Another story that hit my grumpy button is Growth in Internet crime calls for growth in punishment
, in which Mikko Hypponen, F-Secure's Chief Research Officer, calls for an "Internetpol" to deal with online crime. We wouldn't need an Internetpol if the so-called security companies would acquire some honesty and backbone and do their jobs. Instead they have this unhealthy dependence on the grand champion of enablers of Internet crime, Microsoft, and other big corporations. Want to get rid of 95% of online crime overnight? Banish every last Microsoft PC from the Internet, which will wipe out all the tens of thousands of Windows-powered botnets, and leave all those Internet crime rings high and dry, and without an easy way to get back in business.
You think I'm being mean to poor old F-Secure? You might recall how they gave Sony a free pass on their CD rootkit--F-Secure knew about it for a month before Mark Russinovich broke the story. If it were some foreign kid instead of a big corporation, you can bet they would have been all over it. To this day they soft-pedal it, and so do the other security vendors:
- F-Secure: "Although the software isn't directly malicious, the used rootkit hiding techniques are exactly the same used by malicious software to hide themselves. The DRM software will cause many similar false alarms with all AV software that detect rootkits."
- Symantec: "This rootkit was designed to hide a legitimate application, but it can be used to hide other objects, including malicious software."
- TrendMicro: "This hacking tool is a valid Digital Rights Management (DRM) software package developed by First 4 Internet Ltd. This software package is included as a copy protection mechanism for certain audio compact discs distributed by Sony BMG."
Speaking of Sony, one rootkit wasn't enough, so they released another one
"The software for the drive was written by Taiwanese company FineArt, and Sony is claiming that they had no knowledge of this particular rootkit and did not intend for it to be released."
That's innovation in quality control, I guess.
So the moral of the story is yes Virginia, it is a war.
Carla Schroder is the author of the Linux Cookbook and the Linux Networking Cookbook, and the managing editor of LinuxPlanet.
This article was first published on LinuxPlanet.com.