funsec mailing list archives
Mr. And Mrs. Rootkit Smith
From: "Fergie" <fergdawg () netzero net>
Date: Tue, 14 Feb 2006 15:33:04 GMT
Oh, goodie. More rootkitting fun! This time on DVD's... Via F=Secure. [snip] Heise Online is reporting about yet another example of the ever-warming relationship of copy protection and rootkit technologies. The affair started with the digital rights management system Sony BMG was using to protect audio CD's. Now, we can also confirm (thanks to RĂ¼diger from our German office!) that at least the German DVD release of the movie "Mr. & Mrs. Smith" contains a copy protection mechanism which uses rootkit-like cloaking technology . The Settec Alpha-DISC copy protection system used on the DVD contains user-mode rootkit-like features to hide itself. The system will hide it's own process, but does not appear to hide any files or registry entries. This makes the feature a bit less dangerous, as anti-virus products will still be able to scan all files on the disk. However, as we note in our article on rootkits, it's not that uncommon for real malware to only hide their processes. [snip] More here: http://www.f-secure.com/weblog/#00000810 - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Mr. And Mrs. Rootkit Smith Fergie (Feb 14)