Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Homeland Security official suggests outlawing rootkits

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Homeland Security official suggests outlawing rootkits
Date: Fri, 17 Feb 2006 02:16:15 -0600 (CST) 
http://news.com.com/Homeland+Security+official+suggests+outlawing+rootkits/2100-7348_3-6040726.html

By Joris Evers 
Staff Writer, CNET News.com
February 16, 2006

SAN JOSE, Calif. -- Perhaps the best way to deal with rootkits is to
outlaw them.

At least when it comes to such mishaps as the Sony BMG Music
Entertainment fiasco, that's what an official from the Department of
Homeland Security suggested Thursday.

"The recent Sony experience shows us that we need to be thinking about
how we ensure that consumers are not surprised by what their software
programs do," Jonathan Frenkel, director of law enforcement policy at
the U.S Department of Homeland Security said in a speech here at the
RSA Conference 2006.

A lesson has been learned from the Sony debacle, which left unwitting
consumers with software on their PCs that could be used by
cyberattackers to hide their malicious code. "Companies now know that
they should not surreptitiously install a rootkit on computers,"  
Frenkel said.

But perhaps more importantly, how could the mishap have been avoided
in the first place? "Legislation or regulation may not be a solution
in all cases, but it may be warranted in appropriate circumstances,"  
Frenkel said.

Last November, Sony was found to be shipping copy-protected compact
discs that planted so-called rootkit software on the computers that
played them. The rootkit technology offered a hiding place for
malicious software and attackers, which were quick to exploit it.

After the rootkit technology was uncovered on Sony's CDs, the company
faced heavy criticism and lawsuits. It recalled the discs, stopped
production and has agreed to offer compensation for buyers of the CDs
that contain the rootkit.

Since the Sony case, other companies have been accused of shipping
products with rootkit-type behavior. Symantec last month released an
update to its popular Norton SystemWorks to fix a security problem
that could be abused by cybercriminals to hide malicious software.

According to F-Secure, a Finnish antivirus vendor, the German DVD
release of "Mr. & Mrs. Smith," contains a digital rights management
protection tool that uses rootkit-like cloaking technology. The movie
is distributed by 20th Century Fox.



_________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Homeland Security official suggests outlawing rootkits, InfoSec News <=
Previous by Date:  [ISN] Secunia Weekly Summary - Issue: 2006-7, InfoSec News
Next by Date:  [ISN] Utility hack led to security overhaul, InfoSec News
Previous by Thread:  [ISN] Secunia Weekly Summary - Issue: 2006-7, InfoSec News
Next by Thread:  [ISN] Utility hack led to security overhaul, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]