Read an Interview with Dino Dai Zovi here: http://blogs.zdnet.com/security/?p=176

>From the Article:
"Hackers Dino Dai Zovi and Shane Macaulay teamed up to hijack a MacBook Pro laptop at the CanSecWest security conference here, effectively pouring cold water on the Mac faithful's belief that the machines aDino Dai Zovire impenetrable."


Dai Zovi is a previous Black Hat Speaker. He spoke with us at the 2006 USA conference on Hardware Virtualization-Based Rootkits: "Hardware Virtualization-Based Rootkits"

Hardware-supported CPU virtualization extensions such as Intel's VT-x allow multiple operating systems to be run at full speed and without modification simultaneously on the same processor. These extensions are already supported in shipping processors such as the IntelR Core Solo and Duo processors found in laptops released in early 2006 with availability in desktop and server processors following later in the year. While these extensions are very useful for multiple-OS computing, they also present useful capabilities to rootkit authors. On VT-capable hardware, an attacker may install a rootkit "hypervisor" that transparently runs the original operating system in a VM. The rootkit would be loaded in physical memory pages that are inaccessible to the running OS and can mediate device access to hide blocks on disk. This presentation will describe how VT-x can be used by rootkit authors, demonstrate a rootkit based on these techniques, and begin to explore how such rootkits may be detected.


See his Presentation Slides here:
https://blackhat.com/presentations/bh-usa-06/BH-US-06-Zovi.pdf


WATCH HIS PRESENTATION!
http://media.blackhat.com/bh-usa-06/video/2006_BlackHat_Vegas-V46-Dai_Zovi-Hardware_Virtualization.mp4


LISTEN TO HIS PRESENTATION!
http://media.blackhat.com/bh-usa-06/audio/2006_BlackHat_Vegas-V46-Dai_Zovi-Hardware_Virtualization.mp3

Ver todos los episodios