Sony and the rootkit, the story continues

The news spread like fire last week: Sony has a software installer on some of the company's music CDs that mayinstall a rootkit on customers PCs if the CDs are inserted into a personal computer. The rootkit software can not be uninstalled by normal means and has already been used by hackers to hide World of Warcraft cheat scripts from being detected by Blizzards Warden client.

It is possible to hide other scripts and software as well, one possibility would be to hide a virus or trojan  from antivirus software. All of this could be done using Sony's software. Yesterday First 4 Internet Ltd, the British company that developed the DRM software, issued a patch that did not add an uninstallation option to the software but did remove the cloaking feature. It also patched the software to a new version.

Sony's reaction to the heavy fire from the internet community and privacy groups was to point their fingers at music pirates. Thomas Hesse, President of Sony BMG's global digital business division, on NPR:

"Most people, I think, don't even know what a rootkit is, so why should they care about it," he asked? "The software is designed to protect our CDs from unauthorized copying, ripping."

Yeah, why should one care if some software is installed on personal computers that can't be removed by normal means and can be used for all sorts of malicious actions (which Sony as of now still denies)? No one in their right mind would want such a program on their PC if they knew about it.

Why should one care that the software makes contact to a Sony server every time a song is played (there is no information about this to the user and of course no way to stop it)?

The patch Sony issued is hard to find, if you are lucky enough to find it it is possible that you will a receive a blue screen when you apply the patch.

Advertisement