DARPA is funding a startup the supposedly has a unique approach to detect rootkits. The startup, Komoku, is ready to emerge from stealth mode with hardware and software-based technologies to fight the rapid spread of malicious rootkits
. They have a PCI card that doesn’t necessarily determine that a rootkit is installed, only that the OS has changed dramatically enough to warrant investigation. Microsoft, however, demonstrated a rootkit running in a virtual machine outside of the user’s OS workspace that made detection impossible — via Slashdot
Share this Story
RSS – Posts