The bottom line is that there will never be a universal rootkit scanner, but the most powerful scanners will be on-line/off-line comparison scanners that integrate with antivirus.
I would think that any competent antivirus product would scan the MBR as a matter of course. It might still be possible to hide in the BIOS (as the AC poster below suggests), but that leads to further complications.
Not a bad point, at least in regard to the BIOS. If it can be legitimately flashed, then it can be corrupted. But the hard drive, CD drive, and video card firmware is run by the processors or microcontrollers in those devices, not by the CPU, so while (at least in the case of the drive firmware) it could be used to hide things, it would be more difficult to hide the firmware changes. The altered firmware would have to know the exact disk location of the OS elements it would replace (by injecting its own code when those sectors are read), as well as hiding from direct memory access to the firmware. Probably not impossible, but more likely to just trash the machine than actually function.
As the sysinternals article suggests, boot from a known clean CD and do an "off-line" system scan. They make the point that it will never be possible to determine with absolute certainty that a system is clean from inside the system.
Another take on the book
on
Blink, Take 2
·
· Score: 1
You're right. But the point is that "it's illegal" is an exception to a contractual obligation. "It's immoral" is not. I'd have a serious issue going to work for Microsoft because of this, just as I would avoid the "pimp" career path. Mr. Vick might be guilty of lack of foresight, but he is doing what (I assume) he is contractually obligated to do. If he signed such an employment agreement, he could probably be legally compelled to support the patent application even if he ceased employment with MS.
In addition, being terminated for failing to live up to his employment agreement would probably somewhat impair his ability to find a job in the future. As I said above, I'm not going to criticize him for keeping an ill-advised promise.
No, it's not at all like saying "well, I don't like murder.. but I did it anyway." Applying for a patent, however ill-advised, is not illegal. If he had agreed to something that turned out to involve murder, he could refuse and be on solid legal ground (IANAL, but a contract that stipulates illegal activities is not enforceable IIRC). If he refuses to take part in the patent process, he is subject to legal sanction (and Microsoft could likely get the patent anyway).
So, those contracts that are always being taken out? Don't try and go to court and make the hit man follow through.:-)
Probably not. Most employee agreements these days specify that IP that you develop for the company belongs to the company, that you will assign any patents on such IP to the company, and you will assist the company in obtaining such patents. So, he's doing what he agreed in advance to do - and keeping his job. As silly as the patent is, I'm not going to criticize him for that.
Seriously? Windows passwords are stored in 7-character segments? I would think that we'd see a lot more cracked passwords, but... I guess that I wouldn't put it past Microsoft, but it does seem awfully short-sighted, even for them.
Thanks, "Anonymous Coward", for showing me the error of my ways. Not.
Can't talk about the Honeywell one, because I've never seen it (or heard of it). However, I can feel the air flow through the Sharper Image one. It is nowhere near the amount of air pushed by a fan, but it is detectable within a foot or so of the device. And yes, it does collect a signigicant amount of dust. If I don't clean the element, it sparks when the dust builds up beyond a quarter inch or so. Of course, this is in a fairly dusty environment.
IAAEE as well (though my MS is in CS), and I think that the whole "ion" thing is nonsense. However, they do take a significant amount of dust out of the air, without using a filter that needs replacing.
What, exactly, did Summers (yes, it's "Summers", not "Somers", as anyone who had clicked through to the article would know) say? The article did not have a quote; Summers could or would not provide a tape.
Well, that makes a little more sense, anyway. I could see the controversy from using GPS phones as a work monitoring device. From the blurb for the pay story, it seems like the drivers agreed to carry the phones, and that they are private contractors (rather than direct public employees).
But what exactly did you mean by "twisted shit"? If I was making light of anything, it was of the Slashdot propensity for misapplying technologically-derived maxims. You will notice that I characterized the truck driver's conduct as a crime.
A GPS device is placed on the truck, probably by its legal owner. The operator of the snowplow, probably a public employee, commits a crime while using the vehicle. The police use the GPS locator, with the likely cooperation of the owner of the vehicle, to find out who committed the crime.
Makes sense to me. What does the submitter mean "But I don't buy that"? This is supposed to be controversial?
Wait a minute. This is Slashdot. Information wants to be free. I'm sure that the woman in the coffee shop has a lot more information that she wanted.
