Some weeks ago Sony made the attempt to protect music on some CDs the company manufacturers and distributes by adding a rootkit software on the CDs. The rootkit got installed on user PCs if the music CD was inserted into the computer's CD drive provided that the operating system used was Microsoft Windows. The protection had its flaws as it was only working on Windows and not on other systems like Linux or Macintosh. What it did mean though was that Sony distributed rootkits on their customer's PCs, and that third parties discovered methods to exploit those rootkits for their own malicious doings.
After a large outcry from the Web community Sony decided to pull the CDs from the shelves and offer a tool to uninstall the rootkit (which you would only get through a lengthy process).
One would think that other companies would learn from Sony's mistake. That however does not appear to the the case as the first rootkit-like software was recently discovered on the DVD of the German version of the movie Mr. and Mrs. Smith. F-Secure confirms that the Settec Alpha-DISC copy protection system is used on the DVD.
The Settec Alpha-DISC copy protection system used on the DVD contains user-mode rootkit-like features to hide itself. The system will hide its own process, but does not appear to hide any files or registry entries. This makes the feature a bit less dangerous, as anti-virus products will still be able to scan all files on the disk.
If you think your computer has been infected by this rootkit you can use the uninstaller from the manufacturers website to remove it again.
Besides the obvious threat that a rootkit poses many users claim that even standalone DVD players have troubles playing the DVD. I would advise you all to not buy this DVD and sent a clear message to the company so that they understand why the DVD is not selling as well as it could. I doubt anyone would be willing to purchase the DVD if they knew beforehand what it included.
Update: The uninstaller is no longer available. Settec on the other hand is still in operation.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.