Does Open Source Encourage Rootkits? 200
An anonymous reader writes "NetworkWorld reports that security vendor McAfee places the blame for increased numbers of rootkits squarely on the shoulders of the open source community. Others, however, do not agree. From the article: 'Rootkit.com's 41,533 members do post rootkit source code anonymously, then discuss and share the open source code. But it's naïve to say the Web site exists for malicious purposes, contends Greg Hoglund, CEO of security firm HBGary and operator of Rootkit. "It's there to educate people," says Hoglund [...] It's a great resource for anti-virus companies and others. Without it, they'd be far behind in their understanding of rootkits."'"
Semantics (Score:5, Informative)
Also, the majority of the article is not about this issue, despite it being both the title and the Slashdot title. Instead, it's about current trends in rootkit design.
Re:Baloney (Score:3, Informative)
I'm as close to a 2nd Amendment purist as one is likely to find in that I believe it protects an individual, as opposed to a collective or "militia," right to bear arms. But even for me, there are limits. Should people be allowed to own fully automatic weapons? RPGs? Artillary? Landmines? All without any sort of license requirements, background checks, etc. After all, one mustn't blame the tool, but only the user.
Take a more mundane example -- lockpicks. Laws criminalizing the posession of lockpicks by anyone other than a licensed locksmith are obviously wrong because they "blame the tool and not the user." Hell, I might lose my house keys, and need to pick my own lock! And even if it were shown that 99.99% of the use of lockpicks by unlicensed persons was for the purpose of burglary and auto theft -- well, tough, blame the user, not the tool. We have to preserve the unlicensed and unregulated use of that tool for the 0.01% of the uses that are beneficial.
Now, does the above reasoning apply to open source rootkits? I don't think so. (To be clear, I don't think that open source rootkits should be licensed, regulated or prohibited in any way.) I just think that it is wrong to state that regulation of a tool is never appropriate regardless of how dangerous the tool is, or how, statistically, the tool is in fact being used.
Re:Baloney (Score:3, Informative)
Ironically back when electrical grids were starting to take off there was a big fight over AC vs DC, with one marketing approach being to associate the opposing side with the electric chair. I think that somebody wanted to coin the phrase "getting westinghoused" for being electrocuted.
Can't say I remember the details though...
Re:Baloney (Score:3, Informative)
Two words: Poor Journalism ... (Score:3, Informative)
If the journalist or her editor possessed the proper level of subject knowledge and/or integrity required for true journalism to occur, then this patently absurd question would never be asked in an article.
Problems with the article abound, but this lone article is far from the problem. Never the less, it is a quintessential example of the kind of absurd misunderstanding of the landscape of the subject matter combined with the complete disregard for the principle of the pursuit of truth as a core element of journalistic principle that is endemic to the disease of misinformation which fosters misinformation in society today.
A few points that should be obvious, but are missed completely by this article:
I could go on, but it is the misinformation propogated by piss poor journalism coupled with the lackluster education levels of the vast majority of the members of society in the free world that is the cause of most problems in the world today.
AntiVirus scare tactics: why the FUD keeps coming (Score:3, Informative)
Every time an AntiVirus company issues a fear mongering white paper, press release, or paid article placement in a magazine they get explosive coverage, dozens or hundreds of free articles written about them or their topic of interest, nearly all with links back to their original article. Within limits, bad publicity is publicity and publicity is good.
Meanwhile, companies like mine that are building next-generation network security systems (shameless link to Intrinsic Security AntiWorm [intrinsicsecurity.com]) and who try to be good network citizens must work a thousand times harder for links back to our web sites, don't get slashdot stories about us, don't get bazillions of blog entries linking back to us.
Mine is not the only company that suffers this problem. Every time a story by one of these highly bogus AntiVirus FUD spreading companies ticks you off, you should include at the end of your rant about it in your blog a few links to non-bogus internet security companies. We would greatly appreciate it.
Honestly, there are days when I feel like whipping up a FUD press release or scare mongering white paper. It would be easier than taking the publicity high road.
You are dead wrong... (Score:3, Informative)