Does not matter, unless a 7200rpm drive is going to wear out before you would replace it. I use a given drive for a year and a half to two years, before it is replaced for capacity reasons. I've never had a drive (of any speed) wear out. I have had one fail, but that was early in its life, long before wear would be a factor.
MTBF for the drive (from the manufacturer), coupled with how many hours a day the machine runs, would allow you to make a more rational decision.
Here is an alternate link for the picture. I intend to try and find a copy of Wulf's article, but I'm a bit doubtful due to his misuse of the term "Amerikabomber" in the first couple of paragraphs that are available online. From what I've read elsewhere, the term was used for a group of designs submitted with the goal of producing aircraft capable of mounting a transatlantic attack on the United States.
Are you talking about the Sanger Silverbird? That's the only design that I've seen that had two parts, and the "pusher" was strictly ground-bound. I'd be very interested in a link to any information on the design you're talking about.
He was apparently chairman/CEO at the time. This timeline is fairly informative, though it comes off as containing more than a bit of rationalization. It's interesting that UC contributed the proceeds from its sale of the Indian subsidiary to a fund for a hospital in Bhopal. That seems to me to be at least a tacit admission of continued responsibility. The changes in ownership structures make legal responsibility an "interesting" question, but Dow would do well to show some compassion, rather than just saying "not our fault, not our responsibility".
Warren Anderson was never the chairman of Dow Chemical. He was the chairman of Union Carbide at the time of the disaster, and retired from that position within a couple of years. Dow did not acquire UC until 1999. It is Dow's position that the $470 million settlement that was paid in 1989 (of which $330 million remained in July of 2004, when an Indian court ordered it to be disbursed to survivors) satisfies its financial obligations. I'm not sure that I agree, though I really don't have enough facts about the site and the terms of the 1989 settlement to have an informed opinion. It does not appear that the Indian government did a very good job of negotiating a settlement, though, and I would say that it also bears some responsibility for following up on the site cleanup. That should have been part of the settlement (for UC to do the cleanup), and UC should have been held responsible for getting the cleanup accomplished.
Slashdot Mirror
Not a bad point, at least in regard to the BIOS. If it can be legitimately flashed, then it can be corrupted. But the hard drive, CD drive, and video card firmware is run by the processors or microcontrollers in those devices, not by the CPU, so while (at least in the case of the drive firmware) it could be used to hide things, it would be more difficult to hide the firmware changes. The altered firmware would have to know the exact disk location of the OS elements it would replace (by injecting its own code when those sectors are read), as well as hiding from direct memory access to the firmware. Probably not impossible, but more likely to just trash the machine than actually function.
As the sysinternals article suggests, boot from a known clean CD and do an "off-line" system scan. They make the point that it will never be possible to determine with absolute certainty that a system is clean from inside the system.
From CNN.
Do you have a link? Or perhaps the name of the author of that review?
You're right. But the point is that "it's illegal" is an exception to a contractual obligation. "It's immoral" is not. I'd have a serious issue going to work for Microsoft because of this, just as I would avoid the "pimp" career path. Mr. Vick might be guilty of lack of foresight, but he is doing what (I assume) he is contractually obligated to do. If he signed such an employment agreement, he could probably be legally compelled to support the patent application even if he ceased employment with MS.
In addition, being terminated for failing to live up to his employment agreement would probably somewhat impair his ability to find a job in the future. As I said above, I'm not going to criticize him for keeping an ill-advised promise.
No, it's not at all like saying "well, I don't like murder.. but I did it anyway." Applying for a patent, however ill-advised, is not illegal. If he had agreed to something that turned out to involve murder, he could refuse and be on solid legal ground (IANAL, but a contract that stipulates illegal activities is not enforceable IIRC). If he refuses to take part in the patent process, he is subject to legal sanction (and Microsoft could likely get the patent anyway).
:-)
So, those contracts that are always being taken out? Don't try and go to court and make the hit man follow through.
It's rather more of a "press release". The little blurb at the end is pretty much of a giveaway. Go ahead and RTFPR, but don't expect too much of it.
I meant to do that.
Or make a movie called SECURITY DEVICE ENCLOSED.
Lameness filter encountered. Post aborted!
Reason: Don't use so many caps. It's like YELLING.
Thanks!
