Home » Industry Watch
Mark on Sony
A different kind of trick or treat.
It reads like a detective novel; it reads better than a detective novel.
On 31 October 2005 Mark Russinovich published a curious and exciting tale. The short is he bought the CD 'Get Right With The Man' by Van Zant. He didn't think to check what was on it; he didn't hold down shift when he inserted it into his computer; he runs Windows.
Using his own RootkitRevealer on a routine inspection, he was amazed to find out his own system was compromised. He had a 'rootkit' on his box, rootkit in this context being a 'cloaking device' that hides the presence of important (evil) code.
Mark was able to trace this curious piece of naively written software back to SonyBMG and a UK company that had provided it for them.
The cloaking system was just too simple: any file or directory with a '$sys$' prefix was automatically hidden from view. It didn't take hackers long to realise they'd found the perfect backdoor to infect anyone's Windows system.
Sony are taking a nonchalant stance on the whole thing, which has irked customers even more. Already boycott sites and online petitions have been set up. When Sony - or any company - can do things like this to one's personal property, it's time to pull the plug.
http://sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html http://sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html http://sysinternals.com/blog/2005/11/sonys-rootkit-first-4-internet.html http://sysinternals.com/blog/2005/11/sony-you-dont-reeeeaaaally-want-to_09.html
http://www.sonybmg.com/ http://www.first4internet.com/ http://news.bbc.co.uk/1/hi/technology/4427606.stm http://boycottsony.us/
Postscript: A Week Later
The fallout around the world for this, the third bungle of SonyBMG, has not been good and is only getting worse.
http://cp.sonybmg.com/xcp/ http://www.upsrow.com/sonybmg/ http://cp.sonybmg.com/xcp/english/faq.html http://cp.sonybmg.com/xcp/english/titles.html http://blog.sonymusic.com/sonybmg/archives/111505.html
http://news.com.com/2100-1002_3-5961560.html http://news.com.com/2100-7350_3-5964995.html http://news.bbc.co.uk/1/hi/technology/4456970.stm http://news.bbc.co.uk/1/hi/technology/4459620.stm http://www.nytimes.com/2005/11/22/technology/22sony.html
http://www.freedom-to-tinker.com/?p=931
|