Go look up the term rootkit on Wikipedia. (Go ahead, I'll wait.) Lovely
entry,
isn't it? Lots of information. Trouble is, there's lots of misinformation,
too.
A rootkit is *not* "a program ... designed to take fundamental [or] ... `root'
access" for a system. It's designed to *keep* that access, once you broken
into
the system and grabbed it. (And rootkits were around before 1990, etc, but
we'll
let that go for the moment.)
Or, at least, it used to be defined that way. Recently, all kinds of people
have been
redefining what rootkit means, to the point that it may no longer mean anything.
Wikipedia is a wonderful tool, and the English encyclopedia made with it is a
wonderful resource. For the most part. But when you get to the real specialty
areas you start running into problems. As John Lawton has pointed out, the
irony
of the information age is that it has given new respectability to uninformed
opinion. And Wikipedia is susceptible to that problem.
Now the Wikipedia people are aware of the problem, and have provided ways to
address it. There is the fact that anyone can correct errors, when errors have
been
made. There are technical controls in terms of limits on changes. There are
administrative controls in the granting of elevated privileges to editors. But
occasionally you get a breakdown, such as the fact that an editor can be, him
or
herself, in error. And then you get entries like the one for rootkit.
But Wikipedia is not what I really want to talk about. I want to talk about
words.
Specifically, the jargon that we use, and create, in technical fields, and in
the field
of information security in particular. Because language is kind of like a
giant
Wikipedia, where anyone at all can make an entry. And anyone at all can try
and
modify that entry.
Lots of people like to talk about computer security. It's quite likely that
more
people like to talk about security than actually *do* anything about security.
So
it's not hard to see that a lot of the people who are talking, and writing,
about
security often talk about things that, well, they are not quite certain about.
If I say that Alan Turing was a homosexual, I might be right, or I might be
wrong.
But it would be fairly easy to check whether I was right or wrong. However, if
I
say that a Turing Machine is a universal computer because it can be implemented
on any computer, I am making a different kind of assertion, and one that it
harder
to check. Someone who hears me say that, and knows that I'm wrong, might not
challenge it immediately, because it's partly right, and the error I've made
may not
be important to the point that I'm making. But the people who hear me make
that statement, and who do not know why the statement is in error, are probably
going to assume and generate various kinds of mistaken ideas about Turing
machines. And if I make the statement frequently enough, and in enough
different places, it starts being taken as true. And eventually we'll have
people
saying that a universal computer is any entity that can be implemented on any
platform. Which had nothing at all to do with what Turing was doing and
proving.
So it is with a number of the specialized terms that we have been using in
infosec.
A lot of people are getting hold of them, and using them in sloppy ways. Now,
a
great many people say that language is living, and you have to make allowances
for that growth. Fair enough: much of the vocabulary that we use every day in
computer security didn't even exist fifty years ago, so it would be hard to
argue the
point. However, if the terms can be changed by anyone, at any time, then they
lose meaning. If I use the word virus to mean one thing, and you use it to
mean
something quite different, then we aren't going to come to any agreement. We
can't communicate. And, in all of these rapidly changing technical fields,
communication is vitally important.
So, in the blort, I just want to regrify you to smetnicate all forms of
antrifact.
Yelth you for your fesculiant.
====================== (quote inserted randomly by Pegasus Mailer)
[EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
No experiment is ever a total waste:
it can always be used as a bad example - science maxim
victoria.tc.ca/techrev/rms.htm
blogs.securiteam.com/index.php/archives/author/p1/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
