HijackThis goes open source

Desmond

Destroy Erase Improve
Staff member
Admin
Trend Micro today announced that is has open sourced the code to its popular free security tool, HijackThis. The tool scans systems to find settings that may have been modified by spyware, malware or other programs that have wiggled their way onto a system and caused problems.
.
.
.
Cupertino, California based Trend Micro acquired the tool from creator Merijn Bellekom in 2007, and has offered it for free ever since, but now is making the code available to the public. The code, originally written in Visual Basic, is now officially available at Sourceforge here.

Source
 

tkin

Back to school!!
Not a good idea, knowing the internals of a security program allows attackers to circumvent them, that's why Symantec freaked out when their code was leaked.
 

tkin

Back to school!!
They are trying to kill off Hijack this, a security system should never be open sourced, its like releasing the blue prints of a security system to public :x
 

Liverpool_fan

Sami Hyypiä, LFC legend
Anti malware goes open source? :facepalm:

Not a good idea, knowing the internals of a security program allows attackers to circumvent them, that's why Symantec freaked out when their code was leaked.

They are trying to kill off Hijack this, a security system should never be open sourced, its like releasing the blue prints of a security system to public :x

The entire code will be compromised, get it?

Sorry for trolling but :lol::lol:

For a start ClamAV is widely used as a Server AV, if being open source causes more "compromises", then it wouldn't have been so popular. Secondly, Proprietary companies freak out mainly because competitors can see their "trade secret".
 

tkin

Back to school!!
Sorry for trolling but :lol::lol:

For a start ClamAV is widely used as a Server AV, if being open source causes more "compromises", then it wouldn't have been so popular. Secondly, Proprietary companies freak out mainly because competitors can see their "trade secret".
I dunno, if clamwin/clamav were so effective why don't people use it, never see it getting mentioned anywhere??

Plus wiki does not say nice things about it, but I never trust wiki completely anyway: Clam AntiVirus - Wikipedia, the free encyclopedia
 

Liverpool_fan

Sami Hyypiä, LFC legend
I dunno, if clamwin/clamav were so effective why don't people use it, never see it getting mentioned anywhere??
It's used more in servers. Mac OS X Server bundles it for a start.

Apple - OS X Lion Server - Technical Specifications

Plus wiki does not say nice things about it, but I never trust wiki completely anyway: Clam AntiVirus - Wikipedia, the free encyclopedia
No where does it mention that its security gets breached due to it being open source. Criticism are with detection rate, etc.

I would also like to see the logic behind "Open Source" = More susceptible to attacks. The way I see is, Open Source = More people can see the security holes = More security patches = More secure product.
 

tkin

Back to school!!
It's used more in servers. Mac OS X Server bundles it for a start.

Apple - OS X Lion Server - Technical Specifications


No where does it mention that its security gets breached due to it being open source. Criticism are with detection rate, etc.
So after trend micro stops developing HT can we expect the same fate for it? I mean low detection rate, and Hijack this is primarily a detection tool..... :-?
 

ico

Super Moderator
Staff member
All HijackThis does is list out important registry entries and start up entries. Open Sourcing this sort of "tool" is not a big deal. It isn't some AntiVirus/Spyware/Malware or Firewall relying on advanced heuristics. It is a "mechanical" program. Gotcha?

If there is anything that needs to be open sourced, then it is Windows so that it becomes more secure.

So after trend micro stops developing HT can we expect the same fate for it? I mean low detection rate, and Hijack this is primarily a detection tool..... :-?
"detection tool" - that's exactly what HijackThis is NOT.

All it does is create a log file. Use it first. :)

And then you can get that log file checked at HijackThis Logfileauswertung

A sample thread - *www.thinkdigit.com/forum/software-q/81406-task-manager-does-not-open.html
 

tkin

Back to school!!
All HijackThis does is list out important registry entries and start up entries. Open Sourcing this sort of "tool" is not a big deal. It isn't some AntiVirus/Spyware/Malware or Firewall relying on advanced heuristics. It is a "mechanical" program. Gotcha?

If there is anything that needs to be open sourced, then it is Windows so that it becomes more secure.


"detection tool" - that's exactly what HijackThis is NOT.

All it does is create a log file. Use it first. :)

And then you can get that log file checked at HijackThis Logfileauswertung

A sample thread - *www.thinkdigit.com/forum/software-q/81406-task-manager-does-not-open.html
I've used it for testing(never been infected in my life), it creates a log of all the start up entries, important registry entires, BHO classes etc, yes, it does not detect a virus on its own
 

ico

Super Moderator
Staff member
I've used it for testing(never been infected in my life), it creates a log of all the start up entries, important registry entires, BHO classes etc, yes, it does not detect a virus on its own
yup. So, whether Open Source or not, this doesn't hinder HijackThis' functioning as all it does is create a log.

In any case, what people can now do is add other important places which HijackThis could include in its log and fork the software.
 

Liverpool_fan

Sami Hyypiä, LFC legend
So after trend micro stops developing HT can we expect the same fate for it? I mean low detection rate, and Hijack this is primarily a detection tool..... :-?

How did you come to this conclusion? I don't use this tool, but if it's unmaintained if will definitely stagnate and its usefulness will reduce; that's with any software.

ClamAV is pretty well maintained I think, and I am not sure about the criticism points made in Wiki are descriptive of its abilities or not. What I do know it's a popular AV and no more susceptible to attacks than any proprietary counterparts. ClamAV target market is Mail Server virus scanning mainly anyway.

My only argument was that releasing the source code for any application be it security software does not make it any less secure.

Read this.

Is Open Source Good for Security?
 
Top Bottom