impossible to create a 100% undetectable
rootkit, and have invited Rutkowska to prove them wrong.
Rutkowska has accepted the challenge on a number of conditions, one of
which is that she and her Invisible Things team be compensated for the work
they put in to bringing their creation to the required level. She estimates
she and her team have already put four person-months into working on Blue
Pill and that it would take another 12 person-months to get it to a stage
at which it was undetectable. Ptacek et al. argue that, since they have
only spent around one person-month working on their detector, they already
stand at a 16:1 advantage. Both 'teams' will present their research at
Black Hat USA at the start of next month.
01 July 2007
Tags:
virus
del.icio.us 
digg this
