Other
Commentary
1/19/2006
10:08 AM
Commentary
Commentary
Commentary
50%
50%

Getting To The Root Of Rootkits

Listen to a podcast version of this newsletter


In This Issue:
1. Editor's Note: Getting To The Root Of Rootkits
2. Today's Top Story: RFID
    - Survey: RFID Production To Increase 25-Fold In Four Years
    - Wal-Mart Tests RFID Data-Sharing Project
3. Breaking News
    - Unofficial Firefox For Intel Macs Debuts
    - Microsoft Allows Production Use For WinFX Workflow, Web-Services Code
    - Is Your Computer Killing You?
    - 10 Tips For Protecting Sensitive Enterprise Data
    - Cingular Unveils Budget Smart Phone
    - Spyware Prevention Strategies, Part 2: Offense And Defense
    - Sprint Increases Investment In WiMax Competitor
    - Indian Outsourcer Wipro Outpaces U.S. Rivals With 33% Quarterly Growth
    - Blackmailers Behind Attack On Million-Dollar Site
    - Salesforce.com Brings Big Names Into New Apps Marketplace
    - Amazon.com Search Engine Adds People Search
    - Is Apple Considering An IPod Phone?
4. Grab Bag: 160-Gbyte Notebook Drive
5. In Depth: The Latest In Security
6. Voice Of Authority: Nanotech
7. White Papers: On-Demand TCO
8. Get More Out Of InformationWeek
9. Manage Your Newsletter Subscription

Quote of the day:
"Son, always tell the truth. Then you'll never have to remember what you said the last time." -- Sam Rayburn


1. Editor's Note: Getting To The Root Of Rootkits

The futility of today's model for antivirus protection is fairly obvious. Plug one hole in the dike and another will sprout. Pretty soon, you're running out of fingers and toes to hold back the flood. It gets worse. Attackers without the skill to create their own malicious hacks can outsource their dirty business to others who will write the code for them and then offer services that keep these rootkits from being detected.

One of the most prominent rootkit suppliers is the Hacker Defender site, which I learned about during an interview with Herbert Thompson, Ph.D., chief security strategist for Security Innovation Inc., a provider of application security services. Worse than simply selling rootkits to the masses, Hacker Defender also offers anti-detection services that will help ensure that its rootkits aren't detected by antivirus and other malware-prevention software.

These third-party rootkits could be used by an employee who's about to leave an organization or someone who thinks he or she will be fired and would love to keep control within a network, Thompson told me. It's incredibly difficult for law enforcement to gather evidence against someone selling hacks or botnets, unless they slip up somehow. "If they are doing it from their house, they are traceable; but what about if they're doing business from kiosks or libraries?" Thompson asks.

When I asked Thompson how a site trying so hard to protect its identity (the person running the site refers to himself only as Holy_father) could collect for its services, he told me that the answer is E-gold. Excuse me? He told me about one West Indies company, E-gold Ltd., that doesn't possess any national currency of any nation and has no bank accounts. "They don't trade in any sovereign currency, so they avoid the scrutiny of the Secret Service," Thompson says.

Like most tech pros who make a living selling security to defend against attacks, Thompson couldn't give me a good explanation of why someone would trade in malicious code, other than to make money. Of course, if you're that skilled a programmer, there are lots of ways to make money. I decided to bless myself and E-mail Holy_father.

To my surprise, he actually got back to me within a few hours. HF claims that it's because of his work--he launched the site in 2002--that so many people even know what a rootkit is. Of course, he had a lot of help from Sony.

HF's contention is that antivirus companies benefit from keeping their customers just one step ahead of the next big malware attack. In other words, why bother to invest the time and money creating a revolutionary anti-malware engine when companies are willing to pay to upgrade regularly? Sounds to me like he's accusing the software market of complacency. I suppose he wouldn't be the first. What's your take? Are the software companies being complacent? Is there anything the white hats can do to win the chess match? Please reply at my blog entry.

While the rootkit debate rages, security flaws and patches abound. For the latest insights, check out today's In Depth report.

Larry Greenemeier
lgreenem@cmp.com
www.informationweek.com


2. Today's Top Story: RFID

Survey: RFID Production To Increase 25-Fold In Four Years
By far the biggest RFID segment will be supply-chain management, the In-Stat survey says.

Related Story:

Wal-Mart Tests RFID Data-Sharing Project
Using EDI, the company will be able to know when products are on their way from suppliers.


3. Breaking News

Unofficial Firefox For Intel Macs Debuts
In other Firefox news, the first alpha for Firefox 2.0 is due out next month.

Microsoft Allows Production Use For WinFX Workflow, Web-Services Code
Microsoft green-lighted solution providers and ISVs to use the WinFX workflow and Web-services code in production well before Windows Vista ships. WinFX is a key component of Vista.

Is Your Computer Killing You?
Ten ways that the computer can hurt your body, mind, and the environment, and what you can do to minimize the damage.

10 Tips For Protecting Sensitive Enterprise Data
Pending legislation holds companies responsible for data system compromises. How prepared is your organization?

Cingular Unveils Budget Smart Phone
The $199 device is based on Windows Mobile 5.0 but supports only Cingular's Edge network and not the emerging, faster UMTS/HSDPA network.

