Slashdot Mirror

← Back to Stories (view on slashdot.org)

Does Open Source Encourage Rootkits?

Posted by ryuzaki0 on from the no-ulterior-motives dept.

An anonymous reader writes "NetworkWorld reports that security vendor McAfee places the blame for increased numbers of rootkits squarely on the shoulders of the open source community. Others, however, do not agree. From the article: 'Rootkit.com's 41,533 members do post rootkit source code anonymously, then discuss and share the open source code. But it's naïve to say the Web site exists for malicious purposes, contends Greg Hoglund, CEO of security firm HBGary and operator of Rootkit. "It's there to educate people," says Hoglund [...] It's a great resource for anti-virus companies and others. Without it, they'd be far behind in their understanding of rootkits."'"

5 of 200 comments (clear)

  1. Scare Tactics and Get Real by WebHostingGuy · · Score: 5, Insightful
    If this site/domain name was not well know the hackers would just type in an IP like Click for Rootkit and get what they need.

    Simply because they use a domain name and the site is known does not make the information malicious. If you don't think rotating sites on rotating server exist to share compromised media and discussion about server cracking then you don't know anything. Rookit.com is open and out there, but the malicious people don't just stop here. Removing rootkit.com off the face of the earth would do zero to stop server compromises and rootkits.

    And don't get me started about the quote..." make it advisable "to throw the computer away" if you want to be sure you got rid of the rootkit". Talk about scare tactics...sheesh. How often do you see a BIOS rootkit? And if you did, why don't you just reflash the BIOS? Or is this a sinister plan to make companies throw out old hardware to buy new so they buy new faster stuff to run Vista. That's it! It's all Microsoft's fault. Amazing how fast we can go do the jump off the bridge path.

    --
    Quality Hosting e3 Servers
    1. Re:Scare Tactics and Get Real by Lumpy · · Score: 5, Funny

      Man what a great IDEA! I am certified for hazardous rootkit infected computer disposal.. this month only my normal $250.00 disposal fee is reduced to
      $100.00 per Pentium 4 computer or laptop infected with a dangerous rootkit. Our trained professionals will seal each infected PC in a hypo allergenic bag and savely transport them to our facilitity for disposal and recycling.

      I get paid AND get gobs of good gear to sell on ebay!

      Thanks for the tip! this will go great with my DVD rewinding service!

      --
      Do not look at laser with remaining good eye.
    2. Re:Scare Tactics and Get Real by IntelliAdmin · · Score: 5, Interesting

      Lets also remember that some of the people associated with this site were the first to notice the Sony DRM RootKit. The research that has been done on this site has really made it hard for rootkit developers to install their wares unnoticed - if you have the right tools. I could be wrong, but I think that Mark Russinovich from sysinternals has been there contributing to this site. It has led to the development of some really great tools such as the SysInternals RootkitRevealer - a really great tool by the way (http://www.sysinternals.com/Utilities/RootkitReve aler.html)

  2. Phhhbt... by UbelievablyLame · · Score: 5, Funny

    "Rootkits... you say it like it's a bad thing" -Sony

  3. Security vendor FUD by hotdiggitydawg · · Score: 5, Insightful

    Wow. A security vendor, who has a critical financial interest in creating FUD, claims that disclosing security flaws creates security problems. Forgive me if my eyeballs don't explode with surprise.

    Security by obscurity has been proven time and again not to work. Nobody would find a security hole if it didn't exist. Likewise, if one does exist, if one person can find it so can someone else. The responsibility lies squarely with the developers.

    Time for a bad analogy (seeing as how this is Slashdot and all): If the door of your house/apartment/room/basement was made of balsa wood rather than a decent hardwood (or a reinforced steel-belted Faraday Cage for you tinfoil-hatters), it would only be a matter of time before someone worked this out. And regardless of whether they boot your front door in and make off with your home entertainment system, or simply leave you a note that says "This door is so thin I can hear you whacking off to Buffy reruns from across the hall (by the way your dinner's getting cold, son)" you can bet if one person can work it out, so can someone else. And the next person might not just leave you a note. So, if the door is your responsibility you better fix it ASAP, or risk the consequences. And if not, you better fry the ass of whoever is responsible, or you'll still risk the consequences yourself.

    Landlord won't give you a secure premises? Move out, and tell everyone about it. Or get a gun and a pit bull. Or barricade the door and use the kitchen window for access. Or all three. Windows has more holes than half a dozen slices of Jarlesberg? Switch to a more secure O/S, and add your voice to the complaints. Or install malware detection/removal tools. Or lock it down behind a firewall. Or all three. But don't just stick your head in the sand and hope nobody will notice, that approach just doesn't work.