14 DAY TRIAL // 64-bit Windows Vista in particular, but the whole Windows platform in general, will be the prime starts of slaughter sessions in the summer of 2007. At this year's Back Hat hacker conference at the end of July, security experts Alex Tereshkin and Joanna Rutkowska will be hacking away at Windows throughout the "Understanding Stealth Malware" training.
"As the training will be focused on Windows platform and Vista x64 specifically, we will also present some new kernel attacks against latest Vista x64 builds. These attacks, of course, work on the fly and do not require system reboot and are not afraid of the TPM/Bitlocker protection. (Although they could also be used to bypass Vista DRM protection, this subject will not be discussed during the training)," revealed Rutkowska.
The "Understanding Stealth Malware" training will focus on unpublished techniques, implementation details, and a consistent volume of fresh code created exclusively for the event. Rutkowska, giving a preview of the training, described the code as containing Deepdoor, Firewalk, Blue Pill and Delusion similar sample rootkits. However, Rutkowska emphasized that the sample rootkits have been overhauled and redesigned completely and now even feature anti-hardware-forensic attacks.
"Ever wondered whether Blue Pill really works or was just a PR stunt? Ever wanted to see how practical are various timing attacks against it? (And can even those "unpractical" be cheated?) Or how many Blue Pills inside each other can you run and still be able to play your favorite 3D game smoothly? Do you want to see Patch Guard from a "bird's eye view" perspective? Or do you simply want to find out how well the latest Vista x64 kernel is protected? Ever wondered how rootkits like Deepdoor and Firewalk really worked? You can't sleep, because you're thinking constantly about how Blue Pill-like malware can be prevented? Does Northbridge hacking sound sexy to you?" is the hook used by Rutkowska to draw in participants.