Black Hat Briefings, Las Vegas 2006 [audio] Presentations From The Security Conference

"The presentation will first present how to generically (i.e. not relaying on any implementation bug) insert arbitrary code into the latest Vista Beta 2 kernel (x64 edition), thus effectively bypassing the (in)famous Vista policy for allowing only digitally singed code to be loaded into kernel. The presented attack does not requite system reboot. Next, the new technology for creating stealth malware, code-named Blue Pill, will be presented. Blue Pill utilizes the latest virtualization technology from AMD - Pacifica - to achieve unprecedented stealth. The ultimate goal is to demonstrate that is possible (or soon will be) to create an undetectable malware which is not based on a concept, but, similarly to modern cryptography, on the strength of the 'algorithm'. Joanna Rutkowska has been involved in computer security research for several years. She has been fascinated by the internals of operating systems since she was in primary school and started learning x86 assembler on MS-DOS. Soon after she switch