[funsec] eWeek: Government-Funded Startup Blasts Rootkits

[Technocrat]

How would this product handle VM malware. Such this isn't a huge
threat at this time...but it should be looked at.

http://www.eecs.umich.edu/virtual/papers/king06.pdf

I don't see any reason why a VM couldn't cloak a rootkit from a
PCI/Parallel OS device. Comments? Input?

IMHO, no detection method is foolproof and the "good guy" are
currently losing the cat and mouse game...perhaps this will give us
the step ahead for a short time.

-Technocrat