|
|
Posted by Angrie.Woman on 11/04/05 15:40
anthonyberet wrote:
> Interesting discussions and news here:
> http://it.slashdot.org/it/05/10/31/2016223.shtml?tid=172&tid=158
> http://www.eff.org/deeplinks/archives/004106.php
The end of this article links to a fix:
After Criticism, Sony Issues Fix for Hidden Rootkits
Walaika K. Haskins, newsfactor.comThu Nov 3, 4:04 PM ET
Sony (NYSE: SNE - news) has admitted that it included a stealth rootkit
on some music CDs shipped in 2005 and has issued an update to remove the
hidden software one day after it was discovered. The company had drawn
criticism from security experts who warned that the technology could
serve as a tool for hackers.
The nearly undetectable monitoring utility, part of the company's
digital-rights management (DRM) technology, was aimed at preventing
consumers from producing illegal copies of CDs. The software installed
itself automatically in Windows systems whenever a CD was inserted. Any
files contained in the rootkit are invisible and almost impossible to
remove.
Security expert Mark Russinovich of Sysinternals discovered the hidden
rootkit and posted his findings on the company blog on November 1st.
Russinovich wrote that although he checked in his system's Add or Remove
Programs list, as well as on the vendor's site and on the CD itself, he
could not find uninstall instructions. Nor, he says, could he find any
mention of it in the End User License Agreement (EULA).
Stealth Tactics
A rootkit is a set of tools commonly used by hackers to circumvent
antivirus software and control a computer system. Most rootkits are
engineered so that common PC monitoring mechanisms cannot detect them.
The rootkits are designed to tuck themselves in to the most basic level
of the operating system and remain hidden from users.
A Finnish antivirus company, F-Secure, reported that it had spent
several weeks recently trying to find the cause of some unknown files
reported by a user who suspected an audio CD as the cause.
Mikko Hyppnen, chief research officer at F-Secure, said hackers could
use the rootkit to insert their own files by inserting a simple command
at the beginning of the file name that would render them undetectable by
most antivirus software. On the F-Secure blog, Hyppnen wrote that he
heard rumors that Universal is using the same DRM system on its audio CDs.
Privacy? What Privacy?
Although industry analysts said they cannot fault Sony's motives, some
saw the company's initial failure to disclose the hidden technology as a
violation of U.S. copyright laws. According to Jared Carleton, an
analyst at Frost & Sullivan, Sony is overstepping the fair-use clause
that gives consumers the right to make backup copies.
"[Sony] is saying, 'No, we are not going to pay attention to U.S.
copyright law that's been generally accepted for the past 30 years,' "
he said.
Carleton likened the hidden DRM to malware, and said it was no different
than adware and spyware. He said that if Sony was shipping DRM-protected
CDs, the company needed to put a notice on its packaging. Consumers
understand that artists should be paid for their music, he said, but he
added that consumers don't like this type of secrecy.
Andrew Jaquith, senior security analyst at Yankee Group, said the
company behaved badly and that there could be a backlash. He said that
the desire to protect intellectual property is understandable, but that
Sony should have been upfront about its DRM technology, and would have
been better off using industry-standard software.
"I haven't seen a single positive comment about this and it makes them
look at little slimy," Jaquith said. "They should have been above-board
and should have used software that they hadn't cobbled together themselves."
On the Web page containing the update, which enables users to detect and
remove the rootkit, Sony said its technology did not pose a security
risk. "This component is not malicious and does not compromise
security," the company's post said. "However to alleviate any concerns
that users may have about the program posing potential security
vulnerabilities, this update has been released to enable users to remove
this component from their computers."
The fix can be downloaded at http://cp.sonybmg.com/xcp/english/updates.html.
Navigation:
[Reply to this message]
|