thewayne: (Cyranose)
[personal profile] thewayne
A computer contains a CPU, the central processing unit that handles all of the calculations needed to run the operating system and whatever software that you're running. Lots of computers these days also have GPUs, graphics processing units that handle the high-res graphics that lots of modern games require.

Well, the people who write malware have gotten a step up on security researchers by finding a way to hide malware inside a GPU. The problem is that no security tools are designed to look inside the operations of a GPU, so for the time being, until the security tools are updated to cope with this new type of threat, this problem is undetectable.

The thing that I find interesting is that people have been using GPUs for advanced computation for ages. Bitcoin mining, password attacks, etc. We've known how to program GPUs for non-graphic processing, it seems obvious to me that malware authors would eventually figure out a way to leverage it to compromise the host computer.

I also find it interesting that they first threw their attack against Linux, rather than Windows. I wonder how long before it's in the Microsoft environment.

http://www.itworld.com/article/2920615/security/new-linux-rootkit-leverages-gpus-for-stealth.html

Date: 2015-05-10 01:46 pm (UTC)
From: [identity profile] silveradept.livejournal.com
It was a matter of time, considering that there are password crackers in the wild that use only GPUs as their processing heft. Perhaps now there will be serious talk of developing and utilizing anti-virus mechanics for Linux, instead of people smugly resting on their laurels about how Linux doesn't get them?

Date: 2015-05-10 03:16 pm (UTC)
From: [identity profile] thewayne.livejournal.com
I think anti-virus people are going to have a tough row to hoe writing a good package for Linux. My reasoning behind that thought is that a lot of Linux hobbyists do a lot of tweaking, writing their own code and drivers, modifying their kernels, changing permissions, etc., that it's going to be tough to say, programmatically, that this behavior is malicious and that is not. A lot of Linux hobbyists run stable configurations with little modification, with those you might be able to run a Tripwire-like program to detect malware.

It seems to me that the thing that gives Linux users their freedom is also going to be the thing that makes it difficult to defend themselves.

Date: 2015-05-11 02:25 am (UTC)
From: [identity profile] silveradept.livejournal.com
This is true. At the same time, those same customizations mount prevent malware from working in the first place, so yeah, it's going to be tough to develop things that attack the OS. GPUs and other components might be easier to attack because they'll have some amount of standardization to them.

Date: 2015-05-12 02:32 pm (UTC)
From: [identity profile] thewayne.livejournal.com
Apparently today/yesterday they demonstrated a Windows version and say an OS-X version is in development.

October 2017

S M T W T F S
12 34 5 67
8910 11121314
15161718192021
22232425262728
293031    

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Oct. 18th, 2017 09:01 am
Powered by Dreamwidth Studios