Progress?
Believe it or not, I’m actually pretty sick of complaining about Sony. You just can’t get around the fact that, once they realized the trouble they’d gotten themselves into, they pretty much did everything that was asked of them and then some. Pretty much the only thing I’d like at this point is the actual infection data, so I can better tune my DNS measurement code, but without a court order that’s just not going to happen.
Now, you’d think AV vendors would have this data. They’re always telling us about who’s infected with what. Turns out they just don’t know. I find this…interesting.
Some problems go away — Sony isn’t likely to release another rootkit anytime soon. But others fester. The antivirus industry has a problem — they actively supported Sony’s actions, and haven’t exactly apologized for supporting code that even its authors disavow. And so, Virus Bulletin, the premiere magazine for the AV industry, asked me to submit an editorial questioning the AV industry’s involvement in supporting Sony’s now-discredited rootkit.
That editorial (a newer version than was actually posted here recently, actually) may be found here:
Dan Kaminsky's Blog 