Rootkits in the news
Some of you are familiar with the big flap over Sony's rootkit.
A rootkit is a way to write software such that its installation and operation are 'invisible' to the standard user or sysadmin.
This may have some legitimate uses but it can open a big can of worms if someone discovers a vulnerability in that software and exploits it. Standard computer security software cannot test something that they cannot see...
Sony used a rootkit as part of their ham-handed 'copy protection' on a number of CD audio disks -- you had to install their software (and their rootkit about which nothing was said) in order to play their music on your own computer.
This was discovered by Mark Russinovich at
Sysinternals. Mark is one of the major deities in the Windows pantheon.
Well, Mark has been busy testing other software and it seems that
Symantec is using rootkit technology. Their use is not as egregious as Sony's but it is still a nasty piece of work...
Posted by DaveH at January 15, 2006 8:35 PM