Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×

Does Open Source Encourage Rootkits? 200

Posted by ScuttleMonkey from the no-ulterior-motives dept.
An anonymous reader writes "NetworkWorld reports that security vendor McAfee places the blame for increased numbers of rootkits squarely on the shoulders of the open source community. Others, however, do not agree. From the article: 'Rootkit.com's 41,533 members do post rootkit source code anonymously, then discuss and share the open source code. But it's naïve to say the Web site exists for malicious purposes, contends Greg Hoglund, CEO of security firm HBGary and operator of Rootkit. "It's there to educate people," says Hoglund [...] It's a great resource for anti-virus companies and others. Without it, they'd be far behind in their understanding of rootkits."'"
This discussion has been archived. No new comments can be posted.

Does Open Source Encourage Rootkits? More

Does Open Source Encourage Rootkits?

Comments Filter:

  • Scare Tactics and Get Real (Score:5, Insightful)

    by WebHostingGuy ( 825421 ) * on Monday April 17, 2006 @07:35PM (#15145630) Homepage Journal
    If this site/domain name was not well know the hackers would just type in an IP like Click for Rootkit [70.85.5.142] and get what they need.

    Simply because they use a domain name and the site is known does not make the information malicious. If you don't think rotating sites on rotating server exist to share compromised media and discussion about server cracking then you don't know anything. Rookit.com is open and out there, but the malicious people don't just stop here. Removing rootkit.com off the face of the earth would do zero to stop server compromises and rootkits.

    And don't get me started about the quote..." make it advisable "to throw the computer away" if you want to be sure you got rid of the rootkit". Talk about scare tactics...sheesh. How often do you see a BIOS rootkit? And if you did, why don't you just reflash the BIOS? Or is this a sinister plan to make companies throw out old hardware to buy new so they buy new faster stuff to run Vista. That's it! It's all Microsoft's fault. Amazing how fast we can go do the jump off the bridge path.

    • Or is this a sinister plan to make companies throw out old hardware to buy new so they buy new faster stuff to run Vista. That's it! It's all Microsoft's fault. Amazing how fast we can go do the jump off the bridge path.

      Maybe ... but that doesn't make you wrong. The beauty of FUD is that, while it is ignored by knowledgeable people, a little of it can go a long way in convincing a PHB to change his budget priorities. It really doesn't take much: the old "nuke the site from orbit, it's the only way to be

      • Re:Scare Tactics and Get Real (Score:5, Interesting)

        by IntelliAdmin ( 941633 ) * on Monday April 17, 2006 @09:27PM (#15146137) Homepage
        Lets also remember that some of the people associated with this site were the first to notice the Sony DRM RootKit. The research that has been done on this site has really made it hard for rootkit developers to install their wares unnoticed - if you have the right tools. I could be wrong, but I think that Mark Russinovich from sysinternals has been there contributing to this site. It has led to the development of some really great tools such as the SysInternals RootkitRevealer - a really great tool by the way (http://www.sysinternals.com/Utilities/RootkitReve aler.html [sysinternals.com])
        • Let me say, speaking as a developer, the rootkit.com site is a give and take system for both rootkit and anti-rootkit developers alike. As new anti-rootkit software is released, the community evaluates it, figures out the weaknesses and publishes the results. This allows rootkit developers to gain new insights into the inner workings of anti-rootkit software and Windows itself. In turn anti-rootkit developers learn from their mistakes and can come up with new ways to overcome their weaknesses. Without each

    • Re:Scare Tactics and Get Real (Score:5, Funny)

      by Lumpy ( 12016 ) on Monday April 17, 2006 @07:52PM (#15145748) Homepage
      Man what a great IDEA! I am certified for hazardous rootkit infected computer disposal.. this month only my normal $250.00 disposal fee is reduced to
      $100.00 per Pentium 4 computer or laptop infected with a dangerous rootkit. Our trained professionals will seal each infected PC in a hypo allergenic bag and savely transport them to our facilitity for disposal and recycling.

      I get paid AND get gobs of good gear to sell on ebay!

      Thanks for the tip! this will go great with my DVD rewinding service!
    • >And don't get me started about the quote..." make it advisable "to throw the computer away" if you want to be sure you got rid of the rootkit"
      I think it is advisable under mant circumstances, and decent advice at that for the non slashdot type of crowds, with a average desktop. (I mean dont throw out that, 2.7 Ghz quad Xenon server running a raid 5 TerraByte array, and all the data on it because IE got hosed, when someone mistyped wondowsupdate, or something.)