Spyware Prevention Strategies, Part 2: Offense And Defense
Now that your system is clean of spyware--as explained in Part 1--these methods will help you keep it that way.

Sprint Increases Investment In WiMax Competitor
The company has invested another $10 million and is testing IPWireless' UMTS TD-CDMA wireless broadband technology in Washington, D.C.

Indian Outsourcer Wipro Outpaces U.S. Rivals With 33% Quarterly Growth
Wipro Technologies also said net income jumped 25% for the quarter, while earnings per share increased 24%.

Blackmailers Behind Attack On Million-Dollar Site
The British college student who launched an ad gimmick on the Web that took in $1 million in a few months has received threatening letters from blackmailers apparently behind a massive denial-of-service attack.

Salesforce.com Brings Big Names Into New Apps Marketplace
Adobe, Business Objects, and Skype will offer their applications through Salesforce's new AppExchange site.

Amazon.com Search Engine Adds People Search
Through a new deal with Zoom Information, Amazon.com's A9 search engine provides free summaries describing a person's work history, education, and accomplishments.

Is Apple Considering An IPod Phone?
Apple Computer's recent trademark applications hint that's where the company may be going, but a Gartner analyst gave the speculation "low priority."

All our latest news

Watch More News

In the current episode:

John Soat With 'Microsoft's Back Yard'
Microsoft releases Vista security patch already, pushes back next upgrade for Windows XP, and more.

Eric Chabrow With 'Manage This!'
The number of IT managers is on the rise, but overall IT employment numbers are down.

Peter Gorenstein With 'Exercising To Death'
Gaming company GameRunner integrates exercise with first-person shooter games.


4. Grab Bag: 160-Gbyte Notebook Drive

Seagate Ships 160-Gbyte Notebook Drive (PC Pro)
Seagate has begun shipping its 160-Gbyte notebook drive using perpendicular recording technology. The drive, the first in its Momentus line using perpendicular recording, was disclosed in June. Six months later it has now hit the channel, and Seagate still claims it's an industry first.

Cisco Latest Tech Giant To Eye Consumer Market (TechNewsWorld)
Cisco is apparently bidding for end-to-end coverage, recognizing that converged networks will be the means to deliver a broad range of services and wanting to control as much of what goes on at both ends of the pipeline as possible, telecom analyst Jeff Kagan told the E-Commerce Times.

Feds Probe Sale Of Personal Phone Records (USA Today)
Federal regulators are investigating whether telephone companies are doing enough to keep customers' records from falling into the hands of unscrupulous online data brokers.


----- The latest research, polls, and tools -----

New From InformationWeek: Get Your News In A Flash--Literally
InformationWeek.com's latest service is automated E-mail news flashes. You pick the topic and the frequency (real time, daily, or weekly) and we'll do the rest. Sign up by following the link below and be one of the first to take advantage of this latest service.

-----------------------------------------


5. In Depth: The Latest In Security

Windows Wi-Fi Flaw Lets Others See Your Stuff
Windows XP and 2000's techniques for looking for wireless connections can be used by attackers to read unsuspecting targets' hard drives.

Symantec's DeepSight Warns Of Targeted Attacks
Symantec updated its DeepSight Threat Management System on Monday to provide customers with warnings of attacks specifically targeting their Internet domains.

Microsoft Refutes Windows 'Back Door' Claim
Microsoft has denied allegations that the Windows Meta File bug is actually a "back door" planted by the company's developers so they could secretly access users' PCs.

Exploit Loose For Veritas NetBackup Bug
Symantec on Tuesday warned users of Veritas NetBackup that a new exploit of a months-old bug is on the prowl and recommended that administrators patch promptly.

Microsoft Posts First Windows Vista Security Fix
The patch fixes a bug in how Windows' graphic rendering engine processes Windows Meta File images.


6. Voice Of Authority: Nanotech

Business Technology: Nanotech Nannies Threaten To Cripple Industry
Let's not let the drive to regulate interfere with reasonable advances as a promising technology takes off, Bob Evans says.


7. White Papers: On-Demand TCO

TCO Of On-Demand Applications For SMBs And Midmarket Enterprises
This study by the Yankee Group looks at the total cost of ownership of deploying and integrating CRM and ERP/accounting applications. Learn how on-demand solutions are changing the IT landscape in small businesses and midmarket enterprises and how these solutions affect your TCO.


8. Get More Out Of InformationWeek

Try InformationWeek's RSS Feed

Discover all InformationWeek's sites and newsletters

Recommend This Newsletter To A Friend
Do you have friends or colleagues who might enjoy this newsletter? Please forward it to them and point out the subscription page.


9. Manage Your Newsletter Subscription

To unsubscribe from, subscribe to, or change your E-mail address for this newsletter, please visit the InformationWeek Subscription Center.

Note: To change your E-mail address, please subscribe your new address and unsubscribe your old one.

Keep Getting This Newsletter
Don't let future editions of InformationWeek Daily go missing. Take a moment to add the newsletter's address to your anti-spam white list:
InfoWeek@update.informationweek.com

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. Thanks.

We take your privacy very seriously. Please review our Privacy Policy.

InformationWeek Daily Newsletter
A free service of InformationWeek and the TechWeb Network.
Copyright (c) 2006 CMP Media LLC
600 Community Drive
Manhasset, N.Y. 11030

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.