Weekly Edition
Return to the Press page
| |||||||||||||
Does open source encourage rootkits? (NetworkWorld)
NetworkWorld covers
a McAfee report claiming a correlation between open source software and the
spread of root kits. ""The predominant reason for the growth in use
of stealthy code is because of sites like Rootkit.com," says Stuart
McClure, senior vice president of global threats at McAfee. Rootkit.com's
41,533 members do post rootkit source code anonymously, then discuss and
share the open source code. But it's naïve to say the Web site exists for
malicious purposes, contends Greg Hoglund, CEO of security firm HBGary and
operator of Rootkit."
(Log in to post comments)
Does open source encourage rootkits? (NetworkWorld) Posted Apr 18, 2006 19:08 UTC (Tue) by thomask (guest, #17985) [Link] Security through obscurity, anyone?
Does open source encourage rootkits? (NetworkWorld) Posted Apr 19, 2006 1:27 UTC (Wed) by mmarq (guest, #2332) [Link] Just about everyone from the anti-virus industry!
"far from the eye, far from the heart"... and just everything else that dosent trouble the business...
oh well!... that dosent *force* that crackers arent able to share their rootkit code, and others, over some IM network with file transfer, but at least that wouldnt be made in the * real open*, and so nobody has to lose face in contrast with the menace, that in the Windows(R) environment start to seem to me like the anti-virus industry trying to hold a dam from collapsing with their fingers.
Meanwhile anything is usefull to attack *open source*,... because secure systems are bad for the security business!.. gee, i must reach my medication, because i must be going nuts for saying such thing...
And just to thought that i suggested plenty in this forum that the next linux form, a real advanced generation, *could* be in the form of a exokernel (http://tunes.org/wiki/Exokernel ) since in my limited and uneducated vision as an OS kernel they are interconvertible(cant find better word) with a VMM, and perfectly capable of hosting one( page 16 http://www.hotchips.org/archives/hc17/1_Sun/HC17.T1P2.pdf ), soon to be at the heart of every CPU...
Adds to all this that, *in my limited and uneducated vision*, an exokernel is *natural* for orthogonal persistence without having to trow away the Filesystem (http://www.erights.org/data/serial/jhu-paper/upgrade.html),and *natural* for capabilitys (http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf), with the LibOSes running in ring 0 or ring 3... well, i guess!
So anybody that puts some substancial part of the IT industry developing real secure, anti-virus termination, systems will be awarded not with contempt, but with a possible jorney into some guantanamo camp(figurative or real)... in preference on the dark side of the moon...
Does open source encourage rootkits? (NetworkWorld) Posted Apr 18, 2006 19:37 UTC (Tue) by arcticwolf (guest, #8341) [Link] FOSS encourages rootkits in the same way that the increase of ice cream sales in summer leads to more violent crimes.
In both cases, the real connection is not that one is causing the other; rather, there's a common underlying reason for both. In the case of ice cream sales and violent crimes, it's the heat (which makes people more aggressive as well as more prone to buy ice cream); in the case of FOSS and rootkits, it's the fact that the Internet has taken off so much in the past ten or fifteen years.
I can't quite believe that McAfee really believes that there is a direct causal connection - instead, I wouldn't be surprised if they simply tried to get some mentions in the news again by spreading this kind of bull. But then, McAfee has also gone from a market leader with a good reputation to one of a bunch of minor players that follow rather than lead, so maybe it really *is* genuine stupidity.
Does open source encourage rootkits? (NetworkWorld) Posted Apr 18, 2006 20:29 UTC (Tue) by smitty_one_each (subscriber, #28989) [Link] Yep, correlation != causation.As long as arguments are so notional, one might claim the opposite. If we didn't have F/OSS, things would be worse.
Does open source encourage rootkits? (NetworkWorld) Posted Apr 18, 2006 21:32 UTC (Tue) by proski (subscriber, #104) [Link] On the high seas, the trend is reversed - warmer climate reduces the number of pirates: http://www.venganza.org/piratesarecool4.jpg
Sarcasm intended ... I hope Posted Apr 18, 2006 23:19 UTC (Tue) by AnswerGuy (guest, #1256) [Link] I certainly hope that this was posted as a sarcastic illustration of the point: correlation != causation.
