Debunking Blue Pill myth
Saturday, 12 August 2006 by Michel Roth
From Virtualization.info: Since months the security and virtualization industry are discussing about a new security threat: the Blue Pill.

Blue Pill is the prototype resulting from a security study made by Joanna Rutkowska, which took advantage of new virtualization capabilities of AMD processors (known as SVM and previously as Pacifica) to inject a rootkit in a running Vista operating system.

The world press given this work much attention, often reporting misleading informations, because the scenario involved the upcoming Microsoft operating system, and because Ms. Rutkowska claimed a malware using this method is undetectable.

Assuming every reader out there already discovered, by reading follow-up to original post or other security professional analysis, that this method is not exploiting any flaw in the operating system, claim of undetectability stands still.

virtualization.info met Anthony Liguori, Software Engineer at IBM Linux Technology Center and, most of all, one of the men behind the Xen hypervisor, to finally debunk the Blue Pill myth.

Read the entire interview here.

Related Items:

Virtualization.info Interviews Microsoft And XenSource (4 August 2006)
Virtual Rootkit Targets OS, Not Virtual Machines (17 March 2006)
Microsoft Windows Hypervisor To Have Recovery Capability (16 May 2006)
Security By Virtualization (3 July 2006)
VM Rootkits: The Next Big Threat? (13 March 2006)
Potential New VMware Products Details Leaked (14 June 2006)
Intel And AMD Virtualization Explained (8 February 2006)
Software Virtualization Solution Security (2 May 2006)
Virtualization.info Interviews Vice President of Platform Products at VMware, Raghu Raghuram (20 June 2006)
VMware Expected To Launch A Product For Intel-powered Mac OS X (7 April 2006)
Comments (0)add feed
Show/Hide comment formtoggle
password
 

busy