It looks as though the uninstaller as claimed last night, does have more serious implications than the original rootkit, in Sony’s continuing DRM nightmare. Basically, the uninstaller will allow any web page to run arbitrary code and or remotely control your pc. Which is sort of the holy grail of remote exploits. The ActiveX control called CodeSupport that is required to get the uninstaller is the culprit here. It remains on system after uninstall and is marked safe for scripting.
Category: Computers
-
FTC’s message to Enternet Media has not quite sunk in…
In spite of the FTC’s raid of Enternet Media and charges against them for various details such as deceptive install practices, unfair installation of code, failure to disclose nature of bundled software and furnishing code to others that interferes with the use of the computer… well, Enternet Media seems to be proliferating their wares just fine… in spite of a temporary restraining order. According to Spyware Confidential there are still downloads of searchmiracle/elitebar as written up here.
-
SONY DRM rootkit – the gift that keeps on giving
Well… I said, more legs than a centipede for this one…. It looks as though the uninstaller from Sony is an activex control that may have some SEVERE security implications. The ActiveX invokes a command to reboot the computer (RebootMachine). (Which is likely remotely exploitable). Also it appears to use an (InstallUpdate) download which could be exploitable AND if that’s not enough, a n ExecuteCode function which could crash the browser. It should be noted that the ActiveX uninstaller REMAINS ON THE SYSTEM after the SONY DRM ROOTKIT is removed, meaning that these functions would be available for remote exploit even after the XCP software is uninstalled.
-
New Sober virus variant coming
This is unusual, but there is advance notice from the Bavarian Police warning about a new variant on the Sober worm which will be released tomorrow. More information can be found at f-secure, as well as sunbeltblog.
-
$100 notebooks for schoolkids around the world likely will run linux
I was reading that Apple had offered free copies of OSX for the $100 laptop project aimed at bringing cheap laptops to schoolkids in the developing world and in some cases even here in the US. They don’t have the price down to $100 yet, but OSX was rejected because it isn’t open source, apparently the designers want an Open Source OS to work with so they can tweak and tinker with it.
-
VNC or Tightvnc for remote pc access
I was surprised to do a search and find that I haven’t mentioned tightvnc before (or even merely VNC as a useful tool.) Ok – here’s the scenario, you need a way to get remote pc access, or remotely view a desktop, maybe it’s a Windows machine and you’re using a Mac? Or Maybe it’s a Mac and you have a linux desktop? Or a Linux server from a Windows machine? Most of the time in the Windows to Windows remote control area the choice becomes either Remote Desktop, or PCAnywhere. There are other options though. One that I’m particularly found of is TightVNC, which is an implementation of the VNC protocol (VNC stands for Virtual Network Computing).
-
Part 2 of the Mandrake or Mandriva 2006 review
I’m still not used to the name Mandriva, Mandrake is just what I remember… anyway, mandrake.tips.4.free.fr has the second part of their mandriva 2006 review up. It sounds as though in the last week the iso’s of the free edition are now publicly available as well. This time around special attention is paid to hardware support, and multimedia capabilites focusing on image handling/editing software.
-
CJB sites spawning spyware downloads?
You might be cautious visiting the free sites at cjb.net according to the sunbelt blog many of them are unwittingly providing spyware downloads to users. The download is for a 180solutions pest. If you have a free cjb site, you would be well served to test your page to see for yourself what your visitors may be greeted with.
-
Winrar and rar updated to patch vulnerabilities
Incidents.org is reporting on the release of a new version of winrar and rar (3.51) to address security issues discovered by secunia.
As always if you use it, go get the update.
-
Top 10 linux sysadmin utilites
There is an interesting article at Linux.com on the top ten administrator utilities in linux. Titled “My sysadmin toolbox” it goes into some detail on some of the good standby’s that if you’re interested in learning command line linux, you ought to take a look at. The one that I hesitate on is pwgen which is a utility for generating random passwords. I’ve always read that if you can create the password with a program, it can be broken the sameway. However, I bet the passwords generated with pwgen are better than those that most users pick out (fred or mynewcar for example…)