What will determine a good AV company.

Discussion in 'NOD32 version 1 Forum' started by testing, May 5, 2003.

Thread Status:
Not open for further replies.
  1. testing

    testing Guest

    Ok apprently in the next few days (weeks) RIAA is planning an attack on our hardrives (MP3's) now the question is, will NOD32 pick up this melicious program or will they let it slide? Do to some strange "It's not a virus" policy? Alhtough any program that wipes your harddrives and lockout your computer is considered a virus. Well here is what I am talking about.

    RIAA attacking our culture, the American Mind
    By Andrew Orlowski in San Francisco
    Posted: 04/05/2003 at 04:16 GMT

    The RIAA's president Cary Sherman is lamenting that there's a lack of civility in the debate over sharing the music we love. He's complaining that people object to his effort to plant bombs in your computer. He says such people are irrational.

    The New York Times reveals the record companies are preparing a program called "silent", which "Locks up a computer system for a certain duration - minutes or possibly even hours - risking the loss of data that was unsaved if the computer is restarted," the Times tells us. "It also displays a warning about downloading pirated music."

    This latest bombing campaign follows the RIAA's attempt in October to get bombing prohibited from limited damages: a daring and unusual move for a bomber. Bombers usually light a fuse and then run away, or fly away at a very high altitude, but this bomber wants to return to the scene of the crime and deny the victims their right to get recompense for the destruction. That was the Berman Bill.

    One other program can only be described as a kind of psychological "All Your Base" campaign, only for real. It deletes all the MP3s it can find on your computer so you have to buy the music again in DRM'd form. And then your music will truly belong to them, because once the DRM noose is around your neck, they only need to tighten it.

    Sherman complains that when the Berman Bomb Act was introduced "you couldn't get a rational dialogue going."

    We think he's been lucky.

    Cultural Identity
    The extent of this assault on our valuable culture, when combined with the the labels refusal to release its back catalogs, including works of great artistic merit, is huge.

    Look at what just one Register reader will be losing. "My great grandfather was born in 1870," he writes:.

    "He learned to build crystal radio sets to listen to the earliest radio broadcasts in the 1920's. He would invite the whole town of about 500 over to listen to them.

    "My grandfather was born in 1899. He purchased one of the earliest tape recorders to make copies of radio broadcasts for his friends in the late 1950s.

    "My dad was born in 1924. He had a collection of 78's that he passed around for many years until he died last year.

    "And now I am using the Internet to assemble an MP3 collection of all the tunes on all those LPs, cassette tapes and CD's that I've been buying since 1959.

    "I'll be damned in hell before I accept the notion that I and my ancestors who love to listen to the audio arts are in any sense guilty of anything that is illegal, wrong, evil, immoral or improper."

    Can you imagine the value of that heritage? Then multiply it. The RIAA is attacking the American mind, and controlling its finest cultural exports oversees.

    Imagine the loss if your library agreed only to keep a couple of hundred books which were then only obtainable through a fee. Or if it burned down?

    Well, when the RIAA has finished with its good work here, it will be free to do the same thing, only more aggressively, abroad.

    Hilary's Rosen involvement in rewriting Iraqi's more liberal copyright law [confirmed] will pave the way for her members to control the distribution of Iraqi culture. Before too long, the new malls of Iraq will have hypermarkets bulging with what small parts of homegrown culture the record labels sees fit to offer, plus a few claypit McJob boybands groomed for success, with just perhaps a token Sunni or Kurdish artiste thrown in to demonstrate diversity, only, "I think there's one in the backroom but I have to go and get it", is the reply you'll hear when you go and ask for it in the Baghdad hypermarket, when you ask for the latter."Er, owing to market forces we can't bring you the music you were listening to yesterday."

    (Remarkably, India and France have remained in control of their visuals, despite similar pressures. Almost everyone else is losing their audio, however).

    In parts of the world where sharing music isn't as frowned upon as here, the people generally look pretty happy, I'd say. And so you might conclude that file sharing music encourages happiness. In these parts of the world people party more, or party harder, or both, and the free flow of their culture is demanded.

    Why is this 'irrational', Bomber Sherman?

    The RIAA's assault on our cultural identity - this includes refusing to open the catalogs, as well as bombing or financially crippling computer-using music lovers - is so deep that it's only a surprise that someone hasn't bombed them back at ... (We'd give you the address here, but the RIAA's website has just gone down again, and so it appears that Phase I has been resumed.) ®
  2. mrtwolman

    mrtwolman Eset Staff Account

    Dec 5, 2002
    A rather off-topic but:

    - such a program, as described above would be illegal in my country
    - what program does could be characterised as "harm" thus the proggy clearly qualifies as malware and should be picked by security software
  3. jan

    jan Former Eset Moderator

    Oct 25, 2002
    Hi testing, :)

    certainly, "steeling music" is a breach of the copyright laws. Deleting proprietary MP3 files of a particular endusers via a program (a potential Trojan/Backdoor) by an "intruder" is not legal either. Unless we had a chance to perform an analysis of the discussed program an answer can't be granted.


  4. Vampirefo

    Vampirefo Guest

    Agreed with Jan, the program needs to be analyzed, I doubt such a program could run, on a protected machine, but I would like to play with the little program anyway, So if anyone gets it please let me know.
  5. testg

    testg Guest

    The biggest problem being the fact that once the prog gets released then we are faceing few scenarios.

    a) Since some companies will not detect it for a while due to RIAA backing, just long enough to do it's damage (untill the customers "cry havoc and let loose the dogs of war".). The program will have a great potential to get modified into various forms some of which undoubtly be made to delete more than Mp3's. (not all Mp3's are illegal some of them might be your own collection that you've made from your own CD's and just don't feel like swaping CD's everytime you want to listen various artists).
    b) Since the prog will go undetected it is safe to assume that some of it's variants if well written will also go undetected. Those are the variants I am worried about (and I think since Norton is the major provider of AV solution to home consumers it is highly likely that Norton will receive a Full focus from RIAA regarding the delay of the signature detection). Theese variants at first will be aimed to delete some other files whereupon it's logical to assume that some individuals will modify the code or attach other code in order to fight back against RIAA (DDOS attacks). Thus your machine will get highjacked in a joined DDOS and your IP will get flagged in a more serious manner than just MP3 tradeing.

    That was my basic worry, that if you allow this code to slide as malware it's possible that the modified code will cause a lot more damage then the original and if the original is indeed detected then it's a high probability that the modified code will also get detected by the means of heuritics (if the change of the original code is minimal).

    Thank you for your reply, I guess let's wait and see.

    Personally I think that RIAA will release a variant of the code and just blame it on the hacker community. :)
  6. rodzilla

    rodzilla Registered Member

    Jun 15, 2002
    It's our obligation to our clients to provide them with as close to 100% virus detection as possible, on an ongoing basis.

    If the RIAA releases a virus, we'll detect it ... and we'll detect it fast!
  7. Tinribs

    Tinribs Registered Member

    Mar 14, 2002
    Thats good to hear ;)
  8. mrtwolman

    mrtwolman Eset Staff Account

    Dec 5, 2002
    Answer as i expected :D :D
Thread Status:
Not open for further replies.