- home
- reviews
- news
- downloads
- cnet tv
HOLIDAY HELP DESK: Broadcasting live at 1:00 p.m., PT
- log in
- join CNET
- welcome,
- my profile
- log out

Comments on: Homeland Security official suggests outlawing rootkits

With mishaps like the Sony BMG fiasco, outlawing rootkits might be the way to go, a Homeland Security official suggests.

Add a Comment (Log in or register) (22 Comments)

MS allows this crap to be installed. STOP USING IT!

by Anon-Y-mous February 16, 2006 7:06 PM PST

You can't root kit a Mac. You can't root kit Unix. This happened ONLY because of MS's failure to protect users from such activity, blindly installing anything the user clicks on, regardless of the damage it can do.

Like this Reply to this comment

No, you allow this crap to be installed
by mstlyevil February 16, 2006 8:34 PM PST: I bet you a dollar if you run as root in both a Mac and Linux someone could design a rootkit to infect your system. The problem with Windows is every one runs a Admin. If people would just use limited accounts, they would not have a problem with rootkits. Vista is going to correct this by instituting a Unix/Linux style permission system that is on by default. Until then users need to stop running as admin. If users would educate themselves more on securing their Windows PC's, this would not be as big of a problem.; Like this View reply Hide reply
Processing

True Anon...
by solarflair February 16, 2006 8:52 PM PST: Your right. If the windoze user has not set up a user account other than su they will be rooted. Unix, Linux can be hammered if any user is stupid enough to log on as su for other than system maintenance to their system.

Carry on...; Like this

"You can't root kit Unix"
by justanothersteve February 17, 2006 12:06 AM PST: Firstly I will gladly join any anti-microsoft protest. When I buy a DVD, I can watch it on the living room tv, my bedroom tv, or my kids can take it too the den and watch it in there legally (we are talking about a commercial dvd, not copies). But I can't legally take my cd of XP and put it on each of my three computers, I must buy a copy for each of my 3 computers. That is ridiculous.

Now, I must point out that the term "rootkit" actually spawned from *nix (i.e. root access). I can't speak for Mac, but you can rootkit Unix because rootkits actually began with *nix systems. (For the record, I use Linux on all three of my systems and dual-boot with XP on one of them for the wife's sake); Like this View reply Hide reply
Processing

Whow Anon, you're off base on that comment
by rcrusoe February 17, 2006 8:12 AM PST: As much as I love my Macs and Linux boxes, they can definitely be rooted by someone who knows what they are doing. Any OS can be compromised. It just takes a lot more skill to break into a Mac or *nix box than it does to crack a Windows computer.

And, IMO, there's no use yelling at MS to fix Windows. After all these years of them trying, it's obvious that it can't be done.; Like this

RE
by unknown unknown February 17, 2006 9:30 AM PST: It was well documented before Sony's rootkit that some audio CDs where coming with copy protection that was setup to autorun when the CD is inserted into a computer (SunnComm suing a student for point out the copy protect could be defeated with the shift key for example). I don't know about you but I don't let anything from a CD I didn't create autorun. There is only so far Microsoft etc can go to protect the user from themselves without being overbearing and compromising the usefullness of the OS. It should be pointed that in order to install the XCP copy protection one had to be running with admin privileges. Users who where smart and used a limited account for their day to day computer use couldn't install it without switching to an account with admin privileges. At some point the user needs to know what they're doing.

Yes you can rootkit Unix, in fact it started with Unix.; Like this

We ain't seen nothing yet!
by heystoopid February 16, 2006 7:09 PM PST: We ain't seen nothing yet!, for it is not in the makeup of the Audio & visual media, to be meekly compliant to all laws and regulations, and to be fair and transparent to both the artists and the end users, as they seek out ways and means to profit from all!

Oh well, it was a nice altruistic thought though!; Like this Reply to this comment

Good boycott, wrong reason...
by Russell McOrmond February 17, 2006 5:46 AM PST: Any computer can have a 'RootKit' installed on it, as a RootKit is simply a different version of the operating system than what the vendor supplied, and is intended to hide this version change and what it does from the owner of the computer.

Microsoft should be boycott as they are partly leading an initiative to be shipping official versions of operating systems which come from the vendor with the same traits as a rootkit: the owner of the computer is not in control of the computer, and third parties are.

