Storage News
Security News
Networking News 

Be a Commerce Partner
Promotional Pens
Promos and Premiums
Baby Photo Contest
KVM Switch over IP
KVM Switches
Promotional Gifts
Boat Donations
Promotional Golf
Computer Hardware
Home Improvement
Desktop Computers
Logo Design
Domain registration
Internet News
Small Business
Personal Technology

Corporate Info
Tech Jobs
E-mail Offers

Free Trial: Symantec Mail Security Appliance
Try best-of-breed antispam, antivirus, and compliance technologies that protect against threats from inbound and outbound email and Instant Messaging at no cost for 30 days. >>
Understand Your Exposure: New Mission Critical Systems for E-Mail and IM
Article: This article takes a look at electronic messaging, areas of compliance and security and how the need to manage e-mail and instant messaging to minimize security and legal exposure has joined availability and storage as critical concerns for managing an organization's messaging. >>
IT Risk Management: An Essential Strategy for Business Management
Whitepaper: As dependency on IT increases, exposure to IT risk continues to grow. Most organizations do not have an adequate understanding of the IT risks they face. This whitepaper provides a model for categorizing, prioritizing, and addressing IT risk management challenges. >>
Fundamentals of Mail Security
Strategy Guide: This guide examines the results of Symantec's 2006 security surveys, evaluates spam and malware solutions, and analyzes security assessment appliances. >>
Five Steps to IT Risk Management Best Practices
Article: Greg Hughes, Symantec's Executive Vice President of Worldwide Services and Support, explores the best practices of managing and balancing information risk and reward. >>
For more whitepapers, webcasts, articles, and resources on data archiving and storage management, click here.

Related Articles
Sony Rootkit or Aggressive DRM?
AntiOnline Spotlight: Rootkits Lie in Wait
Security Products
 Tools for SQL Server (Idera)
 IMAuditor (FaceTime Communications, Inc)
 TriCipher Armored Credential System (TACS) (TriCipher, Inc)
 Bio-Plugin (M2SYS LLC)
 PointSharp ID (PointSharp AB)
 Data Loss Profiler (Reconnex, Inc)
» Enterprise IT Planet » Security » Security Features

Worried that your files and data are not safe and secure? FREE trial of WS_FTP Server with SSH - Secure File Transfer

AntiOnline Spotlight: Sony Rootkit Backlash

By Enterprise IT Planet Staff
November 4, 2005

Email Print Digg This Add to

Piracy is bad. Rootkits are worse.

Sony BMG learned that lesson this week when news slipped out that First 4 Internet, the company that provided the DRM software, had slipped a rootkit into its content protection scheme.

Will that music CD lead to your PC's doom?
It doesn't take much to set off the security-conscious tech community. The reaction to this bombshell was predictably swift and overwhelmingly negative. Forget malware of the week. The outcry eclipsed every other computer security story and still rages on.

Although Sony contends that its purpose was to solely prevent unauthorized copying of songs on Windows systems, it's the unintended consequences of the act that has techies up in arms.

Part of the outcry was fueled by the thought of a company, especially one of Sony's stature, installing hidden and (largely) undetectable software on consumers' PCs. But there is a more chilling prospect.

The danger is that malware coders will step through the door that Sony opened up and make themselves at home. Some users are already putting the rootkit to creative uses, such as enabling cheating in World of Warcraft, the incredibly popular online game.

To make amends, Sony has released a patch, of sorts, that exposes the offensive code. But how many users are affected and don't even know it?

Looks like it's time to add a rootkit detector to your computer's defenses to go along with your anti-virus, anti-spyware, anti-spam, firewall...

Note: Any opinions expressed below are solely those of the individual posters on the AntiOnline forums.

Spotlight Threads:
Sony, Rootkits and Digital Rights Management Gone Too Far
Sony Rootkit Removal
Titlefight: Sony Rootkit vs The Warden

Ah, but you clicked on the EULA! rcgreen shares some thoughts.

I've been ranting about DRM for months, that it is, by definition, a trojan horse. As for the legalities, right now it's the Wild Wild West. They can say anything they want in a EULA. It's when it goes to court that issues get defined. You can sue them. Maybe you'll win. Maybe not.

qwertyman66 is annoyed at how the software digs its claws into a system.

My biggest problem with this is the way they make it so hard to remove, to the extent that you can end up disabling your CD drive if you aren't 100% sure of what you are doing.

