Friday, November 18, 2005

Sony Rootkit Roundup

This story has really taken off, as it should have. If you haven't heard by now, Sony installed a rootkit onto PCs without user's knowledge in order to track the use of the music files from said discs on user's PCs. The kit phoned home periodically, also without user's knowledge. The kit also hid itself from the users by disguising itself as a Windows software. The kit damages Windows OS. The kit leaves a backdoor that can and has been exploited by hackers. Sony, at first, denied the problem, then offered a patch that revealed the kit, then offered another removal patch that damaged Windows further, and now has recalled all of the CDs. Microsoft will issue a removal software later this month.

Mark Russinovich was the first person to publicly report on the problem. His blog details (and I mean technically details) the discovery and removal problems.

Security Focus has done a good job reporting on this. They have a 2 part article describing root kits. Part 1 and Part 2. Sony faces legal issues over this ploy.

Boing Boing pointed out Sony's "non-apology" over the rootkit. They're second roundup of articles here.

Here's a list of all of the titles Sony released with this rootkit. Collect all 52 invaders before they're exterminated!

Bruce Schneier wrote an article for Wired News about the topic in which he points out the real danger exposed by this episode is that the public is spending millions of dollars per year on security software to prevent exactly this type of thing and yet Norton, McAfee, et al missed it. Or did they miss it? Did they just ignore it because it came from a friendly corporate entity? If not, then why did they react so slowly? Whole thing here.

Update: This just in, according to ZDNet, Sony will replace the rootkit infected CDs with new copies plus MP3s. At least, I hope they mean new CDs plus mp3s because as much as people claim otherwise, MP3s do not sound as good as CDs.

No comments: