Rootkits the security threats that no ones heard of

[gaurdro 0]

a security threat to be concerned with is the increasing prevalence of viruses containing advanced rootkits to hide their actions or data on the computer. even from the anti-stuff tools. a rootkit was originally a name for tools that hackers/crackers would use to maintain root on unix/linux machines. root is the uber user with all the permissions on a linux box. on windows these tools can be used to hide data on the harddrive and in the registry by manipulating the way the data is stored. THe windows api(the thing windows uses to communicate to the hardware) reads things in certain ways but the data/structures can be vastly different. an example of this is in the registry the data is stored as numbered strings while the api reads them as null terminated string. the data a rootkit would write is:/hkey_something_or_other/folder/"data that is seen\x0(the null character)data i want hidden"and windows will return:/hkey_something_or_other/folder/"data that is seen"the rootkit reads the raw data and bypasses the windows api so it can read the full data. these programs are everywhere already. windows even has one to deal with the special files on an ntfs filesystem and another to deal with windows update. i've heard that there are many tools to find these things but as of yet i haven't looked into any of them.

Notice from truefusion:

Moved to the Security Issues & Exploits forum.

[TypoMage 0]

Hmm hidig something on your harddrive. But it is impossible to make it completely untrackable. Right? Well I do not think that you can hide anything. Like when you delete something then you empty your trash bin. There is still a way to retrive that data. right?

[gaea 0]

Well I do not think that you can hide anything. Like when you delete something then you empty your trash bin. There is still a way to retrive that data. right?

As you described it, yes you can still retrieve the data. The solution would be to use a "shredder" utility. In essence what it does is find the location and size of the file you want to destroy, and then over-writes it with garbage information fifteen times or more. If you really want to destroy a file overwrite it about fifty times, and there will be no going back.