      Their has been malware for years that will d

  • Baloney (Score:5, Insightful)

    by Spazmania ( 174582 ) on Monday April 17, 2006 @07:40PM (#15145659) Homepage
    McAfee places the blame for increased numbers of rootkits squarely on the shoulders of the open source community

    That's like saying Edison and Tesla are to blame every time someone gets electocuted.

    • Re:Baloney (Score:5, Insightful)

      by Ucklak ( 755284 ) on Monday April 17, 2006 @07:47PM (#15145715)
      This is another 'blame the tool, not the user' type of mentality.

      Guns are evil, drugs are bad, rootkits are bad, P2P is evil, etc...
      We've heard this all before.

      Concrete is bad because it could be used to make a shoe and keep a victim from struggling whilst they are dropped at the bottom of a lake.
      Knives are bad because they may be used to kill someone.
      2x4 pieces of lumber are bad because you could use it to knock someone off a motorcycle.
      Baseball bats are really evil becuase gangs can use them for intimidation.
      Crowbars, they should be illegal anyway, who uses them? We need to have nails that dissolve with water instead of trying to pry them up with this lethal weapon.
      • Tools/users aren't even remotely analagous to products/development models. But then neither are inventors/inventions, so at least you're standards-compliant for this thread.

      • Re:Baloney (Score:3, Informative)

        by David Hume ( 200499 )

        This is another 'blame the tool, not the user' type of mentality.

        Guns are evil, drugs are bad, rootkits are bad, P2P is evil, etc...
        We've heard this all before.

        Concrete is bad because it could be used to make a shoe and keep a victim from struggling whilst they are dropped at the bottom of a lake.
        Knives are bad because they may be used to kill someone.
        2x4 pieces of lumber are bad because you could use it to knock someone off a motorcycle.
        Baseball bats are really evil becuase gangs can use them for intimida

        • Re:Baloney (Score:2, Interesting)

          by hotdiggitydawg ( 881316 )
          Take a more mundane example -- lockpicks. Laws criminalizing the posession of lockpicks by anyone other than a licensed locksmith are obviously wrong because they "blame the tool and not the user." Hell, I might lose my house keys, and need to pick my own lock! And even if it were shown that 99.99% of the use of lockpicks by unlicensed persons was for the purpose of burglary and auto theft -- well, tough, blame the user, not the tool. We have to preserve the unlicensed and unregulated use of that tool for t
          • There is a saying that goes something like "the only purpose of a lock is to prevent you from getting into your own house."

        • Re:Baloney (Score:2, Insightful)

          by Andrew Kismet ( 955764 )
          I understand your point, and agree with your argument, but you've got to remember the high fallibility of statistics. In a more realistic example, hemp is outlawed despite the many advantages it has over cotton. I'd do a side-by-side checklist to prove my point, but let's just assume for now. Why is hemp banned? Because of one of it's uses. Statistically, you could say that the KEY product of the hemp plant, is used as a 'dangerous drug', and knowing politics, you could probably force some statistic to say
          • Actually if you do your research, you'll find that hemp was banned to protect the pulp paper industry which was pretty well monopolized by Hearst (who also controlled the news etc). Also hemp threatened the new plastics industry and nylon (Du pont)
            Do a google on hemp pulp paper hearst

        • Re:Baloney (Score:5, Interesting)

          by 0123456 ( 636235 ) on Monday April 17, 2006 @08:36PM (#15145945)
          "I'm as close to a 2nd Amendment purist as one is likely to find"

          No you're not.

          "But even for me, there are limits. Should people be allowed to own fully automatic weapons? RPGs? Artillary? Landmines?"

          Do you really think that the founders would have been worried about individuals owning RPGs when they were quite happy for individuals to own warships?

          Hint: read Article 1 section 8 sometime, and look up 'letters of marque and reprisal', if you don't know what that means.

          • The problem is... (Score:4, Insightful)

            by Belial6 ( 794905 ) on Monday April 17, 2006 @10:33PM (#15146407)
            The problem is that people don't understand that the founding fathers intended individuals to have the weapons necessary to fight a full fledged war with a world power. That was the point of the 2nd amendment. Suggesting that people have the right to bear arms for the purpose of hunting, sport, or to defend your home against burglers would have made as much sense to them as making a law today that guarantees the right to drink water, breath air, and eat a hamburger.

