Jump to content

maybe some problems for starforce-like protections


Starlight
 Share

Recommended Posts

 

The problem there is that SONY did not tell customers that the CD's would install rootkit software on their computers. And hence got slapped for it.

Completely different to StarForce, and its methods.

dredd4hd0.jpg

---= 169th Panthers -Flt Lt.- =---

http://www.169thpanthers.com.au

 

tbdreddey7.png

AMD64 S939 3700 | 2GB Corsair DDR500 | 21" CRT

ATI Radeon X800Pro | 2x36GB WD Raptors | SB Audigy

TIR3 | TM-868 | X52 | CH Pedals | Creative 5.1 Spkrs

Link to comment
Share on other sites

The problem there is that SONY did not tell customers that the CD's would install rootkit software on their computers. And hence got slapped for it.

Completely different to StarForce, and its methods.

 

As I read it on this and other sources, the problem is that the DHS (Department for Homeland Security) and other Government agencies said that they don't want rootkit-like software running on user machines. The problem is that a bug in that layer of software will be extremely critical and will likely compromise systems' security. That means a higher chance of computer-hijacking, which would easily allow DDoS (distributed denial of service).

In today's cyberwars (not Massive Multiplay, I mean cyberwars between countries, they actually happen IRL) it's not very strange that a government enters the scene to ask for more security. A large-scale DDoS would hit todays economies like, if not more than, a terrorist attack. About two weeks ago the U.S. DoD sponsored a huge exercise against hacker attacks Vs main Internet facilities.

 

I'm quite sure that MS's "trusted computing" doctrine and other things like that have something to do with government's concerns.

 

BTW, also Symantec and other companies have been told to change their software which was installed in user PCs. So you see it's not just a matter of DRM or a matter of user-knowledge. It looks like that they don't want such critical software running on user machines.

The problem is that if all software producers embedded such low-level features as rootkits, users would have to care about the security of all this hidden software. It's not that trivial.

Link to comment
Share on other sites

Uh ... what a bunch of paranoia. First of all, any ... ANY driver will give youthat sort of priviledge elevation if its bugged. And you know what? ... graphics card and printer drivers are -far- more common than SF.

 

Completely baseless piece of paranoia.

[sIGPIC][/sIGPIC]

Reminder: SAM = Speed Bump :D

I used to play flight sims like you, but then I took a slammer to the knee - Yoda

Link to comment
Share on other sites

Uh ... what a bunch of paranoia. First of all, any ... ANY driver will give youthat sort of priviledge elevation if its bugged. And you know what? ... graphics card and printer drivers are -far- more common than SF.

 

Completely baseless piece of paranoia.

 

Hardware drivers work in a different way. Same level of privileges but different ways. Altering a driver you can alter I/O in HW registers, buffers and buses. Altering *software* that works at low system level can cause some other kinda problems.

It's just a matter of fact that security experts have found breaches in operating systems, rootkits but not in device drivers.

 

I don't have anything against SF itself, I'm happy for its devs that it works great. But as a CS student I'm really convinced that they solved the right problem in the wrong way... they took a shortcut that is dangerous.

 

BTW, why do you think that the DHS urged SONY and other companies to avoid rootkits et similia? just because they fear that many people may have their own photo albums "defaced" by some crackers? :)

 

There are impressive numbers of zombie PCs throughout the world, that can be activated for DDoS. While they are in some known countries, they can be somehow isolated, but if they are in your own country they become trojan horses. And cyberwars actually happen IRL. Call them as you like, but a huge hacker attack backed (or at least protected) by a certain country is a "cyberbattle".

Link to comment
Share on other sites

And exactly how hard it is to close the incoming port if it's being overloaded with traffic? Or even closing down an IP range? This is stuff you can do with most firewalls.

 

I would think that most developed countries have taken precautions against large scale attacks.

 

So stop reading Koontz, Dan Brown or whatever is making you go paranoid and just enjoy life.

ASUS P4T533-C|P4 3.06@3.45|1024Mb Kingston 1066 rambus|ATI 9.... *EDITED* - Listen to Mods!!!

Link to comment
Share on other sites

And exactly how hard it is to close the incoming port if it's being overloaded with traffic? Or even closing down an IP range? This is stuff you can do with most firewalls.

I would think that most developed countries have taken precautions against large scale attacks.

 

There are obviously hardware and software tools to deal with DDoS, but they are far from being perfect, they're not silver bullets. And it's still quite difficult to stop attacks when they come from different directions and with different means.

The problem with bugged software at low levels (OS and rootkits) is that it can be exploited as trojan horse, so usually safe computers can be used to start attacks. In this way IP-blocking would be useless.

 

So stop reading Koontz, Dan Brown or whatever is making you go paranoid and just enjoy life.

 

No paranoia, I've read things like that on computer magazines and online articles. Sometimes RL can be more challenging than sci-fi and techno-thrillers.

;)

 

Anyway I understand this may not be the place for such a discussion, it's goin' a bit OT.

Link to comment
Share on other sites

Well, if they forbid this, I guess it's fair to forbid Windows also :D

Whisper of old OFP & C6 forums, now Kalbuth.

Specs : i7 6700K / MSI 1070 / 32G RAM / SSD / Rift S / Virpil MongooseT50 / Virpil T50 CM2 Throttle / MFG Crosswind.

All but Viggen, Yak52 & F16

Link to comment
Share on other sites

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...