I loved Mike Rothman’s title to his take on the Cisco IOS rootkit (original article here).

What about “everything is vulnerable” didn’t sink in?

Okay, technically a rootkit isn’t a vulnerability, but we’ll forgive Mike since I know he knows the difference, and he writes his Daily Incite first thing in the morning.

To simplify, here are the Two Laws of Rootkits:

  1. You can create a rootkit for anything that runs software.
  2. Everything runs software.

(If you don’t get the sarcasm, I can’t help you).