            • You are dead wrong... (Score:3, Informative)

              by Khyber ( 864651 )
              The founding fathers did not intend for the 2nd Amendment to allow individuals the ability to bear arms to defend themselves against a world power - they designed the 2nd Amendment to guarantee the citizen's right to revolt against their government. Look up some George Washington quotes and get your facts straight, please.

        • And even if it were shown that 99.99% of the use of lockpicks by unlicensed persons was for the purpose of burglary and auto theft -- well, tough, blame the user, not the tool. We have to preserve the unlicensed and unregulated use of that tool for the 0.01% of the uses that are beneficial.

          The problem I have, personally, with criminalizing (in your example) lockpicks, even if it is used to commit a crime 99.99% of the time, is indeed that 0.01%. Not so much because they're deprived of some sort of right

        • machineguns are not illegal, they just require a rather expensive tax stamp and many people own and fire artillery pieces, shit you can take a cannon into Canada with no problem but a 22 cal pistol will get you thrown in jail. Landmines and RPGs are illegal due to the explosives inside them; RPGs would be OK without an explosive warhead as far as I know but IANAL.

          I know a guy that got probation for "discharging a firearm inside the city limits" for "playing" Guns with a BB rifle too

        • Should people be allowed to own fully automatic weapons? RPGs? Artillary? Landmines? All without any sort of license requirements, background checks, etc.

          Um, yes? The second amendment says nothing about licenses or background checks.

          However, the 1938 Nazi gun control law that our Senator Thomas Dodd [hackcanada.com] (D-Conn.) had translated into English became the basis for our 1968 gun laws.

          The price of freedom being eternal viligance and all that.

          • Re:Baloney (Score:3, Insightful)

            by mr100percent ( 57156 ) *
            But the Founding fathers never envisioned landmines or dirty bombs.

            It's interesting how the same people who support Bush sending Americans to Guantanamo for allegedly planning on building a weapon, but insist on the unconditional right to bear arms.
        • The lockpick comment was interesting.

          I can't stop someone from picking the lock on my front door if they have the knowledge and skills to do it. I can just make sure I have very good locks that are tough to pick, take time and have some sort of measure in place to tell me if someone's out there picking or if (shudder) theyr'e successful in doing it.

          In order to detect rootkits, you have to know what you're looking for. People who do not have the skill to secure their server or the common sense to retain the
      • Crowbars, they should be illegal anyway, who uses them?

        "I do, you insensitive clod!" -Gordon Freeman

      • Re:Baloney (Score:3, Interesting)

        by shmlco ( 594907 )
        "This is another 'blame the tool, not the user' type of mentality."

        Yeah, because rootkits have so many other benign and benevolent purposes...
      • Don't mix everything up. It's perfectly posible to be against free drugs and guns, but for P2P and free discussion of rootkits.

        As long as it's just information, it's first amendment.
    • That's like saying Edison and Tesla are to blame every time someone gets electocuted.
      Actually, that's exactly what Edison would say. Though he wouldn't appreciate you lumping him in with the likes of Tesla.

      Of course, all this electrocution business just goes to show how much safer Edison's DC power would be, now doesn't it?

      Hmm. Makes me wonder what kind of power source this vendor (or its backer) is hyping....

    • Re:Baloney (Score:3, Insightful)

      by HiThere ( 15173 ) *
      Consider the source.

      McAfee certainly doesn't want to take the blame when the computers that it is paid money to protect are infected...so it looks for a soft target. (And now you know what I think of McAfee. I didn't even bother to check that this was the same one...so believe at your own risk.)
    • Argh! Don't give those intelligent design nutcases any ideas!
    • Nobody is saying that the open source community is to blame for the individual attempts. What it is saying is that the open source availability of information/code is to blame for the increase in the number of rootkits. It's a bit like saying that if Edison & Tesla had not made electricity widely available, then less people would be electrocuted therefore we could blame them for the increase in numbers of electrocution. That does not make them culpable for each electrocution.
    • More to the point, it's like saying wearing denim is a direct cause for anal rape.

      There is no connection between one thing and the other.

    • Re:Baloney (Score:4, Insightful)

      by hackus ( 159037 ) on Monday April 17, 2006 @09:31PM (#15146153) Homepage
      I place the increase of rootkits in numbers in a spectacular way to Sony and the DRM folks.

