Rootkits part II: what does a rootkit look like?


The Sony DRM rootkit drama lives on and a new question is being asked. "Why didn't security vendors catch the problem sooner?" An interesting question, indeed. According to the PCWorld article, F-Secure, security vendor in Finland, was aware of the problem before Mark Russinovich blogged his findings. There were two very big challenges, the first being the DRM software was hidden, or cloaked, by a rootkit. By definition, from wikipedia, a rootkit is "intended to conceal running processes, files or system data, which helps an intruder maintain access to a system without the user's knowledge". Rootkits part II: what does a rootkit look like? | Spyware Confidential | ZDNet.com

Linked by shanmuga Monday, 5th December 2005 7:10AM