"Theoretical" targeted rootkits need to play by different rules than the common malware that ends up filling our inboxes with spam and attempting to steal our CC numbers... The costs involved of getting popped are huge in comparison, the value is in the secrecy of being truly hidden and embedded for the long term.
I've spent the past year considering what the next level of rootkits would look like and how we can protect ourselves against them. This talk will cover a handful of advanced hiding mechanisms at a technical level. The talk will also touch on legal implications and existing frameworks for expensive advanced threats.