Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Public Teleconferences
Join CIO Executive Council members and participate in the following live one-hour teleconferences:
* Transforming IT Teams
September 16
* Global CIOs: How to Lead on the World Stage
September 18
* Social Responsibility's Strategic Benefits
October 29
Apply today for a FREE subscription to CIO Magazine!
January 12, 2006 — CIO —
The Windows operating system expert who exposed Sony BMG Music Entertainment use of "rootkit" cloaking techniques last year is now criticizing security vendors Symantec and Kaspersky Lab Ltd. for shipping software that works in a similar manner.
Mark Russinovich, chief software architect with systems software company Winternals Software LP, says that the techniques used by Symantec’s Norton SystemWorks and Kaspersky’s Anti-Virus products are rootkits, a term usually reserved for the techniques used by malicious software to avoid detection on an infected PC. There is "no good justification," for the use of such techniques, Russinovich said. "If the vendor believes that the implementation of their software requires a rootkit then I think they need to go back and re-architect it."
Both Symantec and Kaspersky concede that they have shipped software that hides information from system tools, but told IDG News Service they disagreed with Russinovich’s use of the term rootkit, saying that because their software was not designed with malicious intent, it should not be lumped into the same category.
Still, both companies appeared sensitive to Russinovich’s criticism.
Symantec on Tuesday issued a patch to SystemWorks that disabled the cloaking feature. And on Thursday, a representative from Kaspersky said that it was possible that his company could take similar action. "I don’t know whether we’ve got a plan to do that, but that’s obviously one thing that we could do here," said David Emm a senior technology consultant with Kaspersky.
Unlike Sony’s XCP (Extended Copy Protection) software, the Symantec and Kaspersky products do not cloak the fact that certain pieces of software are running on the computer. Instead, they hide data.
Symantec’s Norton SystemWorks PC-tuning software uses cloaking techniques to hide a directory of backup files. This technique has been employed by SystemWorks since the 1990s in order to prevent users from accidentally deleting these files, according to Vincent Weafer, senior director for development for Symantec Security Response.
Symantec issued the patch because hackers could conceivably use the SystemWorks cloaking capability to hide files on the system. Weafer described this possibility as a "low risk" threat, saying that most security software would be able to detect these cloaked files. "The intent of this feature was for good," he said. "But we need to look at these technologies and say, ’What is the potential for harm?’ Even if it’s a low risk, the right thing to do is remove them."
Kaspersky’s use of cloaking software is more recent. With v
Forrester Reports 321% ROI Through Device-Based Fraud Management
Document Management 2.0 -- Web-based Collaboration and the Road to Compliance
Oxford International Modernizes Vehicle Order Management System for Leading European Automaker, an IBM Case Study
HD Supply Facilities Maintenance Turns to Hubspan for Rapid Business Process Integration and End-to-End Visibility Across Supply and Demand Chains
Riverbed Raises the Ante Again in WDS with RiOS 5.0
The New Service Desk: Anytime, Anywhere Incident Response
Best Buy Webcast
Driving e-Business Adoption: Multi-Channel Selling and the Keys to Success
Zen Master Series - The Transformation of Application Development with Ascendant Technology
Enterprise Content Management: From Strategy to Solution
Optimizing Wide-Area Data Services Webcast
Integration as a Service: Are you connected?
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
At 10, Google Reiterates Commitment to CIOs
Nokia Adds Address, Calendar Sync to Ovi
Oracle Said to Be Making Progress on Fusion Apps
Libertarian Barr, EPIC Outline Privacy Agenda
As Google Turns 10, Enterprise Success in Question
Innovative Thinking Gets a Kick in the Pants
Disk Storage Drove Ahead in Q2
MySQL Cofounder May Resign
VMware Virtual Servers Get 5X Faster Shadow Copy With V2 of Vreeam Backup
Browser War Redux, Patch Time, IPod News
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