Seriously? Windows passwords are stored in 7-character segments? I would think that we'd see a lot more cracked passwords, but... I guess that I wouldn't put it past Microsoft, but it does seem awfully short-sighted, even for them.
Thanks, "Anonymous Coward", for showing me the error of my ways. Not.
Can't talk about the Honeywell one, because I've never seen it (or heard of it). However, I can feel the air flow through the Sharper Image one. It is nowhere near the amount of air pushed by a fan, but it is detectable within a foot or so of the device. And yes, it does collect a signigicant amount of dust. If I don't clean the element, it sparks when the dust builds up beyond a quarter inch or so. Of course, this is in a fairly dusty environment.
Try plugging it in, troll-boy.
IAAEE as well (though my MS is in CS), and I think that the whole "ion" thing is nonsense. However, they do take a significant amount of dust out of the air, without using a filter that needs replacing.
What, exactly, did Summers (yes, it's "Summers", not "Somers", as anyone who had clicked through to the article would know) say? The article did not have a quote; Summers could or would not provide a tape.
I understand. Putting my daughter in that place makes me equally devoid of humor.
Well, that makes a little more sense, anyway. I could see the controversy from using GPS phones as a work monitoring device. From the blurb for the pay story, it seems like the drivers agreed to carry the phones, and that they are private contractors (rather than direct public employees).
The somewhat more abbreviated Boston Herald story says that the employee was "middle-aged". An AP story (by way of the Seattle Post-Intelligencer) examines the controversial aspects of work monitoring via GPS in somewhat more detail.
But what exactly did you mean by "twisted shit"? If I was making light of anything, it was of the Slashdot propensity for misapplying technologically-derived maxims. You will notice that I characterized the truck driver's conduct as a crime.
A GPS device is placed on the truck, probably by its legal owner. The operator of the snowplow, probably a public employee, commits a crime while using the vehicle. The police use the GPS locator, with the likely cooperation of the owner of the vehicle, to find out who committed the crime.
Makes sense to me. What does the submitter mean "But I don't buy that"? This is supposed to be controversial?
Wait a minute. This is Slashdot. Information wants to be free. I'm sure that the woman in the coffee shop has a lot more information that she wanted.
Does not matter, unless a 7200rpm drive is going to wear out before you would replace it. I use a given drive for a year and a half to two years, before it is replaced for capacity reasons. I've never had a drive (of any speed) wear out. I have had one fail, but that was early in its life, long before wear would be a factor.
MTBF for the drive (from the manufacturer), coupled with how many hours a day the machine runs, would allow you to make a more rational decision.
Here is an alternate link for the picture. I intend to try and find a copy of Wulf's article, but I'm a bit doubtful due to his misuse of the term "Amerikabomber" in the first couple of paragraphs that are available online. From what I've read elsewhere, the term was used for a group of designs submitted with the goal of producing aircraft capable of mounting a transatlantic attack on the United States.
The link is subscriber-only. I take it that this was the May 2004 issue?
Are you talking about the Sanger Silverbird? That's the only design that I've seen that had two parts, and the "pusher" was strictly ground-bound. I'd be very interested in a link to any information on the design you're talking about.
He was apparently chairman/CEO at the time. This timeline is fairly informative, though it comes off as containing more than a bit of rationalization. It's interesting that UC contributed the proceeds from its sale of the Indian subsidiary to a fund for a hospital in Bhopal. That seems to me to be at least a tacit admission of continued responsibility. The changes in ownership structures make legal responsibility an "interesting" question, but Dow would do well to show some compassion, rather than just saying "not our fault, not our responsibility".
Warren Anderson was never the chairman of Dow Chemical. He was the chairman of Union Carbide at the time of the disaster, and retired from that position within a couple of years. Dow did not acquire UC until 1999. It is Dow's position that the $470 million settlement that was paid in 1989 (of which $330 million remained in July of 2004, when an Indian court ordered it to be disbursed to survivors) satisfies its financial obligations. I'm not sure that I agree, though I really don't have enough facts about the site and the terms of the 1989 settlement to have an informed opinion. It does not appear that the Indian government did a very good job of negotiating a settlement, though, and I would say that it also bears some responsibility for following up on the site cleanup. That should have been part of the settlement (for UC to do the cleanup), and UC should have been held responsible for getting the cleanup accomplished.