      They mass produce rootkits by the MILLIONS.

      Idiots.

      -Hackus
    • McAfee places the blame for increased numbers of rootkits squarely on the shoulders of the open source community

      That's like saying Edison and Tesla are to blame every time someone gets electocuted.

      Actually, Edison DID try to claim that AC was an exceptional electrocution hazard (compared to AC) and blame Tesla and Westinghouse for loosing it upon the world.

      (He even suckered Tesla into licensing him to do one invention using AC - before letting on that the invention was the electric chair.)
    • That's like saying Edison and Tesla are to blame every time someone gets electocuted.

      Well not Edison, he championed DC, it was Westinghouse that was the 'father' of AC, which is actually the deadly one and was used to kill people in executions.

      Sorry, couldn't resist.
    • McAfee places the blame for increased numbers of rootkits squarely on the shoulders of the open source community

      That's like saying Edison and Tesla are to blame every time someone gets electocuted.

      Ok, I think they are stretching things quite a bit as well, they would have been better served by making a lower bar point.

      Sharing of programming and technology is condusive to the sharing of hacking technology. Now this isn't necessary what 'Open Source' is actually, but hey if they don't know any better.

      My othe
    • That's like saying Edison and Tesla are to blame every time someone gets electocuted.

      You do know that the electric chair [about.com] has been invented during the AC vs DC flamewar by Edison (a DC proponent...) to "prove" that AC was too damn dangerous for general use ;)?

      So Westinghouse (not Tesla) is to blame for the invention of AC current, and Edison for his invention of that particular use of AC...

  • Phhhbt... (Score:5, Funny)

    by UbelievablyLame ( 962303 ) on Monday April 17, 2006 @07:41PM (#15145666)
    "Rootkits... you say it like it's a bad thing" -Sony

  • Marketing disguised as "Research" (Score:3, Interesting)

    by kaufmanmoore ( 930593 ) on Monday April 17, 2006 @07:45PM (#15145697)
    This report looks like a marketing ploy by McAfee to counteract Microsoft's OneCare Live product and Microsoft's reported move into stand-alone antispyware. As noted in a Cnet article on the same report, the report states that the term rootkit should be used in relation to malicious software only and not apply towards technology like Sony's DRM rootkit.

  • Business protection? (Score:4, Interesting)

    by microbee ( 682094 ) on Monday April 17, 2006 @07:48PM (#15145721)
    What is McAfree afraid of? Being bashed on rootkits.com just like Lavasoft? I think it's very important for the general public to know the information about virus and anti-virus technologies. Big companies try so hard to protect their secrets so that nobody else could get into the market. We often have no idea what kind of pieces of crap are running on our computers which we rely so much upon. Well, let the worms come out of the can!

  • Semantics (Score:5, Informative)

    by caffeination ( 947825 ) on Monday April 17, 2006 @07:51PM (#15145742)
    The linked article and the Slashdot summary twist McAffee's report to invoke images of someone blaming the likes of KDE for the existence of rootkits, which is misleading. They are in fact blaming increasing effectiveness on the fact that people are collaborating. If anything it's a glowing advert for the Open Source development model.

    Also, the majority of the article is not about this issue, despite it being both the title and the Slashdot title. Instead, it's about current trends in rootkit design.

    • You've got to hate those evil hackers who go around talking about what they can do on public, well known discussion boards. I mean, that makes it MUCH harder to fix the problems they're taking advantage of. It would be so much better if they kept it all on the down low, like normal criminals. Why, imagine what would happen if all the burglars in the world went down to the town square two days in advance and yelled out the exact time and address of the next house they were going to burgle. What would the

  • Does Open Source Encourage Rootkits? (Score:5, Insightful)

    by vertinox ( 846076 ) on Monday April 17, 2006 @07:51PM (#15145744)
    As much as Closed Source prevents them.

  • Hello, McAfee? We're trying to help you! (Score:5, Insightful)

    by Rex Code ( 712912 ) <rexcode@gmail.com> on Monday April 17, 2006 @07:56PM (#15145772)
    OK, I'll admit that there are a lot of rootkits being passed around in the open. More than in the past, and most of them include the source code. The only reason this should be a problem for McAfee is if they aren't able to keep up with the volume. Would they rather that these things circulated underground so that 10x more sites would fall victim before McAfee managed to capture an example to analyze?


