Does Open Source Encourage Rootkits?
An anonymous reader writes "NetworkWorld reports that security vendor McAfee places the blame for increased numbers of rootkits squarely on the shoulders of the open source community. Others, however, do not agree. From the article: 'Rootkit.com's 41,533 members do post rootkit source code anonymously, then discuss and share the open source code. But it's naïve to say the Web site exists for malicious purposes, contends Greg Hoglund, CEO of security firm HBGary and operator of Rootkit. "It's there to educate people," says Hoglund [...] It's a great resource for anti-virus companies and others. Without it, they'd be far behind in their understanding of rootkits."'"
This report looks like a marketing ploy by McAfee to counteract Microsoft's OneCare Live product and Microsoft's reported move into stand-alone antispyware. As noted in a Cnet article on the same report, the report states that the term rootkit should be used in relation to malicious software only and not apply towards technology like Sony's DRM rootkit.
What is McAfree afraid of? Being bashed on rootkits.com just like Lavasoft? I think it's very important for the general public to know the information about virus and anti-virus technologies. Big companies try so hard to protect their secrets so that nobody else could get into the market. We often have no idea what kind of pieces of crap are running on our computers which we rely so much upon. Well, let the worms come out of the can!
Take a more mundane example -- lockpicks. Laws criminalizing the posession of lockpicks by anyone other than a licensed locksmith are obviously wrong because they "blame the tool and not the user." Hell, I might lose my house keys, and need to pick my own lock! And even if it were shown that 99.99% of the use of lockpicks by unlicensed persons was for the purpose of burglary and auto theft -- well, tough, blame the user, not the tool. We have to preserve the unlicensed and unregulated use of that tool for the 0.01% of the uses that are beneficial.
Personally, I'd be blaming whoever built the lock, for developing a product that was unfit for the purpose for which it was bought.
Even if we restrict it to just the lockpick (ignore the lock) then yes, it is the person using the lockpick to break and enter that is committing the crime, not the lockpick itself. As far as a tool goes, it is performing the purpose for which it was developed and sold (or at least stolen).
Bottom line: if you develop substandard products you should be held responsible and accountable when they create problems.
Every possible action in the world has an economy surrounding it.
Don't like it? Change the economy of whatever vexes you.
I scream. You scream. I assume that means we're both acquainted with the problem. We proceed.
"I'm as close to a 2nd Amendment purist as one is likely to find"
No you're not.
"But even for me, there are limits. Should people be allowed to own fully automatic weapons? RPGs? Artillary? Landmines?"
Do you really think that the founders would have been worried about individuals owning RPGs when they were quite happy for individuals to own warships?
Hint: read Article 1 section 8 sometime, and look up 'letters of marque and reprisal', if you don't know what that means.
From the article: "The predominant reason for the growth in use of stealthy code is because of sites like Rootkit.com," says Stuart McClure, senior vice president of global threats at McAfee.
Again, to me, this isn't an "open source" problem as much as an "Internet/can we stop bad guys from getting together and working on bad things" problem.
I somehow doubt rootkit.com is that dangerous (or I have no idea if it's even malicious), but I think we're likely to see this general issue come up again with websites on bomb making techniques, biological weapons etc... What should the government/society do if there is a public website that researches technology that can be used to make mass casualty weapons?
Lets also remember that some of the people associated with this site were the first to notice the Sony DRM RootKit. The research that has been done on this site has really made it hard for rootkit developers to install their wares unnoticed - if you have the right tools. I could be wrong, but I think that Mark Russinovich from sysinternals has been there contributing to this site. It has led to the development of some really great tools such as the SysInternals RootkitRevealer - a really great tool by the way (http://www.sysinternals.com/Utilities/RootkitReve aler.html)
"This is another 'blame the tool, not the user' type of mentality."
Yeah, because rootkits have so many other benign and benevolent purposes...
Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
He actually roasted an elephant to show how dangerous his competitor's AC current really was.
"In prison you just have to shut your eyes and take it. Here you have to shut your eyes and give it."