Conversation

Notices

Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 29-Jul-2024 09:58:46 JST Haelwenn /элвэн/ :triskell:

Kind of fun how I've seen few posts of people realizing that the kernel level anti-cheats could cause Crowdstrike levels of disasters as well.

Well yeah, don't fucking install rootkits, it's like a ton of people forgot https://en.wikipedia.org/wiki/Sony_rootkit
In conversation about a year ago from queer.hacktivis.me permalink
Attachments
1. Domain not in remote thumbnail source whitelist: upload.wikimedia.org
  
  Sony BMG copy protection rootkit scandal
  
  In 2005 it was revealed that the implementation of copy protection measures on about 22 million CDs distributed by Sony BMG installed one of two pieces of software that provided a form of digital rights management (DRM) by modifying the operating system to interfere with CD copying. Neither program could easily be uninstalled, and they created vulnerabilities that were exploited by unrelated malware. One of the programs would install and "phone home" with reports on the user's private listening habits, even if the user refused its end-user license agreement (EULA), while the other was not mentioned in the EULA at all. Both programs contained code from several pieces of copylefted free software in an apparent infringement of copyright, and configured the operating system to hide the software's existence, leading to both programs being classified as rootkits. Sony BMG initially denied that the rootkits were harmful. It then released an uninstaller for one of the programs that merely made the program's files invisible while also installing additional software that could not be easily removed, collected an email address from the user and introduced...
- Blurry Moon likes this.
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 29-Jul-2024 10:04:28 JST Haelwenn /элвэн/ :triskell:
  in reply to
  - feld
  @feld Yeah, likely wouldn't take down important machines like crowdstrike did to servers but could still be pretty nasty.
  After all Sony Rootkit somehow did end up on some important machines and I don't really believe security changed much since then.
  
  In conversation about a year ago permalink
- Embed this notice
  feld (feld@bikeshed.party)'s status on Monday, 29-Jul-2024 10:04:29 JST feld
  in reply to
  
  @lanodan that's always concerned me as well, but at least those anti-cheats aren't on important work computers (usually?)
  
  In conversation about a year ago permalink
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 29-Jul-2024 10:12:03 JST Haelwenn /элвэн/ :triskell:
  in reply to
  - feld
  @feld Specially as while Crowdstrike ended up being basically a screwed up kernel security module so it's just machines being taken down and needing a patch, so not a long lasting impact.
  The anti-cheat ones meanwhile could easily end up accidentally leaking data.
  
  In conversation about a year ago permalink
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 29-Jul-2024 10:13:43 JST Haelwenn /элвэн/ :triskell:
  in reply to
  - Sean King
  @seanking or worse, computers aren't super-calculators anymore.
  
  In conversation about a year ago permalink
- Embed this notice
  Sean King (seanking@kazv.moe)'s status on Monday, 29-Jul-2024 10:13:45 JST Sean King
  in reply to
  
  @lanodan Pretty much any piece of software that relies on rooting into the OS/kernel of the machine for functionality can be the death of the machine.
  
  In conversation about a year ago permalink
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 29-Jul-2024 10:22:05 JST Haelwenn /элвэн/ :triskell:
  in reply to
  - Sean King
  @seanking Well at least Crowdstrike is a security company, not a random game studio.
  
  In conversation about a year ago permalink
- Embed this notice
  Sean King (seanking@kazv.moe)'s status on Monday, 29-Jul-2024 10:22:06 JST Sean King
  in reply to
  
  @lanodan Yeah. It's seriously fucked that there was even any trust for software companies like Crowdstrike. Especially for critical infrastructure.
  
  In conversation about a year ago permalink
- Embed this notice
  LEdoian (ledoian@pleroma.ledoian.cz)'s status on Monday, 29-Jul-2024 10:22:49 JST LEdoian
  in reply to
  - feld
  @feld @lanodan I (my evil-ish part) sees this as an opportunity. CrowdStrike is bad, but corporates forget and people possibly too (“just a bunch of stuff didn't work for half a day 🤷”).
  On the other hand, getting a lot of gamers around the world completely mad and vocal about it might actually be more memorable and push the ecosystem from this kinds of stuff.
  
  In conversation about a year ago permalink
  
  Haelwenn /элвэн/ :triskell: likes this.
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 29-Jul-2024 10:31:14 JST Haelwenn /элвэн/ :triskell:
  in reply to
  - Sean King
  @seanking Wouldn't be surprised of it just being "Woups, it got deployed in production without prior testing", specially as Crowdstrike kind of thing are reactive security so there's an incentive to push things nearly instantly.
  
  In conversation about a year ago permalink
- Embed this notice
  Sean King (seanking@kazv.moe)'s status on Monday, 29-Jul-2024 10:31:15 JST Sean King
  in reply to
  
  @lanodan True. But even then, like how the fuck did they even manage to let that kind of corrupted update go through? That's suspicious regardless of the kind of company it is.
  
  In conversation about a year ago permalink
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 29-Jul-2024 10:33:35 JST Haelwenn /элвэн/ :triskell:
  in reply to
  - Sean King
  @seanking That said the corruption part is kind of weird and so far I haven't seen any explainations about that.
  
  In conversation about a year ago permalink

Public

Conversation

Notices

Feeds