Thursday, April 27, 2006

what's a stealthkit?

a stealthkit is a collection of one or more programs (a software toolkit -> a toolkit -> a kit) that hides the processes, data, and activity of itself and/or some other application(s) it may be packaged with...

a careful reader will notice that this is basically the same definition that much of the IT community is currently using for 'rootkits'... this is to distinguish this new type of malware from the classical form of rootkits... the nouveau 'rootkits' have a fundamentally different function and focus from the classical rootkits (even though classical rootkits were often also stealthkits) so creating a new term for them is reasonable... and there really isn't any reason to recycle an old term (rootkit) instead of coming up with a new term for something that is legitimately new - it's not like our word bag is empty...

normally i would never add my own terminology to a glossary, not even one on my own blog, but i have become so frustrated trying to keep track of whether i mean the new 'rootkit' or the classical rootkit when i say "rootkit" that i've decided i have to do this...

back to index

0 comments: