Monday, May 02, 2005

Seltzer on Rootkits

I received a link to Larry Seltzer's new article on rootkits this morning. It's dated 20 April, so why do I mention it?

While the article comes across as a "too-little-too-late" rehash, I do think that it is important to keep these things in the mind and eye of the public. However, I think that it's important to do so with some responsibility. The article starts down that road by mentioning that, oh, yeah, by the way...for a rootkit to take hold, it first has to get on your system. Yeah, well...ok, so most normal users may not really be aware of that.

The article also mentions the Strider Ghostbuster tool from MS...but makes no mention of the fact that this tool really isn't available. Note that the article clearly states that the tool " by listing..."...rather than "will work" or "should work". Either way, the article easily misleads the reader.

Is there a cause for fear? Yeah, sure...without a doubt. But that fear should be tempered with knowledge. The fear should not be so much that it causes fear and paralysis...with knowledge, that fear should be akin to that nagging feeling you get when you're leaving your house in the morning. Did I remember to turn off the stove? Did I turn off the water in my sink? Did I remember to wear pants?

No comments: