Damon Cortesi's blog

Musings of an entrepreneur.

Rootkit Codecs and Virtualization

| Comments

It was kind of neat to see this post about rootkits and virtualization.

They’re reasoning, correctly, that if they’re on a virtual pc, they’re being studied and won’t play nicely.

As the author mentions, I’m not surprised but it’s kind of slick to see the author’s detecting the virtualization software and glibly do nothing.  So now the question is, what needs to be done or what can be done to prevent that?  Sounds like a nice project for a rainy Sunday afternoon in a coffee shop somewhere…