| Note the requirements:
"in order to execute the attacks, you need either root privileges or physical access to the machine in question"
Unix and Linux, by design, don't have a user running with root or 'admininstrator' privileges under normal conditions, so the attack couldn't work unless someone logged in with root privs and then executed the code.
Windows users, on the other hand, are typically set up with 'Administrator' privileges, meaning that applicatons they are running typically have complete access to the system. While Microsoft have largely addressed this with Vista's 'User Access Control', many complain that the solution is little better than the problem. However, UAC DOES mean that this attack should be pretty difficult to pull off against a Vista or Windows 7 machine as well, at least remotely.
If the attacker has local access to the machine, then all bets are off.
As I see it, the real worry here is going to be trusting that machine you just bought. What happens if some disgruntled employee tampers with the BIOS image at Dell?
__________________ Avatar and sig graphic by Pitch. Subscribers!
Ask about a custom graphic or avatar today! Later, Gizmo     |