Sony Facing the Music over Rootkits
http://www.techtree.com/techtree/jsp...978&cat_id=582.
According to reports, Sony has been stealthily installing hidden software on PCs, when people try to play Sony BMG music albums on their computers.
This software installs automatically, when users insert music CDs with XCP digital rights management technology in their computers. The software is geared towards limiting the number of copies that users can make from CDs, plus restricting ripping of the disk.
Software developer, Mark Russinovich, discovered that Sony had secretly installed a rootkit on his system. He traced the software back to Sony and the XCP technology, from First 4 Internet, an English software developer.
The rootkit helped to hide the digital rights management technology, both from the user as well as the system, including the anti-virus software. When Russinovich tried to remove the application, he found that his CD drive was disabled.
Sony's new software, called Extended Copy Protection (or XCP), uses rootkit techniques to prevent users from removing copyright protection technology, and violating Sony's copyrights. However, this feature can also be abused by worm authors to hide malicious applications.
For example, Botnet operators are increasingly using rootkits to prevent detection of their malware; a phenomenon which has given birth to an entire industry building and updating anti-virus tools for combating this malware.
From Sony's point of view, its motives are reasonable; but security experts say this is a potential threat to security. Sony however has denied that the technology is malicious, or compromises on security in any way.
Meanwhile analysts are of the opinion, that Sony has dealt itself a serious blow, and the best thing that the company, and all the rest of the music publishers could do right now, is to condemn the practice and apologize to the affected customers.
Bookmarks