Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: master
Fetching contributors…

Cannot retrieve contributors at this time

7 lines (6 sloc) 2.396 kb
---
timestamp: 2005-11-17 09:02:34
title: trust no one
tags: ubuntu, security
id: 17
content: <p> Bruce Schneier is quite perceptive in his <a href= 'http://www.wired.com/news/print/0, 1294, 69601, 00.html'>article about the Sony rootkit debacle</a>. His main point is that anti-virus companies should have known (and probably did know) about how this nasty little exploit was spreading, but it was only after it became a publicized issue that they started classifying it as dangerous and removing it. </p> <blockquote> Symantec's response to the rootkit has, to put it kindly, evolved. At first the company didn't consider XCP malware at all. It wasn't until Nov. 11 that Symantec posted a tool to remove the cloaking. As of Nov. 15, it is still wishy-washy about it, explaining that "this rootkit was designed to hide a legitimate application, but it can be used to hide other objects, including malicious software." <br /><br /> The only thing that makes this rootkit legitimate is that a multinational corporation put it on your computer, not a criminal organization.</blockquote> <p> I used to at least try to recommend something when my 'doze-using friends would ask for advice on how to protect their machines. But now I'm not sure that I can do so in good conscience. </p> <p> On a different note, I got set up with <a href='http://gizmoproject.com'> the Gizmo project</a>. I've tried out Skype and wasn't terribly impressed with their client, but what really turned me off was the fact that their communications protocol is completely closed. (Kind of like the way email used to be closed when Compuserve users couldn't email AOL users or Delphi users and vice versa.) Gizmo uses SIP, which interoperates with most other VOIP providers free. (<a href='http://www.michaelrobertson.com/archive.php?minute_id=192'>More details about why open networks are good.</a>) </p> <p> It's not perfect; running a separate program just for voice is a bit annoying. But it'll do until <a href='http://gaim.sf.net/summerofcode'>Gaim 2.0</a> comes out with all its Summer-of-code goodness. If you want to talk, my screen name is <i>technomancy</i>. </p> <p> If you're on GNU/Linux and access remote hosts over SSH a lot, <a href = 'http://ubuntu.wordpress.com/2005/10/28/how-to-mount-a-remote-ssh-filesystem-using-sshfs/' >sshfs</a> looks to be a lifesaver. Finally I can ditch tramp. </p>
Jump to Line
Something went wrong with that request. Please try again.