Use a Sony USB Fingerprint Reader and Thumbdrive, Get a Rootkit Free!
Use a Sony USB Fingerprint Reader and Thumbdrive, Get a Rootkit Free!
Posted 08/29/2007 at 9:40am
| by By Mark Soper
10
Comments
Print
In 2005, Sony added "rootkit" to the vocabulary of computer users across the world when it added hidden copy protection software to its music CDs. Two years later, history seems to be repeating itself.
Rootkits 101
What's a rootkit? In case you slept through the Sony music CD debacle, a rootkit is a program that hides its presence from normal operating system interfaces. A Windows rootkit, for example, will not show up in Windows Explorer. Depending upon its design, a rootkit can hide files and folders, registry keys, or other system components.
Rootkits can be used in a variety of ways: Sony used two different rootkits to prevent copying of music CDs by computer users in 2005, while other rootkits have been used to run security programs, run malware to attack systems, and so forth. While some users will object to any rootkit, no matter its purpose, others will be more concerned if the rootkit makes it easy for others to attack your PC.
What's Wrong with Rootkits
Sony's 2005 rootkits provided a vivid demonstration of everything a company that uses rootkit technology can do wrong:
- Users weren't notified of the presence of the rootkit by the end-user license agreement
- The copy-protection programs Sony installed as rootkits didn't prevent malware such as Backdoor.Ryknos.B (also known as Breplibot.C and others) from hiding themselves in the rootkits' own folders
- The programs hiding in the rootkit degraded system performance
- The programs could not be removed with normal uninstall routines
Sony eventually wound up recalling over 100 music CD titles that used the rootkits and shelled out millions of dollars in settlements.
Sony Rootkit, Part Deux
Monday, anti-malware vendor F-Secure announced that Sony's MicroVault USM-F line of USB flash drives with onboard fingerprint readers create a folder invisible to Windows that is used for the fingerprint reader's software and data files. While this method helps protect the reader from tampering, F-Secure points out that the hidden folder can also be accessed from the command prompt, can be used to store additional files, and could be exploited by hackers as a location for storing malware. In other words, whether Sony intended it or not, the MicroVault fingerprint readers install a rootkit on your PC that can be exploited as a security risk.
More like this
Cache
August 30, 2007 at 4:23am
Personally, I do think that any root access to a system must have additional protection--Windows should (ideally, I grant) inform a user that information will be stored as such with the option to cancel the install.
Additionally, all Sony products that use rootkits should be able to be returned open-packaged. I'm tired of these companies selling crapware, then saying you can't return it because the package has been opened.
Although I must admit--for lulz along--I would love to see Sony try and sue people for movie/music copyright violation whose systems were compromised by a Sony rootkit. The humiliation over that alone would hopefully convince Sony to cease with this once and for all.
JC's Demon Slayer
August 29, 2007 at 5:38pm
Quote: "Nobody wants to install a program that can be turned into a weapon against their system or their information."
And yet they still install Windows, which is the epidomy of this, lol.
RGCook
August 29, 2007 at 2:42pm
it seems to me that when a company goes out of its way to repeat a mistake that left lumps on its head before, there is something fundamentally wrong with the OS. Why can't the system provide a security-based API that can be trusted and robust. Instead, developers have to resort to "creative" ways to protect devices/data, e.g., rootkits. Sony's not being malicious here I believe, they are simply trying to come up with something that works. I'm not going to say Windows sux this time.
Paul_Lilly
August 29, 2007 at 1:13pm
It's absolutely mind boggling that after all the negative publicity Sony garnered from their first go-round with rootkits, that they've even conceive going down that road again. And the irony of including a rootkit on a product designed with enhanced security in mind.
Another great write-up Mark, and kudos on your new book - I'm looking forward to reading it!
soggybomb
August 29, 2007 at 12:42pm
The Sony rootkit got installed on my former (now trashed) laptop against my knowledge (of course). It opened up a vulnerability for a trojan called downloader.trojan to get on my computer. this trojan downloaded at least 30 other viruses and spyware that it deteriorated my system until it would take 15 minutes to boot and then would shut off. Nothing I could do about it, and i didn't get compensation.
An afterthought: what if Sony has rootkits in their bluray disks? i know there is some heavy drm, what what else lurks in those things?
soggybomb
August 29, 2007 at 4:50pm
There needs to be a bigger motivation than a lawsuit to stop sony from doing this.
EvilHomerGD
August 29, 2007 at 10:07am
As we all know, most people just accept the EULA without a second thought about it (I know I've even done it in the past, though I've gotten into the habit of reading them thoroughly now). Putting the warning into the EULA won't provide the vast majority of users with enough of a warning about the rootkit.
Marcus_Soperus
August 29, 2007 at 10:33am
I agree that the EULA's no place for adequate disclosure. The choice of whether to install a rootkit needs to be an obvious Yes/No dialog box at the start of the installation process.
Vendors who want to avoid user rebellion against sneaking rootkits onto their systems should also consider disclosing this information in product spec sheets.
----------------------------------------------
It's amazing how illogical a business built on binary logic can be.
dedgar
August 29, 2007 at 10:00am
Well looks like I get to boycott Sony again. I don't think they will ever learn until someone shoves a law suit down their collective throats. Any millionaires with a lot of free time out there willing to take them on? How about a pro bono lawyer?
Connect with MaximumPC
Featured Content
We introduce Intel's latest class of tablet killers and review 4 of the first Ultra...
Where have all the memorable videogame enemies gone?
This month's issue
Feature
11 Hardware Hacks
Feature
Overclock Your CPU
How-To
Supercharge Your Smartphone
Build It
A Powerful $830 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Can RIM *ever* catch a break? Not today! App World numbers not as great as previously reported http://t.co/3ERRhr3119 hours 18 min ago
- maximumpc: Solid state shakeup: Intel 520 SSD vs OCZ Octane vs Patriot Pyro SE! http://t.co/lXDufI7w20 hours 35 min ago
- maximumpc: Woman Ordered to Decrypt Laptop Claims She "Forgot" Key http://t.co/C2TCp4Ml21 hours 29 min ago