How would they justify that to a court? Their EULA states that you can remove the software, but in doing so you will possibly lose your CD drive. Could that be considered a Denial of Service Attack?

phishphreek80 gets to the heart of the controversy.

The thing that may bug me the most out of all this is that Sony's program can help malware writers hide their code. World of Warcraft "hackers" are already doing this.

What are the chances that users have purchased a CD and Sony has already installed this rootkit on their PCs?

Even though Sony is releasing a patch to make the files visible (but not remove them), IMO, that is still not enough. They are acting as an enabler for malware writers to easily hide their malware.

What's your take on the Sony rootkit flap? Sound off in our forums.

Email Print Digg This Add to

Security Features Archives

Free Trial: Symantec Mail Security Appliance. Get best-of-breed antispam and antivirus technologies.
What's The Future Of IT? Find Out By Reading "IT in 2018" Now. Free Registration Required.
Is secure, available data a challenge? Sign up for this easy to use, secure, web-based solution.
VeriSign Whitepaper: The Latest Advancements in SSL Technology
Hoovers Sales Tip: Building Credibility with New Clients

Article: Improve Infrastructure Management for Mid-Size Companies
System Center Essentials 2007 is a single, unified management system that proactively monitors, updates and troubleshoots IT infrastructures with up to 500 PCs and 30 servers. As the name indicates, most of the features in System Center Essentials 2007 come from members of Microsoft's enterprise class System Center family of management products. Read this article to learn more. »
Featured on the Microsoft System Center Infrastructure Management



Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Whitepapers and eBooks
HP eBook: Storage Networking , Part 1
F5 Whitepaper: Deploying SharePoint 2007? BIG-IP LTM with WebAccelerator Can Speed it up by 8x Article: Tip of the Trade--IP Address Management Article: Enterprise Fixed-Mobile Convergence Can Be Lucrative for Channel
StoreVault Whitepaper: Introduction to Networked Storage
Oracle eBook: Implementing Business Intelligence in Your Organization
Hoovers Sales Tip: Building Credibility with New Clients
SAP Whitepaper: A Corporate Guide to Better Decisions Through IT
Microsoft Article: Flexibility, Agility the Keys to Dynamic IT
Microsoft Article: Improving Infrastructure Management for Mid-Size Companies
IBM Whitepaper: Transforming Legacy Apps into SOA eBook: All About Botnets
Intel Article: 8 Simple Rules for Designing Threaded Applications
Symantec Whitepaper: E-Mail Discovery--Worst-Case Scenarios Versus Best Practices
Ipswitch Whitepaper: Secure File Transfer In the Era of Regulatory Compliance
Symantec Whitepaper: A Unified, Proactive Approach to Endpoint Security
Intel Whitepaper: Best Practices for Developing and Optimizing Threaded Applications
Symantec Whitepaper: Emerging Trends in Fighting Spam
Symantec Whitepaper: Best Practices for IM Archiving & Compliance
Intel Article: The Challenges of Developing Multithreaded Processing Pipelines
Avaya Whitepaper: SIP--Creating Next-Generation Telecom Applications
Symantec Article: Guarding the Corporate Gateway
Microsoft Web Seminar: Windows Mobile 6.0 Training for ISV Developers
IBM Webcast: Asset Reuse Strategies for Success--Innovate Don't Duplicate!
HP Video: Page Cost Calculator
HP Webcast: Storage Is Changing Fast � Be Ready or Be Left Behind
Epicor Webcast: Requirements to Consider When Looking at ITSM Tools
Intel Video: Three Must-Knows for Parallelism
Microsoft Partner Program Video: The Secrets to Partner Success
Rational Asset Manager: Succeed with Asset-based Development
Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
Downloads and eKits
Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
Red Gate Download: SQL Compare Pro 6--the fastest, easiest way to compare and synchronize two databases.
IBM eKit: IBM Rational Systems Development Solution
IBM eKit: Rational Asset Manager
IBM Developer Kit: Web 2.0
IBM Download: Data Studio v1.1
NXPowerLite: Desktop Edition Software Trial
Iron Speed Designer Application Generator
Symantec IM Detection Utility
Tutorials and Demos
HP Demo: StorageWorks EVA4400
IBM Demo: Adding Security to your Web Services Digital Signatures
IBM Demo: Deployment Tracking with Rational ClearQuest and ClearCase
IBM Overview Video: Next Generation Data Warehousing
IBM Tutorial: Intro to XML User Interface Language (XUL) Development
Microsoft How-to Article: Get Going with Silverlight and Windows Live