All the latest UK technology news, reviews and analysis
|
|
|
28 Dec 2005
One single blog posting in late October succeeded in shaking the reputation of a major record label, notifying the world of the threat of rootkits and turning the music piracy debate upside down.
The saga began when a software developer called Mark Russinovich purchased a CD by Van Zant and played it on his computer.
When he first inserted the music disk, a window popped up informing him that playing the CD required a special player application. But on clicking 'I agree' the application installed more than just a player.
It also copied digital rights management software and a so-called rootkit to his system that would hide the software and prevent uninstalling.
Russinovich found out that the entire software suite was cooked up by a firm called First 4 Internet and is marketed as XCP. He published his findings in a blog posting that was soon picked up by news media world wide.
As more people scrutinised the XCP technology, it turned out that First 4 Internet had created a monster. The cloaking technology did not just hide the software from the user, but from Windows and virus filtering software.
A worm or piece of spyware could easily use the cloaking technology to dodge detection by security software. XCP was identified as a serious security vulnerability.
"Sony's motives are reasonable from its point of view, but it is a terrible security hole," Roger Thompson, chief executive at security provider Worm Radar, told vnunet.com.
"The risk is that [worms] now have a place to hide things where antivirus programs cannot see them. They can tuck themselves in under the protection of the rootkit."
Security experts at F-Secure quickly backed up Russinovich's claims. It would later turn out that the firm had started investigating the XCP rootkit in the summer and had been talking to First 4 Internet and Sony BMG about the security risks.
The process, however, was painstakingly slow and had stalled by the time Russinovich published his blog posting.
Following the public outrage, Sony BMG announced that it would issue a patch to consumers who wanted to remove the software from their systems.
But the label refused to issue a list of CDs that were affected by XCP. And the patch was hard to come by, requiring consumers to register with Sony BMG before receiving the software.
Although Sony BMG had been informed of the full scope of the security implications, the firm maintained that the technology "does not compromise security".
In a rare public appearance Sony BMG's president of digital business tried to cage the dogs.
Latest stories from Law
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Application Support Analyst with exceptional communication...
Software Development Manager- Rugby/Warwickshire - Attractive...
Working for a leading Retail organisation, you will be...
business analyst, tester, fixed income, fi, derivatives...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Rose-colored glasses...
Tell me, do those rose-colored glasses have wire rims or horn rims? "No real harm done?" You've hurrying to tack the coda on a little too early, aren't you? What's the rush... now? The foot-dragging on this by the major anti-malware vendors, who gave Sony a free ride for entirely too long, is only exceeded by the media coverage of this fiasco. It would have been a laugh riot if not for the actual damage done to peoples PCs. Facts: One: Due to the covert nature of Mediamax installation many people do no know that they are infected and that their increased frequency of Windows crashes, apparent CD drive "failures", and suddenly "buggy" multimedia programs might have a cause other than Bill Gates... much less that a remotely exploitable security hole has been opened up in their systems. It's kinda difficult to get patches out for malware, y'know. Two: Audio CDs have a very long usuable lifespan compared to software CDs. Each of the millions of Mediamax-afflicted CDs said to be in the wild will attempt to covertly install the malware and open up the same security hole in any PC they're played in for a LONG time to come.
Posted by: the zapkitty 22 Dec 2005
little real damage?
"In the end little real damage was done to consumers ..." i beg to differ. my niece who uses her computer to LEGALLY buy music from itunes , to rip LEGALLY bought cds and to transfer all this music to her LEGALLY bought iPod has found this rootkit on her pc. she has now lost access to the cd burning function in iTunes. she is now faced with the prospect of reinstalling windows to get rid of this rootkit. HOWEVER ... when she does this, she will lose all the music LEGALLY bought from iTunes. and, unlike eMusic and some other music sites, iTunes WILL NOT let her re-download the music she has previously purchased. so, "little real damage"? i think not.
Posted by: Terry 21 Dec 2005
Sony rootkit . . .only one way
to deal with people like these "why should they care about it" types and that is to BUY NOTHING FROM SONY
Posted by: CHUCK 21 Dec 2005
No real damage?
The article ends by stating that no real damage was done to consumers. Well, I sure wasted a lot of time scanning all of our networked computers for rootkits; sure felt like damage.
Posted by: Charles Wenzel 21 Dec 2005