This article examines the security challenges facing us on modern off-the-shelf hardware, focusing on Intel x86-based notebooks. The question the author will try to answer is: can modern Intel x86-based platforms be used as trustworthy computing platforms? The paper looks at security problems arising from the x86's over-complex firmware design (BIOS, SMM, UEFI, etc.), discuss various Intel security technologies (such as VT-d, TXT, Boot Guard and others), consider how useful they might be in protecting against firmware-related security threats and other attacks, and finally move on to take a closer look at the Intel Management Engine (ME) infrastructure.
21aff52a293ba0e23ed85f93772ac4823589aaf5b93e76d95c0c62d46c9ba78d
HITBSecConf2006 Presentation - Subverting the Vista Kernel For Fun And Profit.
166ba047155514bdbc82f9186d41dca4b8e72f60d2b133a6a00d0de888f89ac7
Virginity Verifier - The presentation aims towards defining a detailed list of vital operating system parts as well as a methodology for malware detection. The list will start on such basic levels as actions needed for file system and registry integrity verification, go through user-mode memory validating (detecting additional processes, hooked DLLs, injected threads, etc) and finally end on such advanced topics as defining vital kernel parts which can be altered by modern rootkit-based malware (with techniques like Raw IRP hooking, various DKOM based manipulations or VMM cheating)
94500b175b88ce140678c699be8b75984a5ac8857c25de8ad095cfbd32078b6f