| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 63224 | 2005-11-02 07:36:00 | Sony CD's and rootkits | KatiMike (242) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 401391 | 2005-11-04 17:27:00 | Bump with a news update (www.theregister.co.uk) here. | SurferJoe46 (51) | ||
| 401392 | 2005-11-04 17:42:00 | Just a thought: Can we get a little clarity here on just what this rootkit mod is all about? 1) Can it be detected on cd's? IE, can I right click and 'EXPLORE' the cd and see the file? I want to know if they did this any significant time ago..before the cat got out. Are therefor any of my older cd's infected? 2) Is it really removable? 3) Is there too much to do over this or is it really harmful? 4) What's the chances that malcode writers can exploit this new hack? 5) Can this rootkit be used to MY advantage? Looks like I could hide a lot of stuff by adding the prefix "$sys$" to file names. One would need to decompile the root to even find it..right? (Question: did we use to call these "strings" in years past?) I admit that some of these questions are simplistic..but there's a lot of lookie-loos here that never post and just read...and they are all levels of users...some power users and some just push a button and use the puter. F1 has a very powerful bully pulpit here...the world reads this stuff and gets a lot of info froim this site. I see other sites quote info that they get from here all the time. It might be nice to forget personalities for a while and just chew on this invasion for those who don't know these things. It might be a good idea to mix some heavy tech with plain-vanilla English for the non-techs. |
SurferJoe46 (51) | ||
| 401393 | 2005-11-04 18:54:00 | In itself Sonys rootkit isn't doing any damage to your PC. Note I said damage. But any virus or whatever can take advantage of it to hide itself. Ghost is one way to keep your PC infestation free without having to resort to drastic measures or slow painful removal methods. The common view from what I've read is all the malware writers are going to start to do this sort of thing. After all, they don't want you to know about it and/or remove it, do they. Yes you could hide files with it - but whats the point? And then how do you find them? |
pctek (84) | ||
| 401394 | 2005-11-04 19:08:00 | Ghost is one way to keep your PC infestation free without having to resort to drastic measures or slow painful removal methods. Norton's Ghost? Surely not. ?? |
Strommer (42) | ||
| 401395 | 2005-11-04 19:12:00 | Norton's Ghost? Surely not . ?? . . . . yeah . . . I wondered about that too . . . . . but I will await more input! "Do not disassemble Johnny-5!" |
SurferJoe46 (51) | ||
| 401396 | 2005-11-04 20:00:00 | I have a comp inthe shop at the moment that on boot displays a warning that Nortons has detected a Rootkit, Surprised the pants off me (not a good look) Have put it aside untill I have time to sink my teeth into it...... |
Metla (12) | ||
| 401397 | 2005-11-04 22:23:00 | ... Yes you could hide files with it - but whats the point? And then how do you find them?Heres a likely scenario (far fetched but it could happen)... Someone utilises the Sony rootkit to install a logger or similar (utilising the $sys$ prefix) onto a machine using a pirated CD, CD looks authentic, has all the right sleeves etc; unsuspecting customer doesn't know any wiser... it may happen, it may not, it is however possible |
Myth (110) | ||
| 401398 | 2005-11-04 22:41:00 | Personally its no issue to me if hackers can exploit the sony endorsed rootkit or not, the fact that its a rootkit is bad enough on its own, Sony need to keep their scummy fingers away from the damn Kernal, its not as if their software skills are fantastic, whats going to happen when people have 4 or 5 root kits all running? Who suffers?, the poor fools who suported sony by purchasing the damn cd, and accepting DRM as viable. Damn record companies must be staffed by crack smoking chimps, who reserve their cunning stratigic desisions untill the 6th day of a week long bender. Damn bitches, Burn them at the f'n stake. Some **** just goes to far, Burn mofo's burn. |
Metla (12) | ||
| 401399 | 2005-11-04 23:17:00 | I dont know about calling you an egotist, but pathological fits you quite nicely Met's :rolleyes: | bob_doe_nz (92) | ||
| 401400 | 2005-11-04 23:27:00 | Norton's Ghost? Surely not. ?? Well yes. A nice clean ghost image. Install dodgy whatever - find out. Reghost with nice clean image. SImple. |
pctek (84) | ||
| 1 2 3 | |||||