Trusting software: Open-source or closed-source, it's the same issue


We start with a quick look at the recent Sony debacle from the perspective of trust. In this case, a big name corporation intentionally and covertly installed a rootkit (and really, that was just the beginning of this ordeal) on an estimated million or more Windows machines worldwide. If you trusted them, and more specifically trusted their software to run on your computer because they were Sony, your security was compromised. Most importantly, before this event occurred and was made public, anyone bringing up the idea of a big company like Sony doing something like this might have sounded like a conspiracy theorist.

I-O Data recently shipped some portable hard drives that were infected with a Windows backdoor. Whether this was the result of poor security on a development network, or an intentional ploy by a developer, we will probably never know. There are many more examples. In the past, even big name companies like Microsoft shipped CDs infected with the WM/Wazzu.A macro virus, and also hosted infected documents on their Web site. This doesn't happen very often, but it's still a concern. Trusting software

Linked by shanmuga Wednesday, 7th December 2005 9:40PM