[Full-disclosure] Rutkowska faces '100% undetectable malware' challenge, teasing?

scott redhowlingwolves at bellsouth.net
Sun Jul 1 07:56:22 BST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It sounds to me like you fella's have never to, or even read her
website.Ya know,Invisiblethings.org?

Maybe you've never heard of Blue Pill.Or Red Pill.
Or maybe it's a waste of time to tell you.

There are some methods involving timing to detect ,possibly, these types
of things,but they are easily defeated.

Scott








Peter Ferrie wrote:
> The problem is that she wants the money upfront, in order to develop the 100% undetectable thing that she doesn't have right now.  So that's a problem.
>  
> 
> ________________________________
> 
> From: full-disclosure-bounces at lists.grok.org.uk on behalf of Trey Keifer
> Sent: Sat 6/30/2007 1:39 PM
> To: Bipin Gautam
> Cc: full-disclosure at lists.grok.org.uk
> Subject: Re: [Full-disclosure]Rutkowska faces '100% undetectable malware' challenge, teasing?
> 
> 
> Joanna has stated her technical requirements for the challenge and Thom and group has accepted them, so why not turn this into what it really is... a bet.
> 
> The losing team agrees to pay the other $350,000 - if both groups are really so confident there shouldn't be any issue. 
> 
> 
> 
> 
> On 6/30/07, Bipin Gautam <gautam.bipin at gmail.com> wrote: 
> 
> 	hi guys,
> 	
> 	ref: http://blogs.zdnet.com/security/?p=334
> 	
> 	so are they teasing by making her the impossible challenge at this date? :)
> 	
> 	honeypot developers have been trying to battle the same issue of 
> 	making the virtual machine emulate guest OS like the it is run in real
> 	hardware since some years now.
> 	
> 	ref: http://handlers.sans.org/tliston/ThwartingVMDetection_Liston_Skoudis.pdf 
> 	
> 	But if Rutkowska or anyone is able to succeed to make it undetectable
> 	in current hardware that would be genius!
> 	
> 	-bipin
> 	
> 	_______________________________________________
> 	Full-Disclosure - We believe in it. 
> 	Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> 	Hosted and sponsored by Secunia - http://secunia.com/ 
> 	
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGh1AWelSgjADJQKsRAnNiAJsHt93ydzxXxFTea/Ia9NNayiTYfwCfRew0
roCWGY5bpgK3srMNbwbAvPY=
=3trl
-----END PGP SIGNATURE-----

Full-Disclosure is hosted and sponsored by Secunia.