About | Buy Stuff | News | Products | Rants | Search | Security
Home » News » Roundups

Mark on Sony

A different kind of trick or treat.

It reads like a detective novel; it reads better than a detective novel.

On 31 October Halloween 2005 Mark Russinovich published a curious and exciting tale. The short is he bought the CD 'Get Right With The Man' by Van Zant. He didn't think to check what was on it; he didn't hold down shift when he inserted it into his computer; he runs Windows.

Using his own RootkitRevealer on a routine inspection, he was amazed to find out his own system was compromised. He had a 'rootkit' on his box, rootkit in this context being a 'cloaking device' that hides the presence of important (evil) code.

Mark was able to trace this curious piece of naively written software back to SonyBMG and a UK company that had provided it for them.

The cloaking system was just too simple: any file or directory with a '$sys$' prefix was automatically hidden from view. It didn't take hackers long to realise they'd found the perfect backdoor to infect anyone's Windows system.

Sony are taking a nonchalant stance on the whole thing, which has irked customers even more. Already boycott sites and online petitions have been set up. When Sony - or any company - can do things like this to one's personal property, it's time to pull the plug.

See Also


About | Buy | News | Products | Rants | Search | Security
Copyright © Radsoft. All rights reserved.