I hope you remember the young Indian security researchers Vipin Kumar (22) and Nitin Kumar (23), the TPM Boys [I guess, that’s the way they call themselves. At least their blog confirms that. 🙂 ]They presented a Paper “Vboot Kit: Compromising Windows Vista Security” at Blackhat Europe – 2007.
The talk explained the (different) booting process of Windows Vista. It also introduced the concept of manipulating an OS during its boot process using VBootkit. Finally, they gave a live demo of VBootkit in action (on Vista).
This event was Slashdotted. VBootkit was also blogged by Bruce Schneier. Here is an interview of the “boys” at SecurityFocus by Federico Biancuzzi. In their own words, “Vbootkit is much like a door or a shortcut to access vista’s kernel……. since vbootkit becomes part of the kernel, it can do anything that Vista’s kernel can do.”
This all, however, is a news of past. The current news stirred more vigour and controversy. They had yet another paper “TPMkit: Breaking the Legend of Trusted Computing (TC [TPM]) and Vista (BitLocker)” scheduled to be presented at Blackhat USA – 2007. They withdrew there paper last week without any comments. This news was Slashdotted and resulted in a (typical) slashdotian variety of comments. Some even doubted if they really had any success in their research. Well, you cannot really blame them. That’s the fussy nature of our FOSS communities… errr… wait. Before you bash me, I’d like to remind you that it’s not (only) me who says that. It was originally cited by Mark Shuttleworth. An amazing number of people opposed Mark by creating a lot of Fuss. 😉
Coming back to the story. A user, by the handle PoliTech, commented on Slashdot and reminded the Michael Lynn’s paper at Blackhat about his research on Cisco Routers. Cisco and ISS sued Lynn and the management of Black Hat conference. It’s worth noting that Lynn was an ISS employee. 🙂
It should be also be noted that Vipin and Nitin’s previous presentation was in Amsterdam, Europe. This presentation, however, was scheduled in US… and the (stupid) US laws can screw things up. Based on Lynn’s case, it is quite apparent that Vipin and Nitin didn’t wish to get caught in any such undesirable situation.
I hope to see them present the paper at some other conference (or location) pretty soon. Best of luck guys.
OffTopic: Coincidentally, my younger brother’s name is Nitin. 🙂