[coreboot] How Coreboot can help in malware reverse engineering ?
Jean-Francois Agneessens
jeanfrancois.agneessens at gmail.com
Thu Oct 30 18:59:14 CET 2008
>
> > I prefer to stay away of virtualization because malware tend to implement
> > techniques to detect if they are running on VMs.
>
>
> And disable themselves ? Maybe that would be a fine solution for the
> problem then ;-)
Yeah I know, this is indeed a good way to prevent malware going bad :-) If
you look at how the Virtualization is groing, the malware will miss the
server market soon; But still, a workstation tend to run straight on the
hardware, and so they know that VM is a tool of choice for malware analysis
!
--
---------------------------------------
Jean-François Agneessens
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20081030/37aee800/attachment.html>
More information about the coreboot
mailing list