Does Open Source Encourage Rootkits?

An anonymous reader writes "NetworkWorld reports that security vendor McAfee places the blame for increased numbers of rootkits squarely on the shoulders of the open source community. Others, however, do not agree. From the article: 'Rootkit.com's 41,533 members do post rootkit source code anonymously, then discuss and share the open source code. But it's naïve to say the Web site exists for malicious purposes, contends Greg Hoglund, CEO of security firm HBGary and operator of Rootkit. "It's there to educate people," says Hoglund [...] It's a great resource for anti-virus companies and others. Without it, they'd be far behind in their understanding of rootkits."'"

Yeah....

[Cryptacool]

I agree that the information should be open, but the idea that anti-virus companies would be way behind if it werent for open discussion like this is pretty rediculous. a) the anti-virus company can just infiltrate the private communities (which im sure they do already) b) reverse-engineering. not as efficient but mcafee and other have the resources im sure.

Re:Scare Tactics and Get Real

[ScrewMaster]

Or is this a sinister plan to make companies throw out old hardware to buy new so they buy new faster stuff to run Vista. That's it! It's all Microsoft's fault. Amazing how fast we can go do the jump off the bridge path.

Maybe ... but that doesn't make you wrong. The beauty of FUD is that, while it is ignored by knowledgeable people, a little of it can go a long way in convincing a PHB to change his budget priorities. It really doesn't take much: the old "nuke the site from orbit, it's the only way to be sure" mentality coupled with a bit of relevant FUD can result in the sale of a lot of new equipment.

Marketing disguised as "Research"

[kaufmanmoore]

This report looks like a marketing ploy by McAfee to counteract Microsoft's OneCare Live product and Microsoft's reported move into stand-alone antispyware. As noted in a Cnet article on the same report, the report states that the term rootkit should be used in relation to malicious software only and not apply towards technology like Sony's DRM rootkit.

Business protection?

[microbee]

What is McAfree afraid of? Being bashed on rootkits.com just like Lavasoft? I think it's very important for the general public to know the information about virus and anti-virus technologies. Big companies try so hard to protect their secrets so that nobody else could get into the market. We often have no idea what kind of pieces of crap are running on our computers which we rely so much upon. Well, let the worms come out of the can!

Re:Baloney

[hotdiggitydawg]

Take a more mundane example -- lockpicks. Laws criminalizing the posession of lockpicks by anyone other than a licensed locksmith are obviously wrong because they "blame the tool and not the user." Hell, I might lose my house keys, and need to pick my own lock! And even if it were shown that 99.99% of the use of lockpicks by unlicensed persons was for the purpose of burglary and auto theft -- well, tough, blame the user, not the tool. We have to preserve the unlicensed and unregulated use of that tool for the 0.01% of the uses that are beneficial.

Personally, I'd be blaming whoever built the lock, for developing a product that was unfit for the purpose for which it was bought.

Even if we restrict it to just the lockpick (ignore the lock) then yes, it is the person using the lockpick to break and enter that is committing the crime, not the lockpick itself. As far as a tool goes, it is performing the purpose for which it was developed and sold (or at least stolen).

Bottom line: if you develop substandard products you should be held responsible and accountable when they create problems.

Kids with code . . . Billion dollar companies

[SlappyBastard]

Did it ever occur to them they might want to employ more of the Open Source people instead of starting a self-righteous war?

Every possible action in the world has an economy surrounding it.

Don't like it? Change the economy of whatever vexes you.

Re:Baloney

[0123456]

"I'm as close to a 2nd Amendment purist as one is likely to find"

No you're not.

"But even for me, there are limits. Should people be allowed to own fully automatic weapons? RPGs? Artillary? Landmines?"

Do you really think that the founders would have been worried about individuals owning RPGs when they were quite happy for individuals to own warships?

Hint: read Article 1 section 8 sometime, and look up 'letters of marque and reprisal', if you don't know what that means.

Headline doesn't match article...

[fortinbras47]

The main point of the article isn't about open source, but about websites that bring people together to work on technology that can be used for nefarious purposes.

From the article: "The predominant reason for the growth in use of stealthy code is because of sites like Rootkit.com," says Stuart McClure, senior vice president of global threats at McAfee.

