I was implying no such thing. The current infection targeted Windoze only. So windoze is the only OS currently vulnerable to *this* specific attack.
My impression of Mr O's response was that the MBR attack was irrelevant to us. (That impression may have been incorrect.) I was merely saying that with VM malware loaded from the MBR *any* and all OSs could be hosts. It really wouldn't matter what OS was running above the VM. We're not there yet. But we're close. How can we ensure we don't get infected with a VM loaded from MBR? -- Allen Brown abrown at peak.org http://brown.armoredpenguin.com/~abrown/ Nothing defines humans better than their willingness to do irrational things in the pursuit of phenomenally unlikely payoffs. This is the principle behind lotteries, dating, and religion. --- Scott Adams ----- Original Message ----- From: "Timothy J. Wiley" <tjwi...@gmail.com> To: "Eugene Unix and Gnu/Linux User Group" <euglug@euglug.org> Sent: Thursday, June 30, 2011 1:28:02 PM Subject: Re: [Eug-lug] Bot infection stored in MBR So you're implying that only Windows is currently vulnerable to attacks? Wow. On Thu, Jun 30, 2011 at 1:04 PM, < abr...@peak.org > wrote: Neither. I am talking about the next generation infection which installs a VM under your OS. There has been talk of this for a while, but so far as I know none yet exists. But installing in the MBR is a critical element of any such VM infection. -- Allen Brown abrown at peak.org http://brown.armoredpenguin.com/~abrown/ A bug is a test case you haven't written yet. --- Mark Pilgrim ----- Original Message ----- From: "Timothy J. Wiley" < tjwi...@gmail.com > To: "Eugene Unix and Gnu/Linux User Group" < euglug@euglug.org > Sent: Thursday, June 30, 2011 12:47:59 PM Subject: Re: [Eug-lug] Bot infection stored in MBR Vulnerable to what? This particular infection or infections in general? On Thu, Jun 30, 2011 at 11:04 AM, < abr...@peak.org > wrote: This seems like a small step away from booting into a virtual machine. At that point all OSs are vulnerable, not just Windoze. -- Allen Brown abrown at peak.org http://brown.armoredpenguin.com/~abrown/ Plug-and-Play is really nice, unfortunately it only works 50% of the time. To be specific the "Plug" almost always works. ---unknown source ----- Original Message ----- From: "Mr O" < notanathe...@yahoo.com > To: abr...@peak.org , "Eugene Unix and Gnu/Linux User Group" < euglug@euglug.org > Sent: Thursday, June 30, 2011 10:46:53 AM Subject: Re: [Eug-lug] Bot infection stored in MBR Nothing new here. Move along. --- On Thu, 6/30/11, Allen Brown < abr...@peak.org > wrote: > From: Allen Brown < abr...@peak.org > > Subject: [Eug-lug] Bot infection stored in MBR > To: "Eugene Unix and Gnu/Linux User Group" < euglug@euglug.org > > Date: Thursday, June 30, 2011, 10:34 AM > http://www.bbc.co.uk/news/technology-13973805 > -- > Allen Brown abrown at peak.org http://brown.armoredpenguin.com/~abrown/ > Is there another word for synonym? --- > George Carlin _______________________________________________ EUGLUG mailing list euglug@euglug.org http://www.euglug.org/mailman/listinfo/euglug _______________________________________________ EUGLUG mailing list euglug@euglug.org http://www.euglug.org/mailman/listinfo/euglug _______________________________________________ EUGLUG mailing list euglug@euglug.org http://www.euglug.org/mailman/listinfo/euglug _______________________________________________ EUGLUG mailing list euglug@euglug.org http://www.euglug.org/mailman/listinfo/euglug _______________________________________________ EUGLUG mailing list euglug@euglug.org http://www.euglug.org/mailman/listinfo/euglug
