Windows 7 bootkit released

ZOMG!!!! It's amaaaaazing how vulnerable a personal computer becomes granted *physical* access. BTW, April the 23rd rang asking for it's "news" back.

Nothing new here, physical access is always insecure. That's why buildings have security guards and doors have locks.

It's not just Windows 7, it's about every system ever released. Check "Kon-boot", which is already available and can be used on most of the Windows releases and on some Linux distros as well.

Not only this is not "new" (it's been around for a while), but also: if someone gains phisical access to a computer, there are other, much serious dangers such as... a) the attacker may open the safe and steal the family jewels ... or b) ties your hands and feet, wraps your mouth with duck tape and abuses you.... or c) since the bottom line is getting control of your computer, he puts it in the backpack and takes it away....

Not to mention what the attacker may do to your fridge....

...people still send their bank account numbers to Nigeria. It has been years since we have crossed the point where stupidity now overrules security, and yet it still makes headlines. Banks and governments get hacked due to nitwits and novices setting the password to "pa$$w0rd" or leaving the server room door unlocked when they go to lunch. People's credit card numbers get stolen by replying to fake websites or someone reading their unshredded mail they put in the trash. Computers get turned into 'zombies' from downloading that video/song from who-knows-where and 'installing' it instead of playing it. You'd like to think people aren't that stupid, but they are. PEBDAK will trump Symantec any day.

Hey software vendor, we're a 'security company' and we found a vulnerability in your software. But we won't pass it around...for now.

What, you didn't decide to 'invest' in our company or fund our 'research'? Well, since we can't make money from you on the flaw we found, we'll give it away to the world and make you spend shedloads of money to fix the problem. Next time, you'll pay up, chump!

Is it ok as long as they are doing it to M$?

This is not a "Windows" or "Microsoft" specific thing.

ANY system is vulnerable to a cold-boot attack if you have physical access.

DUCT tape - as in sealing joins on air-conditioning ducting.

DUCK tape - I'm yet to see a practical use for applying tape to a duck.

Use full disc encryption

DUCK tape is actually a brand of DUCT tape.

I think if they've got physical access to the equipment, the following applies:

http://xkcd.com/538/

Sorry Jim, Wrong Answer.

Disk Encryption is a doddle to break, and all of them have been broken.

The Black Hat people made a big song & dance about being able to break MS Bitlocker with little difficulty, and then pointed out they could do the same for any encryption system.

Facts are, that with physical access, you cannot stop someone taking the data... best you can hope to do is deter the script-kiddies and slow down the serious hackers... but if someone really wants to, and knows how to, they will get it.

It doesn't matter if it's Windows, Linux, OS/X, whatever.

open sauce licence lol

You cannot break Full Disc Encryption if the key is never in the RAM...
So use hardware Full Disc Encryption

That doesn't protect you against thugs with drugs and wrenches.

Scenario:

-Boot Your machine only in secure enviroment. (Key card is need for boot only).

-Store Your Key card only in secure enviroment.

-When thugs with drugs and wrenches arrives, they cannot extract nothing from You or from Machine.

On Windows 7 it is possible to replace any file with malware if the attacker has administrator access.

I would consider that an even great security issue than vBoot.

Be careful!

:-)