This initiative is sometimes called "Trusted Computing", and pretty much means you can not trust your own computer.

Please watch: [LAFKON] A movie about "Trusted Computing"
http://www.digital-copyright.ca/node/1175; Like this Reply to this comment

Rootkits are already illegal

by aabcdefghij987654321 February 17, 2006 6:51 AM PST

That's why Sony is still facing prosecution for their illegal actions. (They only settled the "class action" lawsuits, not the criminal ones).

Rootkits are possible with any OS, you just have to be able to get your rootkit install code to run under the right permissions. There have been a lot of paths for doing that which have been patched in the past and it's likely there are more to be found yet.

Like this Reply to this comment

RE
by unknown unknown February 17, 2006 9:15 AM PST: Rootkits aren't illegal, installing them on some elses computer without informing the user is (at very least it's unethical). Especially if the rootkit exposes the user to a security risk.; Like this

Head in the sand
by February 17, 2006 7:51 AM PST: Jonathan Frenkel should be in the cast, if they decide to do a re-make of "Flock of Dodos: The Evolution-Intelligent Design Circus". I know it Ostrich that have their heads in the sand, but Jonathan's idea is so off the wall I couldn't resist.

Maybe he will consider baning 'C' compilers next?; Like this Reply to this comment

What do rootkits have to do with homeland security?

by Razzl February 17, 2006 10:03 AM PST

Forgive my ignorance here--is this guy speaking on this topic because he works for the Justice Department and they come under Homeland Security now, or is he just speaking out of turn? What public interest does Homeland Security have in the rootkit software issue? Especially under the leadership of a President who does not acknowledge privacy rights in any way, legally or morally--in a Department whose other branches want the right to install spyware on all of our computers? I agree with the guy's thinking, but what is his relationship to this topic?

Like this Reply to this comment

homeland security
by The user with no name February 17, 2006 10:59 AM PST: is looking at this from the perspective of cyber attacks against US companies, local/state/federal computers that may be compromised and the way this could all relate to cyber terrorism.

Since an infected pc could allow a cyber terrorist to gain access to vital security and infrastructure systems across the country Homeland Security is seeing the bigger picture.; Like this

Information Security
by February 17, 2006 11:06 AM PST: ...is a DHS responsibility.

But I can't forgive your ignorance when you say something completely untrue about our privacy rights. And DON'T rattle off examples where you think privacy wasn't protected "enough," because that's not what you said. You said they weren't protected "in any way." Well, this story here already disproves that. There are plenty more.; Like this

Nothing and Everything
by Chris Barnes February 17, 2006 11:16 AM PST: Suppose I work at the DoD or NSA and I happen to bring a nice new
music cd to work. I place the disk in my computer, I work, I enjoy
my music and I have created security problem. Suppose I work at a
nuclear power plant? Suppose I work with airtraffic control systems?
The point is ... music CD's were seen as benign when in fact they
were not.; Like this

Homeland Security and Root Kits
by atenor February 17, 2006 11:49 AM PST: Anything that has effects on large numbers of computers has effects on Homeland Security.
Think about how many computers running Windows of one sort of another are around in the US government and states too.
I work in a government instalation and our users can play a music CD in their computers. As soon as notice of this came out we had to do a network alert about the problem.
It's a security problem and HS is ultimately responsible for security of all types.

AG; Like this

New Security Approach to Development
by 209979377489953107664053243186 February 17, 2006 5:39 PM PST: How do you outlaw rootkits when half the time companies don't even know until after the fact that their software produced one?

Any software developer these days who doesn't take a proactive step towards progressive protection from hackers is putting users at risk. Until this is truly rectified, the onus is upon users to take ensuring their digital information themselves.
http://www.essentialsecurity.com/yourbusiness.htm; Like this Reply to this comment

Logic says the Feds should know not ponder and wonder
by Iohagh February 20, 2006 1:59 PM PST: Maybe guns in the hands of kids should be illegal. Well, its not illegal as much as it is illegal to sell it to them without a legal license which they cannot get until they are adults.

I am amazed that basic stuff that any common sense solution could solve is lost here. For my part, I look at this as just another keystroke cops, sic, keystone cops.

The problem is it isn't funny because as a taxpayer I'm paying for it. That's what I think. Ciao now.; Like this Reply to this comment