looks like SOny wasn't the only one for adding a rootkit

***dalek*** · January 12th, 2006, 09:16 PM

Symantec Corp. has fessed up to using a rootkit-type feature in Norton SystemWorks that could provide the perfect hiding place for attackers to place malicious files on computers.
ADVERTISEMENT

The anti-virus vendor acknowledged that it was deliberately hiding a directory from Windows APIs as a feature to stop customers from accidentally deleting files but, prompted by warnings from security experts, the company shipped a SystemWorks update to eliminate the risk.

Symantec, of Cupertino, Calif., is the second commercial company caught in the flap over the use of rootkit-type techniques to hide files on computers. Rootkits are programs that are used to give a remote user access to a compromised system while avoiding detection from security scanners.

Source

Another nail for Norton............

***dalek*** · January 12th, 2006, 09:16 PM

Symantec Corp. has fessed up to using a rootkit-type feature in Norton SystemWorks that could provide the perfect hiding place for attackers to place malicious files on computers.
ADVERTISEMENT

The anti-virus vendor acknowledged that it was deliberately hiding a directory from Windows APIs as a feature to stop customers from accidentally deleting files but, prompted by warnings from security experts, the company shipped a SystemWorks update to eliminate the risk.

Symantec, of Cupertino, Calif., is the second commercial company caught in the flap over the use of rootkit-type techniques to hide files on computers. Rootkits are programs that are used to give a remote user access to a compromised system while avoiding detection from security scanners.

Source

Another nail for Norton............

***Tiger Shark*** · January 12th, 2006, 09:29 PM

I'm absolutely no fan of Norton but while it opened up the potential for "mischeif" it was done with an entirely different goal in mind to that of Sony..... The intent was protection.

Software has been hiding things since Pontius was a Pilot.... It's nothing new.... This is just more FUD to keep you reading.....

***Tiger Shark*** · January 12th, 2006, 09:29 PM

I'm absolutely no fan of Norton but while it opened up the potential for "mischeif" it was done with an entirely different goal in mind to that of Sony..... The intent was protection.

Software has been hiding things since Pontius was a Pilot.... It's nothing new.... This is just more FUD to keep you reading.....

***HTRegz*** · January 12th, 2006, 09:37 PM

Hey Hey,

This is funny because I just finished reading the F-Secure Weblog and the eweek article and was coming here to post about it...

I have to agree with Tiger Shark here... I had always thought that the protected recycle bin and nprotect were fairly well known... it's not like Norton has ever tried to hide their existence...

I really don't think it's fair to lump Sony and Norton into the same category here...

Hell I Remember a program called Magic Folders... when I was living at home I used to use it to hide my porn from my parents.... Open Magic Folders, select the folders.. suddenly those folders were hidden.... No one could see them... except that software.... Is that a rootkit too???

I don't think it's fair to call it a "rootkit type" feature.... it's not similar to a rootkit at all... Does it allow you access to the system?? Nope.. it hides itself.. that's all... It's also not a rootkit technique... Norton/Symantec were doing it a lot longer than rootkits were... It's their technique...

It's all a bunch of BS.... even F-Secure and SysInternals (both credited with finding it) are saying that this has been blown out of the water by the media...

Peace,
HT

***HTRegz*** · January 12th, 2006, 09:37 PM

Hey Hey,

This is funny because I just finished reading the F-Secure Weblog and the eweek article and was coming here to post about it...

I have to agree with Tiger Shark here... I had always thought that the protected recycle bin and nprotect were fairly well known... it's not like Norton has ever tried to hide their existence...

I really don't think it's fair to lump Sony and Norton into the same category here...

Hell I Remember a program called Magic Folders... when I was living at home I used to use it to hide my porn from my parents.... Open Magic Folders, select the folders.. suddenly those folders were hidden.... No one could see them... except that software.... Is that a rootkit too???

I don't think it's fair to call it a "rootkit type" feature.... it's not similar to a rootkit at all... Does it allow you access to the system?? Nope.. it hides itself.. that's all... It's also not a rootkit technique... Norton/Symantec were doing it a lot longer than rootkits were... It's their technique...

It's all a bunch of BS.... even F-Secure and SysInternals (both credited with finding it) are saying that this has been blown out of the water by the media...

Peace,
HT

***dalek*** · January 12th, 2006, 09:56 PM

I agree, but I think people should be aware of this:

He confirmed Russinovich's contention that more and more legitimate commercial vendors are using cloaking mechanisms, warning that it is a "dangerous trend," even if the it's not an offensive, malicious rootkit.

It's just 2 that we are now aware of, regardless of their intentions, I think the point Russinovich is making is valid, the box is mine, not for someone else to put stuff on it without my knowledge, so if Norton and Sony had been upfront prior to your installing the product (out of the box ,unlike OEM's) then fine."buyer beware".

***dalek*** · January 12th, 2006, 09:56 PM

I agree, but I think people should be aware of this:

He confirmed Russinovich's contention that more and more legitimate commercial vendors are using cloaking mechanisms, warning that it is a "dangerous trend," even if the it's not an offensive, malicious rootkit.

It's just 2 that we are now aware of, regardless of their intentions, I think the point Russinovich is making is valid, the box is mine, not for someone else to put stuff on it without my knowledge, so if Norton and Sony had been upfront prior to your installing the product (out of the box ,unlike OEM's) then fine."buyer beware".

***Tiger Shark*** · January 12th, 2006, 10:10 PM

the box is mine, not for someone else to put stuff on it without my knowledge

Then the answer is simple Dalek.... Write your own OS and all your own apps....

How on earth was Norton putting something on your box without your knowledge.... You _bought_ the freaking software!!!!! Duh....

Sony was an _entirely_ different issue - people bought a CD presumably because they wanted to hear music. They did not expect that when it was put into a computer it would install software.... The difference is quite clear.

***Tiger Shark*** · January 12th, 2006, 10:10 PM

the box is mine, not for someone else to put stuff on it without my knowledge

Then the answer is simple Dalek.... Write your own OS and all your own apps....

How on earth was Norton putting something on your box without your knowledge.... You _bought_ the freaking software!!!!! Duh....

Sony was an _entirely_ different issue - people bought a CD presumably because they wanted to hear music. They did not expect that when it was put into a computer it would install software.... The difference is quite clear.

Thread: looks like SOny wasn't the only one for adding a rootkit

Thread Tools

Display

looks like SOny wasn't the only one for adding a rootkit

looks like SOny wasn't the only one for adding a rootkit

Posting Permissions