Free Rootkit with Every New Intel Machine

Stephan Neuhaus neuhaus at
Mon Jun 11 02:51:23 EDT 2007

Peter Gutmann wrote:
> -- Snip --

This is very scary.  I bet that our Minister of the Interior would love 
it, though, since he has been pushing a scheme for stealth examination 
of suspects' computers (called "Federal Trojan").  Technology like this 
would be a large first step towards making this possible.

> [...]
> - Built in web interface on every machine (port 16994)

Apart from all the other things that are wrong with this scheme,

* you can't trust the output of netstat anymore;
* in other words, what you see with netstat may not be the same as what 
someone else sees with nmap; and
* if the web interface has a vulnerability, you have an unshutdownable 
vulnerable service running on your machine.



The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list