Friday, February 17, 2006
The brilliant Matthew Murphy finds that Microsoft's severity rating system is rather flawed. In this analysis of the MS06-006 vulnerability rated "important" by Microsoft, Murphy posts a proof of concept to prove how serious -- and easy to exploit -- the bug really is.
Thursday, February 16, 2006
Wednesday, February 15, 2006
Sunday, February 05, 2006
Greg Hoglund, one of the guys who (literally) wrote the book on rootkits, makes the argument that it's OK to use rootkits in commercial software:
If you want my opinion, my opinion is this: Let Symantec, Kaspersky, F-Secure, and all the others use rootkit technology, it only makes their anti virus products more effective. Let anti-spyware companies like Sunbelt use rootkits against rootkits. Use fire against fire. I don't agree w/ people who say such approaches take away an administrators capability to administer a box. To solve the administrator problem, you only have to do one thing: Treat your rootkit features as a black box and uninstall them with the rest of your product. If an administrator doesn't want your product, then he can uninstall it. You aren't taking anything away.