About | Buy Stuff | News | Products | Rants | Search | Security | Social
Home » News » Roundups

Mark on Sony

A different kind of trick or treat.

It reads like a detective novel; it reads better than a detective novel.

On 31 October Halloween 2005 Mark Russinovich published a curious and exciting tale. The short is he bought the CD 'Get Right With The Man' by Van Zant. He didn't think to check what was on it; he didn't hold down shift when he inserted it into his computer; he runs Windows.

Using his own RootkitRevealer on a routine inspection, he was amazed to find out his own system was compromised. He had a 'rootkit' on his box, rootkit in this context being a 'cloaking device' that hides the presence of important (evil) code.

Mark was able to trace this curious piece of naively written software back to SonyBMG and a UK company that had provided it for them.

The cloaking system was just too simple: any file or directory with a '$sys$' prefix was automatically hidden from view. It didn't take hackers long to realise they'd found the perfect backdoor to infect anyone's Windows system.

Sony are taking a nonchalant stance on the whole thing, which has irked customers even more. Already boycott sites and online petitions have been set up. When Sony - or any company - can do things like this to one's personal property, it's time to pull the plug.

See Also
http://sysinternals.com/blog/2005/11/sonys-rootkit-first-4-internet.html
http://sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
http://sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html
http://sysinternals.com/blog/2005/11/sony-you-dont-reeeeaaaally-want-to_09.html

http://boycottsony.us
http://www.sonybmg.com
http://www.first4internet.com
http://news.bbc.co.uk/1/hi/technology/4427606.stm

About | Buy | News | Products | Rants | Search | Security
Copyright © Radsoft. All rights reserved.