You Say Rootkit, I Say Tomato

from the double-double-speak-speak dept

Symantec is denying the assertion made earlier in the week that its Norton SystemWorks product installs a rootkit. Although the company acknowledged its existence, it denies it’s a rootkit, calling it instead a “hidden folder”. F-Secure, whose software picked up the rootkit hidden folder, says that the difference between what Symantec is doing and the Sony BMG rootkit is “ideological”, and isn’t anywhere as malicious since it can be turned off or uninstalled by the user. Symantec now says it’s working with some trade bodies to try to develop a definition of rootkit, and that the changing nature of malware makes hiding files no longer a viable option. All this talk still clouds the fact that the hidden folder could be used to cloak malicious files on someone’s PC — the exact sort of thing security software is supposed to prevent.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “You Say Rootkit, I Say Tomato”

Subscribe: RSS Leave a comment
DaveTheCripple says:

Big Deal

Wow… Big Deal, Systemworks installs a “hidden folder” that is easily found with the “show hidden folders” setting in view file types. This is nowhere to the point of %blah% that hides the folder from everything including cmd.exe. The whole intent was to hide nortons working, as lately there have been a slew of virii and malware programs that disable things (Microsoft Update, Adaware, AV’s, etc). Its quite easy for Systemworks to implment the hidden folder, so if a new virus was to expose it, whats to say another virus cant simply just make its OWN hidden folder!

cb says:

hidden files

If I pay for virus detection software or any software , then I should have the right to see any or all files or changes that the software makes to my computer. All changes or files added, register changes, etc… to your computer during a software add or change should be printed or available for you to see in either a hard copy or file format.

Is this to much to ask ?

Anonymous Coward says:

Re: hidden files

is it too much to ask for a choice of “to install software” or “not to install software”?

Symantec only installs if you choose to have the active features installed.

Sony’s software installs itself even if you tell it NOT to install anything at all — no matter if you do or do not agree with the EULA.

Symantec’s directory does not “Call Home” without you first asking it to — and in that case, it is doing what you have instructed it to do — it’s “LiveUpdate” checks for newer version of the symantec software you choose to install.

Sony’s software calls home and reports information about what is on your hard-drive — no matter who’s IP that data on your hard-drive belongs to.

Stu says:

Re: Re: hidden files

On the subject of “calling home” –
I wonder why Symantec/Norton Systemworks calls home every time I defrag or use the other functions of the software. They might say they just want to be sure I have the latest version of the component before I use it.
I say baloney. I can use Live Update or manually update it IF I want to. Calling home caused the software to boot very slowly while it phoned home.
I stopped it with my free Zone Alarm firewall, and everything Norton works just fine, and boots much faster.
It’s really not that big a deal. It’s the principle of the thing. It’s none of their damn business!!
Consumers are treated like prey.

Travis (user link) says:

Re: Re: Re:5 Spyware/ Virus/ Malware

drkkgt ftw
Malware/adware/viruses/whatever can be written just as easily for Linux as for Windows (yes Macs too). If it’s a string of 1s and 0s, it can be manipulated; I don’t care if it’s harder, easier, or just not as common, the security holes of any OS be exploited.
Granted, Linux isn’t as targeted as Windows, but the guys out there are targeting Windows because it’s Windows. If Linux was a pay-to-license, non-open-source OS and had as much market share as Windows, you better be damn sure people would target it just as much.

Anonymous Coward says:

Re: hidden files

Hey dumbass.

you do, MS hides files all the time, hence the “show hidden files” selection.

If they didn’t show the files after that selection was checked,then there would be an issue.

Maybe you should have the frame of mine to actually FIND your answers instead of asking someone to searve it up on a silver platter for you.

Anonymous Coward says:

Re: Re: Re:2 hidden files

You are so right. Microsoft has files that are hidden and REMAIN hidden even when you select the ‘show hidden folders’ option. Check this link if you don’t believe it!

Do NOT click the above link from “Dogstar”, it takes you to “” and will attempt to install several cookies and a virus onto your computer.

obviously “Dogstar” knew that and this is why he hid the URL by using a free forwarding service in his phishing-style attempt to get you to visit his anti-productive website.

Gumby says:

You don't even know what the folder was doing

This folder was used in the protected recycling bin in Norton System Works. It was not malicious, it was not ever used for any virus or trojan attacks, it was completely harmless. It was that it was hidden to the user so that they didn’t delete the backup data accidently, but the files within the folder were still accessible through the system works application. Don’t get me wrong, I absoluletly hate rootkits, but this doesnt come close to qualifying as one. Additionally, they have already released a patch which corrects the problem. The potential for any exploits or security threats has been eliminated, because the problem has ALREADY BEEN FIXED. Sony went seriosly wrong, but don’t take that as an opprotunity to jump on other corporations without first knowing at least the basics of whats going on.

Anonymous Coward says:

Re: Too all the grammar loosers

I dont kayr abowt grammer all thatt much. Itz just thet win peepel kommyunikait onlee in fonetix it mayks them look lyke reetardz.

So screw up your sentence structures all you want, just use the right friggin WORD. If I needed a heart transplant, but the doctor told me I needed a Hartz Trains Plant, even if it was in an email, i would find a new doctor.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...