    Full disclosure is the best way to force the holes that make the rootkits possible to be addressed sooner rather than later. McAfee should be grateful that these things are getting posted where they can use them to make their offerings more secure. Instead, they come off as a bunch of whiners.

    • There is another side to this, too. It's like bacterial conjugation. If there are certain bits of DNA (code) in the wild that do certain things, that code can be passed around and inserted into other organisms (rootkits) to help them survive. If they were forced underground, it would make it harder for both groups - for the rootkit makers to create better products and for McAfee to track the rootkit makers.

      That's not to say that spreading this information is a bad thing, but you have to realize that McAfee
      • Yes but the antivirus can't keep up with the new stuff coming out not so much because they are "new" but because their technology depends on signatures. It just so much easier for the bad guys to take their root kits, mix the functions arround and recomplie and viloa, the signatures stop matching.

      • Except that the rootkit makers have always passed information around on their own private networks. Forcing them underground would change absolutely nothing on their side, and would mean the AV companies would have less info on the rootkits to base their signatures and detection code on. In fact, the nastiest stealthed, encrypted, polymorphic viruses were developed when there was no public circulation of information about the techniques involved.

        The problem is that saying that circulation of information he

  • Access to info == Potential to do bad things (Score:5, Insightful)

    by licamell ( 778753 ) on Monday April 17, 2006 @07:57PM (#15145782)
    I mean, how is this any different than say all the resources on how to make bombs on the internet (oh no, I just got my traffic flagged since I think it passes through AT&T networks). Anyways, just because the info on how to make weapons is online does not directly lead to people using that info for bad things. The people who truly want to do bad things will get their info from elsewhere. This is just a bad marketing attempt to screw people out of freedom of information/speech.
    • "The people who truly want to do bad things will get their info from elsewhere."

      Right. And in the spirit of that logic, I suggest you disable your firewall, leave your keys in your car, unlock your front door, and post your daughter's picture, name, address, and phone number on mySpace. After all, the people who really want your computer, car, TV, and/or daughter will get them, so why not make doing so as easy as possible?
  • Remember its for the kids... or terrorists.. or someting ... its gotta go ..

  • Security vendor FUD (Score:5, Insightful)

    by hotdiggitydawg ( 881316 ) on Monday April 17, 2006 @08:02PM (#15145805)
    Wow. A security vendor, who has a critical financial interest in creating FUD, claims that disclosing security flaws creates security problems. Forgive me if my eyeballs don't explode with surprise.

    Security by obscurity has been proven time and again not to work. Nobody would find a security hole if it didn't exist. Likewise, if one does exist, if one person can find it so can someone else. The responsibility lies squarely with the developers.

    Time for a bad analogy (seeing as how this is Slashdot and all): If the door of your house/apartment/room/basement was made of balsa wood rather than a decent hardwood (or a reinforced steel-belted Faraday Cage for you tinfoil-hatters), it would only be a matter of time before someone worked this out. And regardless of whether they boot your front door in and make off with your home entertainment system, or simply leave you a note that says "This door is so thin I can hear you whacking off to Buffy reruns from across the hall (by the way your dinner's getting cold, son)" you can bet if one person can work it out, so can someone else. And the next person might not just leave you a note. So, if the door is your responsibility you better fix it ASAP, or risk the consequences. And if not, you better fry the ass of whoever is responsible, or you'll still risk the consequences yourself.

    Landlord won't give you a secure premises? Move out, and tell everyone about it. Or get a gun and a pit bull. Or barricade the door and use the kitchen window for access. Or all three. Windows has more holes than half a dozen slices of Jarlesberg? Switch to a more secure O/S, and add your voice to the complaints. Or install malware detection/removal tools. Or lock it down behind a firewall. Or all three. But don't just stick your head in the sand and hope nobody will notice, that approach just doesn't work.
    • A really bad analogy, because to continue it in this case we're placing a sledgehammer next to your door, bricks next to your windows, a ladder next to your balcony, and hanging a pair of wirecutters next to your alarm system.

      Without readily available sources of information, wanna-be rootkit hackers would be forced to invent (bring) their own tools to the party. And it's pretty easy to guess that more script-kiddies can tweek and compile free code than can create their own from scratch.
      • Without readily available sources of information, wanna-be rootkit hackers would be forced to invent (bring) their own tools to the party.

        Nice theory, but those "sources of information" have always existed. Except even when the white-hats weren't publishing source code, the black-hats were publishing enough information for script-kiddies to use. Ever heard of a "virus creation program" or "hacker BBS"?

