FedSearch - Federated network search engine

Nils Goroll · @slink

60 followers · 496 posts · Server fosstodon.org

Dear #infosec community, is anyone aware of any independent audits/research on the security of #dynatrace or its inner workings?
My understanding is that it is basically a remote controlled system- and library-call interceptor implemented as an LD_PRELOAD library with super powers over any code run under its control.
For short, I call it a #rootkit. Do you agree or disagree that this simplification for not-so-tech-savy people is adequate? (edit: grammar)

#infosec #dynatrace #rootkit

Last updated 1 year ago

Original post

DAZ 🏜️ · @daz

17 followers · 157 posts · Server toot.io

YouTube - why tiktok is worse than we thought

If you or someone you love has Tik-Tok installed you need to see this video. Not only are the permissions excessive, they remain even after uninstalling the app. Everything is reported back to the CCP behind "the great firewall" #privacy #rootkit #tiktok #savethechildren

https://www.youtube.com/watch?v=PCDkz4ttcng

#privacy #rootkit #tiktok #savethechildren

Last updated 1 year ago

Original post

Fox · @fox

165 followers · 924 posts · Server cytag.nl

@stonehead Hi! I'm glad you asked because I'm sure there are many more people wondering about the same thing! :)

Yes, there is always a risk when you download something from open sources. However, you really cannot trust official sources as well. A good example is Sony's rootkit scandal. [1][2]

Doing basic internet "hygiene" will prevent you from most viruses, though. Having a decent virus scanner will do wonders [3], and the rest comes down to common sense. Be very careful with executables, keep your software (like PDF readers) up to date, look for settings to turn off scripts and perhaps consider sanitizing your PDFs before opening them. [4][5]

An interesting point on the aforementioned website is the following:

"With budgets getting tighter, we understand the appeal of free antivirus software. While there have been great changes in free subscriptions, the most notable being they now offer real-time malware protection, they are still minimal compared to a full antivirus security suite.

There are some exceptions, but most free antivirus programs don't offer web protections. This means they won't stop malware from downloading if you accidentally click on a malicious link. They will snatch it before it has a chance to infract your computer, but we feel better than a threatening file doesn't get that far into the process."

I hope this helped you on your way, and if not, do let me know! :)

----------

[1] https://www.theregister.com/2005/11/01/sony_rootkit_drm
[2] https://www.theregister.com/2021/12/10/autorunning_away/
[3] https://www.techradar.com/best/best-free-antivirus (go to the product's websites manually to avoid tracking through links)
[4] https://github.com/Kerbalnut/Sanitize-PDF
[5] https://www.webpdf.de/en/pdf-redact-and-sanitize

----------

#pdf #security #virus #script #macro #worm #epub #software #antivirus #rootkit #sanitize

Last updated 1 year ago

Original post