Bruce Schneier has an excellent article on Wired about Sony and its infamous root kit. What he highlights is something that's been nagging at the back of my mind: why did no anti-virus or anti-spyware software pick up on the root kit? And why was there such a delay in the response by security companies to the root kit?
It feels like the infamous “Good AIDS, bad AIDS” sketch in Chris Morris' Brass Eye, where a chat show host is initially warm and sensitive to someone who has AIDS, thinking he contracted it from a blood transfusion. When it's revealed he caught the disease from his boyfriend, the host becomes hostile and says it's his own fault he has the disease: he has “bad AIDS” not “good AIDS”.
It seems that the security companies have a similar attitude: if you get a root kit installed by a big company like Sony, then no matter what it does to your computer and what it leaves you vulnerable to, it's a “good root kit”, should be left alone and the user shouldn't even be warned about its effects.
If, on the other hand, the root kit comes from somewhere other than a partner company or a company that could sue you for interfering with its technology, it's a “bad root kit” and should be destroyed instantly, preferably with a simultaneous launch of a dozen press releases that proclaim security company x protects you against the nasty people out there that would mess around with your PC.
I wonder if it's possible to sue the companies for selling a product that fails to live up to spec. There must surely be a maximum time allowed between discovery of a threat and the release of a suitable virus definition that the companies stipulate. Worth looking at anyway.
Technorati Tags: security
;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
Leave a comment