Posts by zeromastermind

What?

So this is basically a non-issue if you have "only allow people in my contact list to contact me" selected, correct? Unless of course, your friends are idiots themselves who have maleware running on their boxes.

Unless you're in "business," whatever happened to, "don't answer anything unless it was expected"? Doesn't most of the world need blacklisting anyway?

Amazing info.

I remember reading somewhere back a few months ago that researchers were able to install one of these advanced bootkits on a machine that was running full-system encryption via truecrypt - *one* round of AES. The story was surprising at the time because that was one of the few mitigations of the installation of these bootkits - the idea being that existing (truecrypt boot loader) code was already in the MBR and that overwriting any of it would render the system unbootable since the truecrypt boot loader would be hence corrupt and wouldn't even load. Apparently there was still enough free space in the MBR to write to after the truecrypt code ended.

However, no one said anything about cascade encryption.

If you had a combination of AES+Twofish+Serpent as your system encryption scheme - would that be enough to plug any holes in the MBR to prevent these bootkits from installing? Anyone?