        Shutting up the white-hats just gives the black-hats a head start, and everyone who has a clue knows

  • I would be more worried about their future than trying to blame OSS for their business. My guess is that McAfee and the other Window virus/malware/keystroke logging companies will be out of business in about 3 years or certainly in major decline.
  • Wasn't McAfee suspected of releasing computer viruses into the wild to beef up the sales of their wares?

  • Mod McAfee (Score:5, Insightful)

    by Firehed ( 942385 ) on Monday April 17, 2006 @08:06PM (#15145822) Homepage
    Mod McAfee down -1, Troll.

  • Depends who you ask (Score:5, Funny)

    by suv4x4 ( 956391 ) on Monday April 17, 2006 @08:18PM (#15145864)
    "Does Open Source Encourage Rootkits?"

    MS: Oh let me asnwer, me me me me!
  • Did it ever occur to them they might want to employ more of the Open Source people instead of starting a self-righteous war?

    Every possible action in the world has an economy surrounding it.

    Don't like it? Change the economy of whatever vexes you.

  • And the answer is..... (Score:4, Funny)

    by 3seas ( 184403 ) on Monday April 17, 2006 @08:22PM (#15145885) Homepage Journal
    ask Sony.
  • Power corrupts.

    Solution: Close the websites; burn the books.
  • I always find it interesting how they blame open source users for viruses and spyware, or in this case, rootkits. Last time I checked, isn't it the Microsoft (R) Windows that has the problems with these things? How much malicious code do you see for Linux, BSD, etc... I'm sure the answer is much less than for Windows.

    When there's a problem in the open source community, they blame each other. When there's a problem in the proprietary source community, they blame the open source.

    They really have no argu
  • Is it no longer possible to cut a node off from Internet access?

    Whatever happened to the IDP?

  • Headline doesn't match article... (Score:3, Interesting)

    by fortinbras47 ( 457756 ) on Monday April 17, 2006 @08:59PM (#15146030)
    The main point of the article isn't about open source, but about websites that bring people together to work on technology that can be used for nefarious purposes.

    From the article: "The predominant reason for the growth in use of stealthy code is because of sites like Rootkit.com," says Stuart McClure, senior vice president of global threats at McAfee.

    Again, to me, this isn't an "open source" problem as much as an "Internet/can we stop bad guys from getting together and working on bad things" problem.

    I somehow doubt rootkit.com is that dangerous (or I have no idea if it's even malicious), but I think we're likely to see this general issue come up again with websites on bomb making techniques, biological weapons etc... What should the government/society do if there is a public website that researches technology that can be used to make mass casualty weapons?

  • Proliferation of rootkits mean opensource works (Score:5, Funny)

    by poopie ( 35416 ) on Monday April 17, 2006 @09:17PM (#15146096) Journal
    Instead of users being limited in their choices of rootkits, users now have many different rootkits that are community supported to choose from. *THIS* is exactly why opensource is so important.

    Who wants to be stuck with a closed source rootkit when your IRC channel and server change and you have no way to update it? Opensource empowers the user to take the best features of different rootkits to ensure that they get the rootkit that meets their needs.

    Users can strip down rootkits to run on older hardware that would otherwise be discarded, or they can enable many new features that make these rootkits competitive with all of the current commercial rootkits currently being used. ... Seriously, though, all of this just means that security patches continue to become more critical and that deployment of patches on servers cannot wait for months or years like we used to do back in the good old days.

    With the proliferation and expansion of UNIX desktop software that tries to emulate more and more windows (mis)-features, I think the rootkits and opensource actually do a lot to ensure that the basic applicatio n and OS security model in Linux and GNOME and KDE desktop environments remain secure.

  • open source == freedom (Score:5, Insightful)

    by IchBinEinPenguin ( 589252 ) on Monday April 17, 2006 @09:21PM (#15146115)
    freedom encourages all sorts of things, some of them bad.

    Live with it, it's better than the alternative.
  • 1) open source makes creating root kits easier (for the kiddies)

    2) closed source makes finding/removing root kits more difficult (for the admins)

    I'll deal with 1 before I'll face off against 2. Making life easier for the kiddies is a lot less hassel than making MY life more difficult.
    • Agreed. The closed source community is notorious for doing amazingly brain-dead things and lying about patching it.

