Why Didn't Security Firms Catch Sony BMG's Rootkit Earlier?
from the good-question dept
Bruce Schneier has written up an article for Wired News that highlights a very important question that has been totally ignored throughout the whole Sony BMG rootkit fiasco: how come no security applications caught the rootkit until after there was all this publicity about it and Sony gave them the code to find and remove it? It makes you wonder just how many other, malicious, offerings these firms are missing as well. Schneier blames the security companies for making the assumption that just because it's from Sony and had a "legitimate" purpose, it was safe -- which is a pretty big problem. Of course, another explanation is that many security firms are having difficulty keeping up with all the security vulnerabilities out there. None of these programs is yet able to be a comprehensive offering. That's why so many of us have to run multiple security programs to have a chance at protecting a computer.