This is the biggest load of shite I’ve read this year I think.
Rootkits are becoming more prevalent and difficult to detect, and security vendor McAfee says the blame falls squarely on the open source community.
In its “Rootkits” report being published today, McAfee says the number of rootkits it has collected as malware samples has jumped ninefold this quarter compared with the same quarter a year ago. Almost all the rootkits McAfee has identified are intended to hide other code (such as spyware or bots) or conceal processes running in Windows systems.
“The predominant reason for the growth in use of stealthy code is because of sites like Rootkit.com,” says Stuart McClure, senior vice president of global threats at McAfee
Rootkit.com’s 41,533 members do post rootkit source code anonymously, then discuss and share the open source code. But it’s naive to say the Web site exists for malicious purposes, contends Greg Hoglund, CEO of security firm HBGary and operator of Rootkit.
“It’s there to educate people,” says Hoglund, who’s also the co-author with James Butler of the book Rootkits: Subverting the Windows Kernel. “The site is devoted to the discussion of rootkits. It’s a great resource for anti-virus companies and others. Without it, they’d be far behind in their understanding of rootkits.”
It’s definitely there for education purposes, the Rootkits book is very informative. Sadly this is the same old discussion again and again, non-disclosure vs full-disclosure. Those who really understand the process want to share the information as soon as possible to aid prevention techniques and to promote understanding, not hiding behind ignorance and implementing security through obscurity.
Those pimping anti-virus software, anti-exploit and whatever obviously want to fuel the FUD that opensource software and sharing of knowledge actually exacerbate the problem.
It seems Trend actually understands the issue, unlike McAfee the corporate bitch.
Anti-virus vendor Trend Micro says the Rootkit Web site cuts both ways.
“We need those open source people,” says David Perry, global director of education at Trend Micro. “They uncover things. It’s a laboratory of computer science. They demand the intellectual right to discuss this.”
What more can we say..
Source: Network World
- Windows Registry Infecting Malware Has NO Files
- FakeNet – Windows Network Simulation Tool For Malware Analysis
- Microsoft’s Anti-Malware Action Cripples Dynamic DNS Service No-IP
- Windows Rootkits
- VMWare Rootkits, The Next Big Threat?
- Sophos Offers Free Rootkit Detection Tool/Software
Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,294 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,444 views
- US considers banning DRM rootkits – Sony BMG - 44,926 views