The Two Laws Of Rootkits

Written by rmogull | Filed under Misc, Non-Geek, Security Research, Vulnerabilities | 1 comment



I loved Mike Rothman’s title to his take on the Cisco IOS rootkit (original article here).

What about “everything is vulnerable” didn’t sink in?

Okay, technically a rootkit isn’t a vulnerability, but we’ll forgive Mike since I know he knows the difference, and he writes his Daily Incite first thing in the morning.

To simplify, here are the Two Laws of Rootkits:

  1. You can create a rootkit for anything that runs software.
  2. Everything runs software.

(If you don’t get the sarcasm, I can’t help you).

Posted on May 19

1 comment

  1. kurt wismer May 19

    if i’m not mistaken, i believe you’ve just stated that the ability to support that functionality is inherent to the general purpose computing platform…

    though i’m not sure if *everything* truly qualifies as a general purpose computer (yet) it certain seems to be going in that direction (unfortunately)…

Leave a reply

Related Posts

Is Rootkit Detection Worth It?
The Three Laws of Data Encryption
It’s The Enforcement, Not The Penalties