Bruce Schneier makes a very interesting point: Why did none of the PC anti-virus products discover the Sony rootkit? It has been around for over a year, so it seems these security vendors are either 1) incompetent or 2) willingly looking the other way. Even though you should never attribute to malice that which can be adequately explained by incompetence, this not an industry you would want to entrust with the security of your computing platform.
Now, this is far from the first time that the security industry is caught with its hand in the cookie jar, but this is a new twist. Where is Rob Rosenberger when you need him?
This comes to mind:
The huge yellow somethings went unnoticed at Goonhilly, they passed over Cape Canaveral without a blip, Woomera and Jodrell Bank looked straight through them - which was a pity because it was exactly the sort of thing they'd been looking for all these years.Or so we thought...
It's worth considering that companies like McAfee and Symantec might be very wary of declaring this as "bad" code and removing it lest Sony sue them under the DMCA for tampering with their DRM. I fully expect this will not be the last time this will happen.
Posted by: David Durant at November 17, 2005 09:45 AM
Re:Illegal to remove?
tagg on 2005-11-17T21:50:53
Well seen. So now, due to the US entertainment industry lobby's influence on US lawmaking, we have direct computer security consequences that impacts globally. Not that I ever doubted that, but it's not often as clearly highlighted as here.
