I first heard of root kits when I was about 13. That's both early and late, depending on how "normal" you are. It was basically in a little "tutorial" written by a script kiddie writing about how to pwn machines (they didn't call it pwn4ge back then, but I'm modernising the tale). I didn't understand all the unix commands (I was like "WTF mate"), but I still understood the purpose: Once you hack (crack?) in to a box and get root, you must first remove all evidence, then "take over" the box without the sysadmins noticing. Hence the root-kit.
Even then, the root-kits could plug into IRC channels and wait for commands. A veritable army of zombies, obeying their
real IRC masters. I figured that if someone cared enough to go after you, you'd be in a lot of trouble. Gaol sentences, fines, and all that, I imagined. Even the "tutorial" told you never to go after governments. Private companies would probably give up, they've got better things to do, but the government wouldn't stop till you were fucked. Unless you were too young.
Or, apparently, a multinational corporation.
Sony should've written that tut. All you have to do is:
- Ship a trojan with a rootkit
- h4x0r the machine and take what you want
- Issue an "apology" and recall that trojan.
- Have an over-the-internet "uninstaller" which allows you to totally scr0d the b0x0r.
- Profit!
I'll be left fuming if there are no legal repercussions for Sony. Fuming that I didn't think of it sooner. Sony's CDs have even infected government and military organisations. I guess this makes Sony the best h4x0r of us all. I guess the EFF is a little jealous.