Mark Russinovich, over at Sysinternals, has declared victory over the rootkit embedded in the CD’s Sony has distributed. And, as Bruce Schneier points out in his excellent analysis, Mark has reason to be happy. It’s David v. Goliath. However, it’s not a total victory. There are untold numbers of machines still infected with the Sony…
Category: Security
Firestorm over Sony DRM continues
So, just what was Sony thinking? Now that the first class-action lawsuit has been filed in California, I’m sure more details on that topic will eventually emerge. Since Sony licenses the software from First 4, it may not have known all of the niceties of just how the software worked. I would not be surprised…
More on Sony DRM problem
My major problem with the Sony DRM I wrote about yesterday is the lack of consent on the part of the user. The terms of the Sony EULA are posted here. Nowhere does Sony advise that even if you uninstall the software using normal procedures that there are hidden bits that remain. Further, the fact…
Sony CD contains DRM that can’t be removed
Here’s a link to a fascinating article by Mark Russinovich detailing his process in detecting the DRM on his computer installed with a Sony music CD that uses rootkit technology to hide its existence. It’s the same process used by a lot of malware to hide their existence. Bad, Sony. Bad, bad bad.
Excellent article on responses to Phishing
Here is an excellent article on the response taken by a bank (whose identity is kept anonymous in the article) to a Phishing attack. (Link courtesy of beSpacific)
Microsoft: Damned if you do.
The patches that Microsoft released for a security flaw are partly to blame for the recent Zotob virus outbreak. As noted in many places, among them being This Week in Tech, hackers reverse engineered the patches to determine exactly where the security flaw was and released the Zotob virus within *THREE DAYS*. Microsoft is damned…
Spyware part of ID Theft Ring
This is very, very disturbing. An article over at Eweek claims that the spyware called CoolWebSearch is actually a keylogger. A test by a spyware removal company found that the program is sending passwords, user names and bank account information to a server in Texas. The FBI has been notified, but the article does not…
Must Read: Inside the Cisco/Lynn Controversy
For those of you who don’t know, Michael Lynn gave a speech at the Black Hat conference in Las Vegas on July 26th that has erupted into controversy. The topic? A revelation of the vulnerabilities in the Cisco routers that are the backbone of the Internet. He had to quit his job before doing it,…
Another reason to keep updating your security software
From CNet News: The attackers typically lure people to the malicious sites by sending enticing e-mails and instant messages. When a victim clicks on a link, the computer becomes infected. In one case, a greeting card was displayed and a tune played in the background while spyware was being installed on the compromised PC,Websense said….
FBI shuts down BitTorrent server today – the first criminal action against BitTorrent
The FBI earlier today raided the “Elite Torrents” BitTorrent network, shutting down its core server. Anyone accessing the site now receives the message “This Site Has Been Permanently Shut Down By The Federal Bureau of Investigation and U.S. Immigration and Customs Enforcement.” The site had been one that was sharing the new Star Wars release,…