Again, to me, this isn't an "open source" problem as much as an "Internet/can we stop bad guys from getting together and working on bad things" problem.

I somehow doubt rootkit.com is that dangerous (or I have no idea if it's even malicious), but I think we're likely to see this general issue come up again with websites on bomb making techniques, biological weapons etc... What should the government/society do if there is a public website that researches technology that can be used to make mass casualty weapons?

Re:Scare Tactics and Get Real

[IntelliAdmin]

Lets also remember that some of the people associated with this site were the first to notice the Sony DRM RootKit. The research that has been done on this site has really made it hard for rootkit developers to install their wares unnoticed - if you have the right tools. I could be wrong, but I think that Mark Russinovich from sysinternals has been there contributing to this site. It has led to the development of some really great tools such as the SysInternals RootkitRevealer - a really great tool by the way (http://www.sysinternals.com/Utilities/RootkitReve aler.html [sysinternals.com])

Re:Baloney

[shmlco]

"This is another 'blame the tool, not the user' type of mentality."

Yeah, because rootkits have so many other benign and benevolent purposes...

Topsy the roasted elephant

[Adrian Lopez]

He actually roasted an elephant [roadsideamerica.com] to show how dangerous his competitor's AC current really was.

Re:Baloney

[Anonymous Coward]

I am bored so lets play.

I will stipulate that the framers intended the admendment to allow any arms, with no restrictions, to be beared. I will further stipulate that the word 'bear' is intended to mean carry for the purpose of using, and therefore there can be no restrictionon a persons right to carry, no matter what the intended use. This is clear to anyone who can read and has a inkling of history.

The issue is raised by who exactly has the right to carry. The word people, in a strict historical context, means white land owning males. For example it says in the declartion of independence that We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness. All my reading of history clearly indicates that this refers to the fact that the land owning white males writing the declaraton were pissed because taxes were limiting thier ability to make a profit. They clearly were not interesting in the men that worked for them, or the women they married, just the ability of the elite group to get rich.

This 'white male' concept is further streangthned by the only available definition of 'militia', which is from the Virginia declaration, which coicendentally is also who promoted the admendment. This definition is 'all abled body white males...", which expands the group from land owners, but still limits it to the dominant sex and race. We must also remember that white most oftem meant northern and western European, not irish, but English is ok.

So, although some might have a right to bear arms, it is unclear the most have that right. We cannot just arbitrarily give rights to those who may not deserve them. We in fact have in fact demanded Constitutioal amendments to expands rights, and many have harshly derided the activitist judicial branch who wish to expand those rights willy nilly. So we have Admendment XV, which effectively gave the colored man the vote. Admendment XIX which gave women the vote. But the admendment to provide equal rights to all citizens was never ratified by all states, and therefore it is technically still constitutional to have different rights for different groups of people.

Again, the issue is not the word 'people', but the word 'militia', which, historically, means white able bodied male. Now, we can leave this strict historical interpretation, but then that opens up issues of the relevency of the militia in the modern world.

In point of fact, I have little problem with people bearing arms. What I do have a problem with is that these arms are going to somehow be useful against the US government. For example, when the US government comes knocking on your door with a valid warrent, and you think that just because you have big arsenal, which you confuse with having a big dick, you can resist that warrent, and then you get everyone around you killed, and then people whine that the big bad government killed all these people, that is just stupid. Or when citizens, with a valid complaint, use thier arsenal to blow up a federal building, a perfectly valid target, and then people take this as an act of terrorism instead of war, that is just stupid.

The right to bear arms is undeniable. The subtext that this is protect the citizens from a tyranny, is also undeniable. The naive academics that think the citizens will never elect a corrupt administration ignored the abuses of Hoover, and the current Bush FUD. We need arms and we need the freedom use those arms when all the normal checks and balances fail us.

But what we also need is a clarification of what the strict interpretation of the constitution indicates about who really has the right to bear arms, and a rational view that the federal government will vigorously defend itself against and local insurrection. Therefore, if we are to have a militia to protect us against the federalists, we need to do a much better job of bearing arms than we currently do.

This is the end of play time. Now back to the reality of life, and goodbye to the joy of freeform conjecture.