GROKLAW

GROKLAW: "Just how deep does this betrayal of customers go? F-Secure, who was not part of the complicit agreement apparently and discovered the rootkit independently, according to Russinovich, explained on November 4 on their blog why rootkits are a security problem:

A member of our IT security team pointed out quite chilling thought about what might happen if record companies continue adding rootkit based copy protection into their CDs.

In order to hide from the system a rootkit must interface with the OS on very low level and in those areas theres no room for error.

It is hard enough to program something on that level, without having to worry about any other programs trying to do something with same parts of the OS.

Thus if there would be two DRM rootkits on the same system trying to hook same APIs, the results would be highly unpredictable. Or actually, a system crash is quite predictable result in such situation.

So imagine a situation where Joe Customer buys CD from label A and another CD from label B. Label A uses third party DRM from company X and Label B uses from company Y.

Then our user first plays one of the CDs in his PC, and everything works fine. But after he starts playing the second CD, his computer crashes and wont boot again. This is something I would not like to associate with buying legal CDs.

The Department of Homeland Security agrees. This IP protection is now threatening our security. How did everyone lose their sense of proportion? I earlier put a link to the audio of Stewart Baker, Department of Homeland Security Assistant Secretary for Policy, in News Picks, but what he said is so important, I wish to repeat it here:

'It's very important to remember that it's your intellectual property -- it's not your computer. And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days.

'If we have an avian flu outbreak here and it is even half as bad as the 1918 flu, we will be enormously dependent on being able to get remote access for a large number of people, and keeping the infrastructure functioning is going to be a matter of life and death and we take it very seriously as well.' - DHS Ass't Sec'y on Policy Stewart Baker

Copyright infringement is important to companies like Sony, of course, but if, when enforcing their rights, they end up exceeding their actual rights and endanger our lives in their quest to protect mere money, something is seriously out of balance. I also most sincerely hope that the DHS realizes the security value of the GNU/Linux operating system, as well as MacOSX. If the Department is relying exclusively on Windows, I am frankly terrified."