Wednesday, December 21, 2005

Schneier on Security: Sony's DRM Rootkit: The Real Story

In his summary story after the Sony malware fiasco, Bruce Schneier wonders: "What do you think of your antivirus company, the one that didn't notice Sony's rootkit as it infected half a million computers?"

Further, he is trying to claim that "this is exactly the kind of thing we're paying those companies to detect -- especially because the rootkit was phoning home."

Guess what? No! I think the dirty secret of the AV is that the answer is "no." I think every prudent computer user should run their computer(s) with an assumption that if they are hit with anything non-standard or innovative, their anti-virus will not save them.

In reality, it might save you sometimes, but you certainly cannot rely on it.

Dr Anton Chuvakin