The dates (years) posted long the graph tell the real story (and obviously should form the other axis. Plotting average temperature and number of pirates (one axis) over time would show that one has risen and the other has dramatically declined precipitously. However, noting that the slopes of the lines probably don't show any notable correlation would also tend to refute any causal hypothesis.
(Notably the "elbow" change in slope on the temperature graph corresponds very nicely to the beginnings of the industrial revolution).
BTW: Perusing the parent of this URL leads to the context of that graph, I've made the "Touched by his Noodly Appendage" image my new wallpaper. :)
JimD
Another convert! Posted Apr 19, 2006 11:03 UTC (Wed) by man_ls (subscriber, #15091) [Link] Please don't use words as "sarcastic" when talking about the sacred Flying Spaghetti Monsterism principles; we Pastafaris are quite sensitive about them. And "global warming vs number of pirates" is one of the sacredest.Glad to see that you have made His image your wallpaper; mine is the plastiline version of the "Him, trees, mountain, midgit" graph. With any luck you will be a convert in no time; and now that our spiritual leader has sold to commercialism we are in need of true converts.
Sarcasm intended ... I hope Posted Apr 21, 2006 16:26 UTC (Fri) by giraffedata (subscriber, #1954) [Link] Indeed, proski has taken this graph completely out of context.It doesn't show that heat diminishes piratism; it shows that diminished piratism causes global warming. This is actually consistent with the original assertion that heat causes aggressive behavior, because it means there is a self-stabilizing local equilibrium.
Does open source encourage rootkits? (NetworkWorld) Posted Apr 18, 2006 20:39 UTC (Tue) by rmstar (guest, #3672) [Link] I find the rootkit.com site to be extremely scary. It is hard not to see a point in McAfee's complaint.
Do you really think . . . Posted Apr 18, 2006 22:53 UTC (Tue) by AnswerGuy (guest, #1256) [Link] ... that you should be more scared because this site is right where you can see it?
I'm more scared of the stuff that's still hidden in the cracker community --- the zero-day exploits and the warez that are being privately traded in pobscure little IRC channels, over SILC and/or over various forms of IM.
Rootkits aren't a bit problem by themselves. The real problem is the exploits (and the undisciplined, gullible and lazy users) that allow the attacker to get in, and escalate his or her privileges in the first place).
Rootkits are just the symptom (kind of like the lesions in chicken pox, they let you know you have the disease but they aren't the cause of it --- and scraping them off won't effect a cure).
JimD
Do you really think . . . Posted Apr 19, 2006 11:13 UTC (Wed) by NAR (subscriber, #1313) [Link] ... that you should be more scared because this site is right where you can see it?Partly. If I can find it, Joe "Script Kiddie" Doe can also find it easily and can use it. It's like giving out guns (without ammo) to kids so they can "study" them. Sure, some of them might study the guns, but if one of them finds an ammo usable in the gun, someone will get hurt. So from the tecnical viewpoint it's interesting to see what can be done, but it's scary too.
Does open source encourage rootkits? (NetworkWorld) Posted Apr 18, 2006 21:41 UTC (Tue) by drag (subscriber, #31333) [Link] The only correlation I see here is increase of open source and the decrease of relevancy and marketability.
Good luck on that one, McAfee. Between Microsoft marketting it's own anti-virus software and open source stuff I wouldn't expect your company to be peddling much software 10 years from now.
Does open source encourage rootkits? (NetworkWorld) Posted Apr 19, 2006 2:24 UTC (Wed) by bajw (guest, #11712) [Link] Wasn't McAfee one of the self-proclaimed security companies that completely failed to notice the Sony-BMG rootkits in action for a few years despite the kits phoning home? How credible can McAfee possibly be?
Does open source encourage rootkits? (NetworkWorld) Posted Apr 19, 2006 2:40 UTC (Wed) by kirkengaard (subscriber, #15022) [Link] To Windows users that run McAfee products to protect their desktops from the dangerous interweb, very credible. To corporate types that just hear a popular name in the AV field, very credible. Never underestimate suits and grannies. Perception is reality.
Does open source encourage rootkits? (NetworkWorld) Posted May 3, 2006 17:14 UTC (Wed) by crayon (guest, #33609) [Link] Using the same logic, if Microsoft didn't produce any software there would be less software piracy hence can one conclude that Microsoft encourages software piracy?
|
|||||||||||||
