C2C dialogue CàC : Witness 2 Wsis 2
Navigation
Thèmes du forum
Thèmes présentement discutés
Nouveaux thèmes sur le forum
En plus
WSIS Wire
En plus
Technorati blogs on WSIS
En plus
Syndication
XML
Comptes rendus
En plus
Links
·Links (93)
Story Section
·News (44)
ICANN still rules the Internet roost - John McCormick, TechRepublic
by Wsis NetiZen on 2005, Novembre 24 - 4:26am
ICANN still rules the Internet roost
John McCormick, TechRepublic
November 23, 2005
http://insight.zdnet.co.uk/internet/security/0,39020457,39237486,00.htm
The Internet Corporation for Assigned Names and Numbers (ICANN) received a last-minute reprieve at the World Summit on the Information Society, when the Bush administration agreed to the creation of a new UN-based discussion group. Meanwhile, SonyBMG continues to try to weather the fallout from its surreptitious copy-restriction rootkit, as conditions grow more stormy with the emergence of a Trojan horse that uses that rootkit to take over PCs.
Details
A last-minute compromise proves that the US government understands the vital importance of keeping the Internet as free as possible. That agreement, signed by the Bush administration last week, took ICANN off the auction block at the World Summit on the Information Society, held in Tunisia last week.

While ICANN will continue its role of approving new top-level domains (TLDs), setting minimum prices for domain names and overseeing a dispute-resolution process for domain names, the agreement also calls for the creation of a UN "Internet Governance Forum." The new UN will have no regulatory powers — instead, it will serve as a forum for ongoing discussions about Internet management.

Early reports are a bit confusing because a UN organisation with a very similar name is far from new, but the important point is that ICANN is still standing — for now. The last compromise, which occurred three years ago, put off discussions until this year's conference.

This is a very big deal, if not particularly unexpected — the Bush administration, and therefore the US State Department, had vowed to fight the growing international demand that ICANN give up control of the Internet. Not surprisingly, Microsoft, Google and other high-tech companies backed the administration's position.

In addition to the very real fears of censorship, many had major concerns that the cost of registering a URL would rise. (I currently pay $16 (£9) a year, including URL forwarding and more.) Certainly, having the UN in charge would not have made new registrations easier.

One reason the US simply can't ignore the demands for changes — including a move from Latin-alphabet-only TLDs — is that countries such as China could elect to configure their own country- or region-specific Net, essentially setting up a competing and incompatible Internet....
=============
Meanwhile, SonyBMG's infamous digital rights management rootkit has resulted in at least one Trojan horse (Ryknos), which takes over PCs "infected" by the SonyBMG music software. In the wake of the threat — and the fact that Sony made removing the malware a complex, difficult process that often requires dreaded contact with a corporate help desk — Microsoft has already announced upgrades for its Windows AntiSpyware and Malicious Software Removal tools to deal with the dangerous rootkit infection. (Microsoft are yet to respond with details on this.) Symantec has already posted a Ryknos removal tool, which also appears to remove the underlying cause — the First4 rootkit infection.

Sony and First 4 Internet, the UK-based vendor of the rootkit copy-restriction software used on the CDs, apparently still don't get it. According to a News.com story, when announcing the malware removal code, First 4 Internet's chief executive told the press, "We want to make sure we allay any unnecessary concerns". That doesn't sound as if he understands that his company produced a dangerous piece of software.

As of 17 November, several days after reports surfaced of a Trojan taking advantage of the SonyBMG malware, the First 4 Internet's home page still contained no mention of the problem or any fix. In fact, if you search the site for "rootkit", you'll get no results.

Even drilling down several layers to the press releases showed that the company isn't responding — the last posted press release is from August and it focuses on the problem of putting copy-restricted music from the DRM-protected CDs onto an iPod. The company offers to email a workaround for any iPod users who feel confident enough in the vendor's code.

Final word
A class action suit against SonyBMG is already in the works and if I'd been stupid enough to run something with DRM code on my office system, I'd certainly be joining. What do you think? Is this the death of efforts to enforce licences on music CDs? It certainly gives a boost to all the online music services.

My question is whether Sony will face prosecution for planting dangerous malware on computers? Is there a law that specifically addresses this sort of thing? If not, when will Congress pass some serious and carefully thought-out high-tech crime laws that can protect us?

Although flawed, the UK's 1990 Computer Misuse Act may apply. It will be worth watching to see if the Welsh creator of this DRM software undergoes prosecution for selling the code to Sony that leaves computers open to attack.

Copyright © 2005 CNET Networks, Inc. All Rights Reserved.
ZDNET is a registered service mark of CNET Networks, Inc.
ZDNet UK, located at http://insight.zdnet.co.uk/
http://insight.zdnet.co.uk/internet/security/0,39020457,39237486,00.htm
Ouvrir une session ou S'inscrire pour afficher