A blue pill cures all problems

When you think of blue pills, you imagine tv ads by politicians, people who are bored with their partners, and people who can’t get enough of their partners. You might also think of a lot of spam, due primarily to the previous points. However, you’d likely never think a “blue pill” could hide malware, completely undetectable, on your Windows computer, but that is exactly what a researcher in Singapore has devised. I suspect the name was an afterthought.

I’d say its good to know that such things are possible ahead of time, so someone can devise a way of detecting the undetectable (always happens). I’d also say I’m feeling pretty comfy sitting in at my desk right now – with one computer running OS X and the other running Fedora Core.


Bart Schaefer says:

Maybe those other OSs shouldn’t make you so comfy:

Rutkowska stressed that the Blue Pill technology does not rely on any bug of the underlying operating system. “I have implemented a working prototype for Vista x64, but I see no reasons why it should not be possible to port it to other operating systems, like Linux or BSD which can be run on x64 platform,” she added.


You are correct. I still feel comfy, however, reason being I see quite a bit of distance between a working prototype and “seeing no reasons” why it can’t be done someplace else. As for “blue pill” not relying on bugs – that’s ok. Exploits still need to rely on operating systems processes, as well as business processes. Those are readily accessible (and correctable) where open (and where companies have a head start). Note that the Sony rootkits were available for Macs too, its just that you had to jump through a lot of hoops to get one on in the first place. Again, process, not bugs.