Rootkit Creators Turn Professional

Rootkit Creators Turn Professional


Misuse of the term
(Score:5, Insightful)
by $RANDOMLUSER (804576) Alter Relationship on Friday October 21, @05:26AM (#13843155)
From TFA:

A rootkit is a tool that helps worm authors to slip past malware detection tools. The rootkit is 'wrapped around' the virus, and hides its payload from detection engines. After the rootkit has penetrated a system's defences, the worm can start doing its work.

Wrong. A "rootkit" is a series of hacks to the underlying operating system, which make a running process harder to detect. In other words, a rootkit will keep your process from turning up in the Windows Task Manager, or a Linux "ps".

Definition from the Jargon File [catb.org].
--
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
==============


I risk being tagged elitist, but...
(Score:5, Insightful)
by Snowhare (263311) Alter Relationship on Friday October 21, @09:47AM (#13844387)
(http://www.nihongo.org/snowhare/)

PHP is and will be continue to be popular with the masses simply because, like HTML, the entry barrier is very low. It will fail to make deep inroads at the high end for the same reason: The entry barrier is very low.

Sounds like a contradiction? Not really. The entry barrier for PHP is so low that we are seeing zillions of poorly written, insecure and unscalable PHP apps written by amateur programmers. Resulting in numerous security scares about PHP and contributing more than slightly to the infamous Slashdot Effect where a site that gets a sudden traffic surge craters as it runs out not of datapipe but simple CPU power. This scares the hell out of anyone who considers using PHP in the enterprise.

Don't get me wrong: It is possible to write good, secure, scalable code in PHP. It just isn't very common.
===============

As a Java developer with PHP experience...
(Score:5, Insightful)
by pico303 (187769) Alter Relationship on Friday October 21, @09:58AM (#13844499)
...I can honestly say I avoid PHP at all costs. PHP feels like it was built by committee: there's no consistency in the language. Even with 5 I still feel like I'm hacking together web pages.

I feel like there's a lack of standardized libraries for PHP. I've used PearDB, but it's sure not ActiveRecord or Hibernate. Smarty's o.k., but I'm already developing in a template language for HTML pages, why do I need another one? It's like working with JSP tag libraries (which I find equally wasteful).

Fundamentally, I think the tight coupling between view, controller, and model that PHP naturally engenders is bad. Practically, I've seen where Ruby on Rails has gone in just a single year, and it's further than PHP's gone in the last 5. Things you can do in Rails in a few days take weeks of coding in PHP, even with the help of third-party libraries.

PHP has a strong foothold with small, inexpensive ISPs, which is the only reason I think that people still use it. Unfortunately, the "war" between 4 and 5 has really hurt the credibility of PHP moving forward. Does any ISP support PHP 5?

If PHP wants to compete against Ruby on the low end and J2EE and .NET on the high end, it's going to need new development tools--both for writing the code and useful libraries, stronger leadership, and a clear plan for the future. I don't see any of this happening in its current state. I consider myself to be a PHP outsider these days, and looking in it doesn't look so fun in the pool.

=============