Language Selection

English French German Italian Portuguese Spanish

Do you need to worry about the new /dev/mem rootkit problem?

Filed under
Security

A new paper was presented in late March about using /dev/mem to inject and hide a rootkit (PDF), and the method has been getting some press, leading to a little concern. The first thing that you should understand is that this class of attack has been used before. We know how to protect against it.

If you read the paper, you'll find out two things:

1. We need a way to write to /dev/mem as a regular user, and
2. There's a kernel config which protects against this mechanism.

rest here




More in Tux Machines

Kodi (XBMC Media Center) 14.2 Officially Released, Kodi 15 “Isengard” Is On Its Way

The Kodi development team, through Nathan Betzen, had the pleasure of announcing today, March 28, the immediate availability for download of the second and last maintenance release for Kodi 14 (codename Helix), before they continue with the development cycle for the upcoming release, Kodi 15, dubbed Isengard. Read more

Debian 8 Jessie Installer Now Supports Running a 64-bit Linux Kernel on a 32-bit EFI

The Debian Installer team had the pleasure of announcing on March 27 that the second Release Candidate (RC) version of the Debian 8.0 "Jessie" installer is now available for download and testing. The RC2 version of the installer brings a great number of improvements and fixes. Read more

First Look at GNOME 3.16

The highly anticipated GNOME 3.16 desktop environment for Linux kernel-based operating systems has been announced on March 26, 2015, and has been declared by the GNOME development team as the best GNOME release yet. Of course, we wanted to give GNOME 3.16 desktop environment a try and see for ourselves the new features, apps, and improvements. Read more

today's howtos