Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Tuesday, November 29, 2005

The new Buzzword: Rootkits

I found an Email I wrote a year ago warning of the danger of "rootkits" and another where I predicted that 2005 would be the year of the Rootkit. Unfortunately, my prediction has come true. As we enter 2006 it appears that "Rootkit" may be the new Buzzword which will knock "Spyware" off its throne.

What brought Rootkit to the mass media has been the discovery of a heinous scheme used by Sony BMG to prevent unauthorized copying of their music CD. The technology called XCP, was created by a company called First4Internet. It wedges itself into standard Windows code so that it can hide itself from Windows, security programs and any file viewer.

What's wrong with Sony protecting their copyright material?

  • It actually makes core changes to your operating system. It's hard enough to keep Windows stable and debug problems without a 3rd party adding a layer of unknown complexity.
  • It opens up a security hole that allows other programs to hide their files on your system. Any filename that began with the same sequence of characters would never show up.

Hopefully all the exposure of the Sony rootkit will make folks more aware. The state of Texas has filed a lawsuit, our friend Elliot Spitzer in NY is investigating and even the Homeland Security Dept has recently commented on the issue.

This new issue just makes it more obvious that users MUST know what programs are being installed on their system and why. If a legitimate company can make changes to your computer system of this nature imagine what could be done by some malicious program.

In the past, worms, Trojans, Adware and keyloggers have all been equally classified as "Spyware". In the future you can expect every hard drive problem and pop up ad to blamed on some kind of "rootkit".

Share on Facebook


3 Comments:

Anonymous Anonymous said...

Just FYI, the word "rootkit" has been around in the *nix world for a very long time now. I don't know just when it was coined, but I'd say we have something on the order of decades of use behind it. I guess it's getting buzz all of a sudden with the Sony DRM fiasco, but it's not really a word du jour, lest anyone wonder.

2:54 PM  
Blogger Unknown said...

Good point. I didn't provide a complete history of rootkits but it's good to point out that rootkits originated in the Unix world. Windows had been safe for a while but no more.

2:58 PM  
Anonymous Anonymous said...

I wished Spy-ware scanner would pick them up also, yes they are bad people don't know how bad!

12:20 AM  

Post a Comment

<< Home