Real World IT

Detecting the Blue Pill Hypervisor rootkit is possible but not trivial

But an even scarier thought occurred to me and I asked Rutkowska if it would be possible for Blue Pill to go in to a temporary hibernation mode if it detects a timing analysis to detect Blue Pill and Rutkowska replied that this wouldn't be easy but would be very interesting.

August 17, 2006 by George Ou in Virtualization

Why does that new widescreen HDTV look so weird?

When you bought that brand new widescreen TV, have you ever wondered why the picture looks so weird? This blog shows the most common mistakes people make video playback and how to display video correctly on normal full screen and widescreen displays.

August 15, 2006 by George Ou in Hardware

Blue Pill: The first effective Hypervisor Rootkit

Unlike SubVirt which relied on commercial virtualization technology like VMware or Virtual PC, Blue Pill uses hardware virtualization and allows the OS to continue talking directly to the hardware. Commercial virtualization software has to emulate full I/O functionality from storage to networking to video and it would be exceedingly simple to detect driver changes. Furthermore, it would take a fairly complex physical to virtual migration to get SubVirt installed on the system. Blue Pill on the other hand can do an on-the-fly install and simply shift your Operating System from direct control of the physical computer to a virtualized state living under the control of Blue Pill. Blue Pill then acts as an ultra-thin Hypervisor that lies dormant most of the time using virtually zero overhead and waits for "interesting" events such as keyboard input.

August 15, 2006 by George Ou in Virtualization

Hey YouTube! Can you say ANAMORPHIC

Would it be all that hard for YouTube to simply have a checkmark that simply said "widescreen" or "anamorphic" video when you upload the video or even just let the user adjust the aspect ratio during playback? Not really and it wouldn't even cost them any more bandwidth since it's just a rendering option. YouTube already offers the ability to scale their video in the X and Y directions, they just don't let you do one at a time.

August 13, 2006 by George Ou in Social Media

Core 2 shortage eases, prices drop drastically!

Earlier this week the Intel Core 2 Duo E6600 sold as high as $459 but the supply shortages seem to be easing. Buy.com now offers the E6600 at $339 which is only $23 above list price and promises to ship in one to two weeks. If Buy.com comes through and delivers the product at anywhere close to the list price, this will be very good news. Most of my friends that are in to high-performance computing are dying to get their hands on one for a reasonable price and this is certainly welcome news for them.

August 11, 2006 by George Ou in Processors

Impact of Vista x64 signed driver requirement bypass

This means that system administrators will be able to bypass the signed driver requirement in Vista x64 using Rutkowska's method to modify the kernel. This effectively defeats one of the security mechanisms in Vista x64 and allows administrators the ability to deliberately or accidentally install Malware in to the kernel.

August 10, 2006 by George Ou in Windows

AOL AIM Phoneline gives you a free phone number

Following on the heels of Skype offering free (free for now because Skype is only doing it to mess with the Vonage IPO) Skype-out service, AOL has begun offering free inbound calling along with your own phone number with its AIM Phoneline service. For an additional $9.95 a month, you can get unlimited calling to 30 countries!

August 9, 2006 by George Ou in Mobility

Intel sells off DSP division Dialogic

By the time the quad-core Core 2 based processors arrives next year, that capability goes well above 1000 channels and that number is sure to rise with Moore's law as more CPU cores are added. With every increase in CPU cores and performance in general-purpose processors, the market for special-purpose DSPs are squeezed tighter and tighter

August 9, 2006 by George Ou in Processors

Video interview on hacked MacBook

Having attended the Black Hat and DEFCON conference last week, I had the opportunity to interview David Maynor and Jon "Johnny Cache" Ellch about the research work they did on driver hacking. These two researchers had just given their presentation showing how they hacked in to an Apple MacBook in mere seconds and gained root control through a flawed Wi-Fi driver.

August 9, 2006 by George Ou in Windows

RFID passports with improper shielding triggers bomb in simulation

At Black Hat 2006, Flexilis inc. demonstrated that improper shielding in the proposed American RFID passports might be used by terrorists to set off bombs that may target citizens of particular nations. To demonstrate this, Flexilis produced a video showing what happens to an improperly shielded RFID-enabled passport versus a properly shielded RFID passport.

August 8, 2006 by George Ou in Security

Intel Core 2 Duo in short supply and priced above list

There are only a few places that I have seen carry the Intel Core 2 Duo E6600 2.4 GHz processor.

August 8, 2006 by George Ou in Processors

Elite programmers compete in CTF at DEFCON

Members of the winning team 1@stPlace after 2 day marathonAt this years CTF (Capture the Flag) competition at DEFCON 2006, elite programmers and security penetration experts duke it out in a grueling two and a half day competition. Out of hundreds of teams that signed up for the competition, only eight qualified for the finals in Las Vegas.

August 7, 2006 by George Ou in CXO

Wall of Sheep at DEFCON illustrates what not to do

Because most of the common web technologies used in the world are still using clear text authentication, hackers at DEFCON illustrate why this is such a bad idea. Every year at DEFCON when one would think that attendees should know better, the Wall of Sheep is populated with careless users. I actually stopped by because of my paranoia and breathed a sigh of relief when I verified that I wasn't on the wall.

August 4, 2006 by George Ou in Security

Learn to build a separate guest and internal WLAN on Cisco 871W

Learn how to use a single Cisco 871W to build a separate guest and internal wireless LAN where the guest network can access the Internet but not your internal network.

August 4, 2006 by George Ou in Networking

MacBook hack video draws ire of Mac fans

This particular Wireless hack shouldn't be pinned on Apple's products or Apple's programming, but remember that just this week there were 26 flaws patched by Apple and many of the flaws were critical. In fact, there were months when Apple patched more than 30 vulnerabilities a month so it's clear that security vulnerabilities on the Mac are abundant.

August 3, 2006 by George Ou in Apple

George Ou

Latest Posts