Posted: 9/23/2008 4:10:25 AM EDT
|
A couple of years ago, Sony BMG got caught shipping music CDs with "rootkits" on them, which installed software onto PCs when the buyer put the CD in to play it. A rootkit is software which allows a hacker to remotely take over a system. Sony is AGAIN shipping products with rootkits installed. This time it's USB drives. Here's the story at Computer World. It is not specified in the article what systems are vulnerable. Windows PCs certainly, Macs unlikely but possible based on the limited information that's been publicly released. Fool me once, shame on you. Fool me twice, shame on me. I regard buying Sony technology products as too risky. |
|
A rootkit is not "software which allows a hacker to remotely take over a system." although it can be. It is simply a piece of software which runs without your consent and makes changes at a serious level to your system. There has never been any question of Sony's rootkits allowing external control. However, the CD protection ones did cause certain programs to crash and were difficult to remove. |
en.wikipedia.org/wiki/Rootkit |
What was even better was sony setup a web page with an active-x script that would remove their rootkit. You had to install the active-x script which would stay installed forever unless you manually removed it. It was shown that the active-x script wasn't locked down and any other website could take full control of your computer through it. -Foxxz |
Did you notice that this story was over a year old? It even says so in your link...
|
|
Sony obviously subscribes to the theory that hiding files is securing them. Is all they're doing setting the hidden attribute to the files/folders (regardless of what the files do)? IIRC, the way to "bypass" the Sony BMG CD rootkit was to 1. Disable autorun (which should be done anyway) or 2. Hold down the shift key when inserting the CD. Folks, if your machine isn't set up to show hidden files (windows explorer:tools>folder options>show hidden files) then make it so. While you're at it, check the box to show filename extensions. And click the button to make all folders look that way. |
It goes a bit farther then that. Its inserts a kernel module/driver or runs a program at startup that intercepts calls to the filesystem to list directory contents and omits that directory. Any programs running from that directory do not show up in process lists as the rootkit intercepts those system calls as well and feeds it a response while omitting info it doesn't want you to see. Its not simply a hidden folder. -Foxxz |
I know exactly what a rootkit is. The software takes control of your machine. Whether or not that allows an outside entity to take control depends on the software. The Sony rootkit does not "allow a hacker to remotely take over" your PC. Read the article you posted again. The term "rootkit" refers to the level at which the software makes changes. |
 Sony pays $1.5m over fake critic
|
Crap, missed that. 
|