Thread: PC vs Mac

Originally Posted by Ynot

Also, rootkits can hide malware

A rootkit is (typically) a kernel-level hypervisor that runs your OS on top
Same as a VM cannot detect it's running in a virtualised environment, an OS (and by extension, any program it's running) cannot detect it's running on top of a rootkit

Ain't no way you can detect that without outside help

Can't you just get a piece of antivirus that scans for rootkits?

Originally Posted by Mario92

Can't you just get a piece of antivirus that scans for rootkits?

I'm sure someone will try to sell you one, but no.
You cannot diagnose rootkits (or other malware "underneath" an OS) on the infected OS itself

Anything you do to combat rootkits has to be done externally to the OS (Ie. another OS)

Originally Posted by Ynot

I'm sure someone will try to sell you one, but no.
You cannot diagnose rootkits (or other malware "underneath" an OS) on the infected OS itself

Anything you do to combat rootkits has to be done externally to the OS (Ie. another OS)

The antivirus will simply try to detect the installation of the rootkit in the first place, once it's in place, it's like the dll impostor, it's impossible to detect. Microsoft tried to remedy this by introducing UAC, but, most users disable UAC because it's such a pain in the ass. You can't add protection from viruses on top of the operating system with extra programs like microsoft is doing. Anti-virus security systems have to be inherent in the OS itself, like it is with UNIX and Linux.