Nellie2 23:45 11 Nov 2005

There has been some discussion recently about Rootkits, especially with the Sony Rootkit debacle going on click here

However... people can get a little confused about rootkits (me included) but Suzi at SpywareWarrior has written an excellent information piece on Rootkits and I would advise you to take the time to checkout what she has to say. click here

  Forum Editor 00:08 12 Nov 2005

and thanks for the heads up.

The possible proliferation of rootkits as part of Digital Rights Management strategies is something I personally find a disturbing prospect, and the Sony case is something I've been watching with great interest.

  LastChip 00:48 12 Nov 2005

Sony are going to be extremely sorry for ever using this software.

It seems at least one Country are looking at a Federal Charge against Sony and Lawyers in the USA just love this sort of opportunity, especially as the first malware using this rootkit has now appeared.

Given the way in which it was done, I say damn good luck to them.

  jack 08:48 12 Nov 2005

All this reminds me of the endless loop of what steps private indivuduals can do to protect themselves and their property.

We are familiar with the story/s of little old ladies having had their home violated, installed razor wire on the propery boundry or similar to keep intruders out - only to be persued because someone cut themselves.
The reason that someone cut themselves seems to get lost in the ensuing battles .

  De Marcus™ 09:57 12 Nov 2005

And now Sony is in the firing line again, I bet they wish they hadn't started this whole mess.

"The Troj/Stinx-E malware attacks PCs via email, with a message asking users to open an attached picture. Running this causes a file to be copied to the hard disk using the same "$sys$" prefix used by Sony’s DRM program. This hides the file on any system already loaded with Sony’s protection software."

  Chegs ® 11:18 12 Nov 2005

Although I agree that Sony should never have used the rootkit software on their CD's without at least informing users that it existed,I think a portion of blame should be directed towards the first4internet company for writing the iffy code in the first place.Surely,if they can write code they will have realised the potential of the nefarious folk to rework it for their own uses.

Its now reached the point where its become almost to risky to use the internet.Rootkit software is nigh on impossible to shift without a format.With my 1st PC,updating and running the anti-apps took ten mins(even on dialup)now I have so many anti-apps that running them all and updating has taken up a hefty chunk of my time,and whats the point if I'm still likely to get clobbered by a rootkit from such as Sony?

  €dstowe 12:33 12 Nov 2005

An illustration, once again, of the absolute necessity of a comprehensive backup.

  Mr Mistoffelees 17:45 12 Nov 2005
  Chegs ® 18:11 12 Nov 2005

I have images of my full systems partitions,made with several different apps.Those partitions that change significntly have incremental backups.These images are saved not just to HD but to spanned CDR's/DVD's,so your "illustration" is wasted on me,but you appear to have completely missed the point I made about rootkits,eg:they are nigh on impossible to shift without a format(and a reinstal from image)and they can end up on a system via reputable vendors(Sony)This then opens a door to the nefarious nameless script-kiddies to rework the rootkit for their own ends.

  €dstowe 19:13 12 Nov 2005

? I don't understand your consternation.

If you install a backup that was made before any rootkit interference, the computer should be back to what it was before the "infection" took place. My point about incremental backups was to emphasise that there would be a known "good" backup and a number (possibly) of additions to that to bring the machine to a reasonably recent date - which is much more that you could possibly get with a format and re-install.

Never forget that, even after my almost constant nagging, many computer users are without a backup - including, it seems from today's news, Gatwick Airport.

  Chegs ® 21:18 12 Nov 2005

Your still missing the point.The rootkit gets installed by innocently playing a Sony CD,there is no mention of its installation in the EULA.This rootkit is then modified via the script-kiddie's.The poor mug (me/you/anyone with a Sony CD)only discovers its there,once the script-kiddie has wrecked your system/files or whatever.

This is why I amended my original post with the section within brackets to include reinstall from image.

My consternation is not at you,but at the vendors that use rootkit technology in the first place,in particular the poorly written code that appears to have been used in the Sony disc software.

Why we,as end users should have to be extremely cautious about so simple a thing as using a PC to play music really gets up my nose(although I dont actually use my PC to play CD's,only to receive the output from my CD player so I can rip the discs to use in my cars player)

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Alienware 17 R4 2017 review

Illustrator Sylvain Tegroeg created thousands of intricate line drawings for the mobile game…

Best iPad buying guide 2017

Comment télécharger une application indisponible en France ?