Slash Boxes
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

tagg (277)

  (email not shown publicly)

Lars Thegler works for a danish telco, hacking Perl, and then some...

Journal of tagg (277)

Thursday November 17, 2005
02:59 PM

Without a blip

[ #27617 ]

Bruce Schneier makes a very interesting point: Why did none of the PC anti-virus products discover the Sony rootkit? It has been around for over a year, so it seems these security vendors are either 1) incompetent or 2) willingly looking the other way. Even though you should never attribute to malice that which can be adequately explained by incompetence, this not an industry you would want to entrust with the security of your computing platform.

Now, this is far from the first time that the security industry is caught with its hand in the cookie jar, but this is a new twist. Where is Rob Rosenberger when you need him?

This comes to mind:

The huge yellow somethings went unnoticed at Goonhilly, they passed over Cape Canaveral without a blip, Woomera and Jodrell Bank looked straight through them - which was a pity because it was exactly the sort of thing they'd been looking for all these years.

Or so we thought...

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
More | Login | Reply
Loading... please wait.
  • Interesting comment on the Schneider blog:

    It's worth considering that companies like McAfee and Symantec might be very wary of declaring this as "bad" code and removing it lest Sony sue them under the DMCA for tampering with their DRM. I fully expect this will not be the last time this will happen.

    Posted by: David Durant at November 17, 2005 09:45 AM

    How about that for an innovative use of the DMCA...
    • Well seen. So now, due to the US entertainment industry lobby's influence on US lawmaking, we have direct computer security consequences that impacts globally. Not that I ever doubted that, but it's not often as clearly highlighted as here.