      But notice that the closed-source/opoen-source involved here has almost nothing to do with the nature of the operating system: it has to do with the development models for rootkits themselves. The rootkit developers are sharing their information, and frankly, they should share it. Otherwise, these holes will remain in place and fester and be passed around behind doors that are barely closed at

  • Two words: Poor Journalism ... (Score:3, Informative)

    by Zero__Kelvin ( 151819 ) on Monday April 17, 2006 @10:02PM (#15146276) Homepage
    Anyone who has read David Hume's "A Treatise on Human Nature" [amazon.com] knows that human nature is the cause of rootkits. If one is looking for a root cause that fosters human nature's ability to distort in this particular fashion they need look no further than poor journalism!

    If the journalist or her editor possessed the proper level of subject knowledge and/or integrity required for true journalism to occur, then this patently absurd question would never be asked in an article.

    Problems with the article abound, but this lone article is far from the problem. Never the less, it is a quintessential example of the kind of absurd misunderstanding of the landscape of the subject matter combined with the complete disregard for the principle of the pursuit of truth as a core element of journalistic principle that is endemic to the disease of misinformation which fosters misinformation in society today.

    A few points that should be obvious, but are missed completely by this article:
    1) The term rootkit stems from the fact that the concept comes from a UNIX environment
    2) Most "rootkits" today target M$ proprietary products
    3) Rootkits have always been "Open Source", unless you count ...
    4) The biggest rootkit vendor is Sony, who works closely with M$

    I could go on, but it is the misinformation propogated by piss poor journalism coupled with the lackluster education levels of the vast majority of the members of society in the free world that is the cause of most problems in the world today.
  • The reason the AntiVirus vendors keep producing this kind of inflamatory FUD is because it works.

    Every time an AntiVirus company issues a fear mongering white paper, press release, or paid article placement in a magazine they get explosive coverage, dozens or hundreds of free articles written about them or their topic of interest, nearly all with links back to their original article. Within limits, bad publicity is publicity and publicity is good.

    Meanwhile, companies like mine that are building next-generation network security systems (shameless link to Intrinsic Security AntiWorm [intrinsicsecurity.com]) and who try to be good network citizens must work a thousand times harder for links back to our web sites, don't get slashdot stories about us, don't get bazillions of blog entries linking back to us.

    Mine is not the only company that suffers this problem. Every time a story by one of these highly bogus AntiVirus FUD spreading companies ticks you off, you should include at the end of your rant about it in your blog a few links to non-bogus internet security companies. We would greatly appreciate it.

    Honestly, there are days when I feel like whipping up a FUD press release or scare mongering white paper. It would be easier than taking the publicity high road.
    • Aha! You have stumbled onto the secrets of the unforementionable Marketing Association of Network Engineers and their methodology of increasing their product publicity and thusly their sales.

      Every intrusion detection, anti-virus, malware detector, trojan detector, rootkit detector companies are trying to outfox each other with their shining new widgets that can normalize, filter, block malicious payloads. It is like the Holy Grail. There can only be ONE.

      Fear, Uncertainity and Doubts is the primary driver
  • McAfee's just pissed that their product sucks at finding root kits.

    In fact, McAfee is pretty much kinda sucking and finding any of the latest malware. They're just trying to jump on the anti-open source bandwagon because they don't have a better plan. Is Daryl McBride working there, too?
  • ... Sony was part of the open source software movement.
  • What if the discussion were about making nuclear bombs? What if it were about making custom biological agents or virii? What if the discussion was about any type of WMD?

    I'm not trying to be sensationalist. I do understand that vulnerabilities in systems need to be pointed out before anyone will spend the money on corrective action. I also understand that if the knowledge is kept 'secret' that only two groups of people will have the knowledge -- the 'good ones' and 'the bad ones.' It does little to noth
  • just imagine a world were people were ethical enough not to mess with other people's computers. We could share files, and network all together into a gigantic group of networks where the computers would become self aware and solve our all our problems.

    or to look at it another way, we would need a lot less computer techs and anti-virus companies wouldn't exist. Yah... A world without rootkits (read- not open source) is the way to go.

  • Does closed source encourage vulnerabilities?

  • Heh (Score:2)

    by MoogMan ( 442253 )
    That's like blaming guns for creating murderers.

    Or blaming burger shops for making Fat People.

Slashdot Top Deals

A morsel of genuine history is a thing so rare as to be always valuable. -- Thomas Jefferson

Close