FAO: Lorien
Thanks for putting forward your view because it approaches the issue from another side, but yes i would still not attempt that because it still does not let us reach our objective ultimately.
Although it is not contested that anti-rootkit tools can be used successfully sometimes to remove a rootkit, why i value Jacee's input is because her advice really looks far beyond just the removal of the rootkit and i appreciate the absoluteness of her advice and the specific point that she wants to emphasize.
Her point actually is correct, because there ultimately is no getting around to the fact that although a rootkit may be successfully removed from a system what will be left in the kernel could be totally or at least partially corrupted files and there is simply no method available currently to test which ones of them have been corrupted and in what way and to what extent. At least currently that is the status currently at least.
Although Blacklight may remove a rootkit from a system what it cannot do afterward is to purge the system kernel of corrupted files and replace them with sound ones. That is why there is no support for Blacklight i just checked on the F-Secure Web site.
So, what Jacee stated means that the clean install will still be the only alternative left even if the rootkit may somehow be removed.
But you are right that the cat and mouse game between the so-called bad guys and the ones who try to protect the victims will continue not only from the point of view of one side trying to show up loopholes and the other of plugging them and because each gets the mental satisfaction from showcasing their technical skills and of pitting the brains of one side against the brains of the other and this is how software develops to a more stable state security-wise, but also because there is always the commercial side to it. Both sides at the least have the opportunity to make money out of this constant war. And so it will continue like this till some drastic technological developments take place which completely changes the whole scenario and the game starts at an entirely different level again and so forth.
Thanks for putting forward your view because it approaches the issue from another side, but yes i would still not attempt that because it still does not let us reach our objective ultimately.
Although it is not contested that anti-rootkit tools can be used successfully sometimes to remove a rootkit, why i value Jacee's input is because her advice really looks far beyond just the removal of the rootkit and i appreciate the absoluteness of her advice and the specific point that she wants to emphasize.
Her point actually is correct, because there ultimately is no getting around to the fact that although a rootkit may be successfully removed from a system what will be left in the kernel could be totally or at least partially corrupted files and there is simply no method available currently to test which ones of them have been corrupted and in what way and to what extent. At least currently that is the status currently at least.
Although Blacklight may remove a rootkit from a system what it cannot do afterward is to purge the system kernel of corrupted files and replace them with sound ones. That is why there is no support for Blacklight i just checked on the F-Secure Web site.
So, what Jacee stated means that the clean install will still be the only alternative left even if the rootkit may somehow be removed.
But you are right that the cat and mouse game between the so-called bad guys and the ones who try to protect the victims will continue not only from the point of view of one side trying to show up loopholes and the other of plugging them and because each gets the mental satisfaction from showcasing their technical skills and of pitting the brains of one side against the brains of the other and this is how software develops to a more stable state security-wise, but also because there is always the commercial side to it. Both sides at the least have the opportunity to make money out of this constant war. And so it will continue like this till some drastic technological developments take place which completely changes the whole scenario and the game starts at an entirely different level again and so forth.