Sony, Rootkits and Digital Rights Management Gone Too Far

Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit. Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware…

8

The Bypass Traverse Checking (or is it the Change Notify?) Privilege

Privileges are special security powers that you assign to accounts in Local Policies->User Rights Assignment node of the Local Security Policy editor, secpol.msc. When a user logs in, the Local Security Authority Subsystem process – Lsass.exe – creates a kernel-mode data structure called a token that contains the list of groups the user belongs to…

0

Registry Junk: A Windows Fact of Life

Registry cleaners have always been popular, but I never paid much attention to them. I originally thought that there might be valid reasons for their existence, but over time changed my mind, only to recently recognize that even today they can help maintain Registry hygiene.It used to be common for developers to write their own…

0