On Friday, May 9, 2008, InfoWorld reported that Clear Hat Consulting has developed a rootkit that could run in an obscure part of a computer’s microprocessor making it 100% undetectable. Not only have they written such a rootkit but Clear Hat plans to demonstrate their “proof-of-concept” creation at the Black Hat Security conference in Las Vegas this August. Is it just me, or does anyone else have a fundamental problem with a guided tour of what could be the most malicious piece of software ever written?

Computer security research is important…but

I understand the importance of progressive research in the area of computer security and am grateful for companies and individuals that toil endlessly to help keep my PC safe from malicious attacks; however, I am concerned with Clear Hat Consulting’s latest discovery. Yes, you could argue that this discovery helps the “good guys” stay one step ahead of the “bad guys.” You could also argue that the “good guys” just gave hope to an idea that they “bad guys” might have given up on. And, if the “bad guys” had any questions about “how it works,” they only need to attend the August Black Hat conference for the guided tour.

Will ego get the better of them?

I suspect that Clear Hat will act responsibly at the August conference and not give away too much in their guided tour; however, with a name like “Clear Hat” it’s not clear (pardon the pun) whether their intentions are good, bad, or simply indifferent. That being said, there is no guarantee that on the day of their presentation that techno-machoism won’t get the best of the presenter who, in a fit of ego, doesn’t “give away the farm.”

I respect and appreciate the work that the “good guys” do in the area of computer security, but sometimes I wonder whether talking about their latest “discovery” isn’t doing more harm than good.

Share, Bookmark, or Email this post

If you liked this post, subscribe to TechTraction's RSS feed or TechTraction's email feed

Filed under: Tech Commentary