funsec mailing list archives
Re: Sony DRM Rootkit (again) and questions about its disclosure...
From: Pierre Vandevenne <pierre () datarescue com>
Date: Thu, 17 Nov 2005 19:14:42 +0100
Good Day, F> Okay, so Bruce Schneier has an article in Wired today where he F> say this: F> What do you think of your antivirus company, the one that didn't F> notice Sony's rootkit as it infected half a million computers? And Simple answers would be - the Sony "rootkit" isn't a virus, despite the genre confusion currently fueled by the medias. I don't expect an anti-virus to detect everything that's bad or could be bad for me or my computers. However, I'd expect behavioral analysis based rootkit detectors to ring some bells. - it did not "infect" computers. While the level of non-disclosure about how the program acted was of course inacceptable, it was announced and installed in a fairly standard way. Also, as far as I know some anti-virus companies independently found out but weren't too sure on how to tackle the problem legally. Similar situations have been quite ambiguous in the past. But what about the larger picture? There are, imho, dozens of similar issues in current software, be they multi-user games utilities, copy or content protections, adware, etc... Why aren't people paying attention now? Why aren't pundits writing about it now? People need to spend time and eventually be able to derive benefits (such as advertisement) of their work. Everyone is hammering Sony right now, because it is a sure way to get attention. The problem is really fundamental, and the tools to find about it in a time and cost effective way simply don't exist today (yes, I wrote this :(). Now, the fundamental truth is that it isn't possible to implement copy protection mechanisms that would be beyond reproach. I am sure people involved in today's operation are fully aware of that. But of course, simply saying "we oppose all kind of copy/content protection" isn't too politically correct. Better attack it from the sides, for example by an "ad absurdum" reduction tactic where content protection will ultimately be shown to be intrinsically unsafe. (disclosure: have financial interests with both sides) -- Best regards, Pierre mailto:pierre () datarescue com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Sony DRM Rootkit (again) and questions about its disclosure... Fergie (Nov 17)
- And another Sony DRM Rootkit question Larry Seltzer (Nov 17)
- Re: And another Sony DRM Rootkit question Pierre Vandevenne (Nov 17)
- RE: And another Sony DRM Rootkit question Larry Seltzer (Nov 17)
- Re: And another Sony DRM Rootkit question Mary Landesman (Nov 17)
- Re: And another Sony DRM Rootkit question Pierre Vandevenne (Nov 17)
- Re: Sony DRM Rootkit (again) and questions about its disclosure... Pierre Vandevenne (Nov 17)
- Re: Sony DRM Rootkit (again) and questions about its disclosure... Blue Boar (Nov 17)
- Re[2]: Sony DRM Rootkit (again) and questions about its disclosure... Pierre Vandevenne (Nov 17)
- Sony DRM Rootkit samples Jochen (Nov 21)
- RE: Sony DRM Rootkit samples Larry Seltzer (Nov 21)
- Re: Sony DRM Rootkit samples Jeff Kell (Nov 21)
- RE: Sony DRM Rootkit samples Larry Seltzer (Nov 21)
- Re: Sony DRM Rootkit (again) and questions about its disclosure... Blue Boar (Nov 17)
- And another Sony DRM Rootkit question Larry Seltzer (Nov 17)