in reference to the following artice:
Beastie Boys CD installs virus | The Register
the author of this article is Thomas C. Greene... consider the byline:
[quote]
Thomas C Greene is the author of Computer Security for the Home and Small Office, a comprehensive guide to system hardening, malware protection, online anonymity, encryption, and data hygiene for Windows and Linux.
[/quote]
there seems to be every reason to take his word as gospel, doesn't there... one problem, the article he wrote for The Register indicates that he clearly has no idea what viruses, worms, or trojan horse programs (3 major classes of malware) are...
the DRM software installed by the new Beastie Boys album is not a virus for 2 reasons... most importantly, it does not self-replicate - it does not make copies of itself, copies aren't placed on your existing music CD's, the installer is not (as far as i can tell) get placed on any new CDR's you happen to burn - the most fundamental requirement for classifying something as a virus is that that something has to self-replicate (this has been true ever since the invention of computer viruses by Fred Cohen in 1983, and you can refer to his numerous works on the subject if you don't believe me)... second, it does not infect any host program - by which i mean that it does not attach itself to any program in such a way that when an attempt is made to execute the host program the DRM software does not get executed as well as or instead of the host program... infection of host programs is generally regarded as a requirement for calling a self-replicating program a virus instead of a worm (another kind of self-replicating malware) or something else...
so it's not a virus because it doesn't self-replicate and it doesn't infect host programs...
Mr. Greene makes further errors in his justification of calling it a virus rather than a worm... there is an argument (that is not particularly well thought out) that says that viruses require user intervention and worms do not - however that argument is meant to be applied to the way the virus or worm gets executed, not how it gets copied (as Mr. Greene seems to think)... clearly, as the DRM software autoexecutes, the DRM software in question better suits the classification of worm under this (dubious) argument...
what the DRM software in question actually is, is the payload of a trojan horse - a trojan horse being something that advertizes itself as performing some desirable function but does something bad in addition to or instead of that desirable function... even a passing familiarity with the field of malware should have made this readily apparent to Mr. Greene....
the legal implications are pretty much the same, though... that much he got right...
0 comments:
Post a Comment