Secure64’s claims of immunity to rootkits, trojans, viruses and worms put to test; Matasano Security confirms SourceT stands up to scrutiny

Greenwood Village, CO, December 11, 2007 – Secure64 Software Corporation, a software developer with the only Genuinely Secure™ software technology and server applications, today announced it commissioned Matasano Security to critically evaluate the Secure64 claim that, for remote attackers, its SourceT micro OS is immune to malware, including the rootkits, trojans, viruses and worms that plague conventional operating systems. After conducting a rigorous architectural analysis, the renowned security research and consulting firm reports that “methods used by malware to gain system access and obtain the privileges necessary to install themselves for continued infection do not appear viable.”

The Matasano report goes on to state that its security experts could identify “no architectural flaws that would allow for the injection of foreign code in to the SourceT system”, and “methods which would directly lead to privilege escalation, or allow a remote attacker to alter the boot process, were also not identified.”

Matasano evaluated the SourceT architecture against three areas of vulnerability: code injection, privilege level escalation, and alteration or subversion of the trusted boot process. These areas were selected as they comprise the strategy of typical malware such as worms, spyware or trojan horse applications to introduce arbitrary code into a computing system.

“Lots of vendors make incredible claims about their security, so when Secure64 approached us with theirs, we were immediately interested in peeking under the hood to see if they could back up their bold assertions of immunity,” stated Jeremy Rauch, Principal at Matasano. “Purpose-built operating systems and appliances are a practice focus for Matasano, and it’s rare to see one designed from the ground up for security like SourceT. Secure64 didn’t ask us to pull any punches, and after several weeks of analysis we found SourceT to be as solid as they claimed. We’re impressed with their approach.”

SourceT is a patent pending Genuinely Secure™ micro OS that was designed from the ground up to make SourceT and any applications running on it immune to rootkits and malware and resistant to network attacks. SourceT takes advantage of the unique features of the Intel® Itanium® microprocessor to improve performance while eliminating the need to “harden” operating systems and protect mission-critical applications with security devices.

“The Intel Itanium microprocessor offers several unique features that help significantly improve the security and integrity of operating systems and software applications,” said Kirk Skaugen, Intel vice president and general manager, Server Platforms Group. “Building upon these capabilities, Secure64 is able to provide increased peace of mind from some of  the most common security threats, including root kits, runtime code injection, and buffer overflow attacks.”

The unique security and performance capabilities provided by the Intel Itanium microprocessor include:

  • Hardware Authentication of Firmware – Authenticates initial firmware image during system boot process to ensure it has not been altered in any way;
  • Runtime Memory Protection – Supports up to 16.7 million cryptographic protection keys, which can be used to create more secure memory compartments and enable dynamic, granular control of the runtime operating environment. Only specific software modules under user-controlled conditions can access each memory compartment;
  • Independent Page Level Read/Write/Execute Privileges – Allows code to be set to execute-only privilege and data to be set to read-only or read-write privilege, thus providing a formidable barrier to the injection or execution of unauthorized code
  • Separate Conventional and RSE Stacks – Separates and helps protect control information from application data on the stack, helping to reduce conventional buffer overflow attacks

“We realize our extraordinary claims of complete immunity to rootkits and malware have raised eyebrows as well as healthy skepticism within the industry, which is why we’re going to great lengths to get our claims verified through respected third-party sources,” stated Mark Beckett, vice president of marketing, Secure64. “We are certainly pleased but not surprised that Matasano found no way to inject or execute malware into SourceT via network attacks. Internal testers, Internet-dependent businesses and other security experts have all come to the same conclusion – SourceT means ‘no trespassing’.”

Today Secure64 is also announcing an important enhancement to Secure64 DNS – the company’s first application based on SourceT. Secure64 DNS is an authoritative DNS server application with built-in denial-of-service protection features that help ensure Internet-dependent businesses are always accessible. To read more about this announcement, to view the full Matasano report, or to get more information on SourceT and Secure64 DNS, visit

About Matasano

Formed in 2005 with offices in New York and Chicago, Matasano specializes in solving the security challenges of complicated applications deployed in high-risk environments. The company comprises a team of internationally respected security experts that have led security efforts at @stake, Microsoft, ISS, Secure Computing, Arbor Networks, Secure Networks, Bloomberg, Sandia Labs. Matasano wrote the first published i386 stack overflow, co-founded the ISS X-Force research team, invented IDS evasion, developed optical switching platforms and found the first software vulnerabilities in embedded iSCSI and Fibre Channel storage appliances.


About Secure64 Software Corporation

Headquartered in Greenwood Village, Colorado, Secure64® is a software developer providing secure, self-protecting, high performing server applications. Secure64’s core technology is SourceT®, a patent pending Genuinely Secure™ micro OS designed from the ground up to make the micro OS and any applications running on it immune to rootkits and malware and resistant to network attacks. Unlike conventional operating systems with insecure architectures, SourceT does not need to be hardened, patched and protected to minimize exposure to vulnerabilities.

SourceT applications such as Secure64 DNS do not require protection from firewalls, intrusion prevention or DDoS mitigation devices. By simplifying and consolidating network infrastructures, SourceT-based applications help IT professionals reduce costs and risks while achieving unparalleled levels of reliability and performance. For more information, visit

Company Contact

Mark Beckett

Vice President, Marketing


(303) 242-5899


Press Contacts

Karla Trippe

Trippe and Company

(970) 468-1850

Rich Miller
Trippe and Company
(303) 539-6933