The Last HOPE
-->
         
         
Email us! Subscribe to Liquidmatrix!

McAfee, Where’s Your Brain?

Author: Dave Lewis
May 15, 2006 at 9:53 am · Filed under Hacker

I found this article as I was stumbling around the void that is the internet. Back on April 17th “Does open source encourage rootkits?” was published on Network World. The core of this article is that McAfee believes that rootkits are a direct result of the open source community. You have got to be kidding me with this garbage.

“The predominant reason for the growth in use of stealthy code is because of sites like Rootkit.com,” says Stuart McClure, senior vice president of global threats at McAfee

The website he was referring to discusses code for rootkits. Now, if I was a ill intentioned bad guy I would not be posting my source code on a publicly available website. I’d be certain to keep it to myself. The assertion that this helps in the spread of rootkits is absurd. The same website can be used to help educate users and even anti virus companies. Lord knows that McAfee could use some help explaining the difference between Microsoft Excel and Adore rootkit.

Article Link

Tags: , , , ,

Tag It: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Slashdot
  • Technorati
  • SphereIt
  • StumbleUpon
  • Fark
  • YahooMyWeb
  • Furl
  • Spurl
  • Ma.gnolia
  • NewsVine
Related Articles:

  • McAfee ePolicy Orchestrator Buffer Overflows
  • Malicious Trojan Poses As McAfee Alert
  • Where’s Your Brain?
  • Auditor loses McAfee employee data
  • Microsoft Mind Reading Patents?

    • kurt wismer said,

    May 15, 2006 @ 12:47 pm

    if you were a bad guy you might not post your source code there, but you certainly might download their source code…

    more importantly, you might download the compiled binaries they include with the source code…

    according to greg hoglund (founder of the site in question), the ‘rootkit’ that his co-author (james butler) wrote and made available on the site has become one of the most deployed ‘rootkits’ in the world, and quite often the people who deploy it are using the exact binaries that are available for download from the site…

    regardless of their intentions (the road to a very hot place is paved with good intentions), they are arming the bad guys…

    gattaca said,

    May 15, 2006 @ 1:05 pm

    True enough. I just feel that bad people are going to do bad things irrespective of anyone’s intentions. I’m partial to having it out in the open to help better educate the user base. More often than not, the biggest vulnerability in computer security sits between the chair and the keyboard. If they can be better educated this can help to mitigate problems and hopefully avoid future scenarios such as the Sony rootkit debacle.

    Thanks for the comment.

    cheers

    kurt wismer said,

    May 16, 2006 @ 9:55 am

    frankly, the user base can be educated to the point of being able to protect themselves without sharing source code or compiled binaries for actual attack tools… the user base is not going to be writing their own search routines, they’re going to be using pre-built security tools… they need to know the nature of the threat but not necessarily the implementation of it…

    gattaca said,

    May 16, 2006 @ 1:46 pm

    Fair point. I’ve always been one for open dialogue. I’ve always been privy to exploit code and source code for most tools that I use. As a result I have not really been viewing this through the eyes of John Q User. The biggest problem is that I can see both sides of this issue. I guess I’ll have to agree to disagree. A point well taken nonetheless.

    RSS feed for comments on this post · TrackBack URI

    Leave a Comment