Security

General discussion

Locked

Not Just Sony to Blame - Security Companies' Catastrophic Failure

By secureplay ·
While it is easy and valid to blame Sony for this problem, where were our beloved, and well-paid security companies?

Rootkits are an old, well-known attack - why didn't Zone Alarm, Symantec, MacAffee, Computer Associates, or any of the others pick this up in the MONTHS that it has been out there?

This is either incompetence or collusion - neither should make someone who paid $70 + $20/year for a "security suite" to protect their computer happy.

The professional "security" industry created this problem and didn't detect it... shame on us all.


Steven B. Davis
CEO
IT GlobalSecure Inc.
http://www.secureplay.com/
http://www.playnoevil.com

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

good point

by cweitinger In reply to Not Just Sony to Blame - ...

One of things that make you go hmmmm.

Collapse -

not quite

by Absolutely In reply to good point

That's one of the things that makes me go "GRRRR"!

Collapse -

Little if any inderstanding

by graeme In reply to Not Just Sony to Blame - ...

Security companies can only react to threats, and what ever you may think, root kits by their very nature are written new daily and designed to have the operating system lie to the user and detection software.

If you do not want root kits installed, don't run the bloody operating system with admin rights.

Did you need admin rights to listen to Sonys Cds, not at all...however becuase the land of users, spelt with a silent L wants to be able to load software and do what they want, without really having much of a clue as to what is really going on, root kits, back doors and viruses will always find a home.

Don't want your machine infected, don't run with admin rights.

Take a look at a program called Morphine sometime...it takes existing viruses and re encodes them so NO anti virus scanner will detect it.....it is a scary world in the world of hackers....and it is only going to get worse.

If you really are a CEO of IT Global secure, then why does a security company not follow basic admin principles....why would you allow users to run with rights to be able to change regisrty settings, disable security programs and rewrite kernal modules.

Sony actually did the IT world a favour and put root kits into the spot light...but don't expect the security companys to make up for your failings as an Admin

Collapse -

Too damn slow.

by lastchip In reply to Little if any inderstandi ...

Security companies may only *react* to threats, but how long do they need?

This little trick was thrust upon us all months ago and it was only due to the talents of one researcher, we were all alerted to the problem.

Security companies are selling protection; where is the protection here?

Further, whilst your notion of not running with admin rights is unarguably sound, we are talking about a lot of home users, who pop a CD into their machine and run it. Most don't even know what admin means! Take it away, and they can't load software and all **** breaks loose. They think their computer is broken! How do you propose to overcome that?

You are looking at the problem as a professional, administrating a company network and there is little against your contribution. But in the main, it's not companies affected by this - at least, not those with a good policy and admin staff ;-)

Collapse -

foolish users then?

by jez In reply to Too damn slow.

This is all valid, users should be more aware of security and the benefits of running as a non-privelgded user and admins should not allow corporate users to alter the registry... all good,

BUT, the real world doesnt require a driving license for computers or compulsory training... (although maybe there should be), and users should be able to trust Sony not to shaft them witha rootkit and they should be able to trust that their firewalls and anti-virus software will not allow this kind of thing.

That is the reason there is so much action in the world of hacking and on-line crime... it is well known that most users havent got the basic knowledge to protect themselves, and therefore they will be taken advantage of.

I would like to point out that i have not got any sony or other root-kit on my machine. This is down to having the sense to ditch an OS that really does not know what security is.

Collapse -

blacklight

by PaRiGo In reply to foolish users then?

F-prot have a beta version of a program available that scans for rootkits called blacklight.

Collapse -

Don't Attack End-Users...

by juscelinoacevedo In reply to foolish users then?

lastchip is 100% correct when he states that "Most don't even know what admin means!" Most of you are looking at this from the wrong perspective. We are all IT professionals (I assume) and we are assuming that everyone with a computer knows what they are doing.

The problem is that Sony knew what they were doing when they created this rootkit and probably researched every component of all the different operating systems, otherwise they would not have taken such a risk.

Keep in mind that if it wasn't for end-users, including both home or corporate, we would not have jobs. An end-user would not call us for assistance if they knew what they were doing. So whether they are working with Admin rights or not does not really matter.

I say do your jobs as best as you can and make sure that your corporate network does not get infested, or be happy that home end-users are calling you to clean up their computers and paying you.

Collapse -

Leave that to Sony

by Absolutely In reply to Don't Attack End-Users...

"Keep in mind that if it wasn't for end-users, including both home or corporate, we would not have jobs."

I, for one, would have simply learned another skill, just as I learned IT: according to demand.

"An end-user would not call us for assistance if they knew what they were doing."

That's true, but does not in any way imply that your next sentence is true: "So whether they are working with Admin rights or not does not really matter."

Placement of the word "So" indicates that you assert a cause-effect relationship, which I challenge you to prove.

Collapse -

Why is anyone surprised at Sony?

by juscelinoacevedo In reply to Leave that to Sony

"I, for one, would have simply learned another skill, just as I learned IT: according to demand."

But you didn't learn another skill. You work in IT and (I'm assuming) you like it. Even if you learn a new skill it's the same thing; someone needs your help with something that they are not an "expert" at doing.

"Placement of the word "So" indicates that you assert a cause-effect relationship, which I challenge you to prove."

My point is that, in this case, Microsoft keeps attempting to make home end-users more comfortable with the operating systems, and up to this point the easiest thing to do is allow the user who does not know anything to work without frustration. Obviously, this leads to other issues, but like I previously stated, that's were we coming in.

There is no such thing as a perfect anything in this world and I honestly think that we, as hard working individuals, should discuss it, fix it, enjoy it, move on, and wait for the next issue.

Collapse -

Completely Agree

by cidermark In reply to Why is anyone surprised a ...

I'm both an experienced IT expert and an end-user. I shouldn't have to run my home PC without Admin rights. I take as much precaution as I can afford to prevent malicious people exploiting my PC. I don't expect a multi-million dollar/pound/yen company leaving rootkits on my PC that will allow spyware or malware on my PC. If they were up-front about their rootkit, i.e. a *BIG* warning on the cover of the CD case explaining that by playing a CD that you just paid ?15 for on your PC you could expose both yourself and your PC to abuse - I'm sure no-one would buy their stuff!

Related Discussions

Related Forums