Real Story of the Rogue Rootkit 427
BokLM writes "Wired has an interesting article from Bruce Schneier about what's happening with the Sony Rootkit, and criticizing the anti-virus companies for not protecting its users. From the article: 'Much worse than not detecting it before Russinovich's discovery was the deafening silence that followed. When a new piece of malware is found, security companies fall over themselves to clean our computers and inoculate our networks. Not in this case.'"
deafing silence (Score:0, Interesting)
How appropriate
Bah... (Score:5, Interesting)
NGSCB? (Score:5, Interesting)
Fear? (Score:5, Interesting)
Yet the bigger story here in the fact that a blogger was the breaking source.
My media is 75% blogs now. Many use links to back their opinions (I'd love to see a standard bibliogtaphical Wiki for referencing). They're faster than the daily news and less likely to be afraid of corporate threats.
BTW, anyone know a way for me to toggle link text format fron standard (blue w/ underline) to normal (black no underline) and back, quickly?
DMCA risks. (Score:5, Interesting)
DRM is useless (Score:5, Interesting)
Companies are so worried about piracy that they go to these extremes. What they need to look at is why are people pirating. Many people pirate because the thought of spending $17 for a cd is rediculous considering that only a few songs are worth a damn. Secondly, DRM makes it worse because people can't rip the audio for their mp3 player. This drives people to piracy and the DRM makes it worse and drives the consumer away. Just lower the damn prices and let me burn it, rip, or do anything else I want with it because it's mine!
gasmonso http://religiousfreaks.com/ [religiousfreaks.com]Re:Clearly (Score:2, Interesting)
Did ClamAV pick this up? (Score:2, Interesting)
Re:A thought experiment (Score:2, Interesting)
How about the open source? (Score:3, Interesting)
double standards, no standards? (Score:5, Interesting)
Re:Thats because this virus was nasty as hell. (Score:5, Interesting)
Instead, they're saying the DRM software that hijacks your device driver is legitimate, and the rootkit was really only kinda bad because it hid legitimate software....
Re:sony (Score:3, Interesting)
What about...... (Score:2, Interesting)
I'm afraid the answer I'm going to get is: We don't know.
Viruses vs. Spyware vs. Rootkits ... ??? (Score:2, Interesting)
Some of the most popular spyware-detection tools aren't from the big AV players --
That said, there are explicit differences between terms in TFA that should be noted. Though I am no expert in the field, it's generally agreed upon that virus != spyware. (How many of you cringe when you hear "hacker" used pejoratively? Are they really a cracker/script kiddie/etc...) Let's get our diction correct.
Ok, so what are rootkits? This is where the
Do we blame the ambulance responding to the scene of a fire for our house burning down? Nay, the fire department? Suppose the fire department responded lethargicly. Then, might we play the blame game. What if the fire department arrives to confront an unknown, previously unfaced force destroying your building?
The tongue-lashing poured out by Author should best be kept to his blog, which he has proudly boasted to you, the reader, about already. Let him keep his opinions and bashing there and in
Re:The brick advertisement (Score:2, Interesting)
When you look back and examine old BBS's you see stuff that might make the average person squirm. You find manuals on how to drive someone to suicide, you find ways to destroy a vax system from a remote location. You find e-books that make Chuck Palanhuk and his Fight Club buddies look like a bunch of weaklings. You can find manuals on how to make an exploding floppy disk for heavens sake.
But amid all that text, all the Warezed floppys, all the unreliable explosive guides, There were people you felt you could trust. We had that with the modern web.
Now when you scour the internet you find a variety of things. Blogs, Memes, Warezed isos, Pirate movies, any album ever recorded, any type of fetish you could concieve. With this comes new problems, Malware, Trojans, Worms. No operating system is safe anymore.
With the digital war between blackhat and security escalating newer and nastier ways to cripple PCs are becoming ever more prevailent. Most security centers today have not implemented full rootkit detection. So are they losing? That is a matter for the individual to decide.
But as for myself, my faith has been broken. The faith that Grisoft and Microsoft will truely protect me. The faith that a website at sony.com will not try to install things on my PC. The faith that free software will truely stay free or will go the way of Div-X 5 and Daemon Tools 4, falling prey to temtations of revenue from adware.
In many ways we may be more physically secure today, but I think I speak for everyone who maintains a windows partition, for whatever reasons, in saying we just don't know anymore.
DOD Twist (Score:5, Interesting)
This line kills me. (Score:3, Interesting)
What I want to know is why the fuck shouldn't a corporation be held to the same rules the rest of us are? As the line above illustrates, people now assume that companies can abuse the law as they see fit and not get reprimanded.
While the rest of us (AKA as not rich) get sued [newsfactor.com] into oblivion or prosecuted [hollywoodreporter.com] to the fullest for downloading a shitty CD that should only be $5.
Actually (Score:5, Interesting)
The creator of the rootkit (First 4 Internet) apparently worked with Symantec and other major antivirus companies to make sure that it would neither be detected nor removed by their software according to CNET.
This is a very damning accusation.
What about Sony computers? (Score:2, Interesting)
does not... (Score:2, Interesting)
Re:Clearly (Score:5, Interesting)
DRM is useless but DEADLY... (Score:3, Interesting)
But now there's an even more obvious reason to download music in an open format like MP3: MP3s cannot suddenly turn on you and break your computer.
I'm sure I'm not alone when I state that I will never buy a Sony or BMG CD again, ever, unless it comes with a bold-printed, legally-binding guarantee that the damn thing is a plain-Jane, Red-Book-compatible, fully-rippable CD. And I'm never again going to insert a music CD into Windows, no matter who sells it to me. I'll rip the things in Linux, where it's safe.
This is independent of my desire to punish Sony by boycotting their products. This is legitimate fear. No individual music CD is worth the risk of having to reinstall Windows, to say nothing of the risk of being 0wned or losing some of my data.
Re:DMCA risks. (Score:2, Interesting)
This points up an interesting concept: can a virus be protected under the DMCA? Can delving into its bits be considered an IP violation? Hmmm...
Re:Bah... (Score:3, Interesting)
"Thee" should be "Thou"
"Thee" is to "Thou" as "me" is to "I".
Re:Bah... (Score:1, Interesting)
I, for one, am happy on my Win2K system with Autorun firmly *disabled*. And I've yet to see any reason to enable it - in fact, quite the opposite.
And yes, I've been in IT since 1990, so the period you mentioned is covered. But I'm in the EU, so maybe it's a difference in markets?
Re:This is all SONYs wrongding, not MS (Score:3, Interesting)
I agree, autorun is a bad way to do things. The proper way is to have a good service that detects a disk, and performs a user-assigned task, such as open a media player, image app, cd burning app, or otherwise. Allowing a company to open any old program that is on the disk you just inserted, especially with the lax default permissions in windows (XP still creates all users during setup by default as admins with no passwords).
Re:Actually (Score:2, Interesting)
I don't think you need to look at the story this way. You're right, the vaste majority don't have a clue about rootkits, cloacking and such obviously. But what Schneier wrote is that people pay a high price to get "protected" from those "security companies", and they deserve a much better service!
Security companies must have known about sony rookit potential risks. Especially if, like those bastards in "First 4 Internet" tells us, they have been on the loop from the begining ! By not evaluating the security breach of this copy protection, and not acting properly by not advertizing the risk and not removing the software, they prove they're either extremely incompetent, or totally biased, or both.