Sony caught playing with rootkits again

Repeat of hidden folders offering a malware hiding place

Tom Sanders in California

vnunet.com, 28 Aug 2007

Sony's Microvault USB memory key software could render users vulnerable to a malware attack, security vendor F-Secure has claimed.

The Sony devices feature an integrated fingerprint reader that allows the user to securely store information. Unlocking the information, however, requires the installation of special software on a Windows computer.

Advertisement

The application creates a hidden directory on the user's hard drive. At least some antivirus applications will be unable to access and scan the contents of this directory, claimed F-Secure researcher Mika Tolvanen.

This potentially allows malware authors to hide their creations from security software.

The technology has rootkit-like characteristics designed to hide files and processes from the end user as well as the system.

Rootkits are best known for their use by malware authors to prevent detection and removal of their creations by security applications.

The term originally referred to tools that allow attackers to gain root access to Unix systems without the owner's knowledge, but has since taken on the meaning of cloaking technologies.

The Microvault case closely resembles a highly publicised security scandal from 2005 when Sony used rootkit technology to hide digital rights management software from end users when they tried to play certain audio CDs on a Windows computer.

The XCP software, developed by First 4 Internet, was generally considered to be clumsily architected.

Sony initially denied that its technology comprised a security risk, but quickly backed downwhen malware emerged that exploited the flaw. The firm paid several millions settling lawsuits.

Sony's entertainment division deployed the rootkit technology to prevent users from uninstalling the digital rights management technology, an action that critics claimed to be at odds with fair use.

In the case of the Microvault memory keys, F-Secure suggested that the file could be hidden to ensure the accuracy of the data signatures, thereby protecting the data stored on the device.

"We feel that rootkit-like cloaking techniques are not the right way to go here," Tolvanen commented.

F-Secure said that it was unsuccessful in contacting Sony.

Sony did not immediately respond to request for comment.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Have your say on this article

Further reading

Related whitepapers

Related jobs

Most watched

eu flag

V3.co.uk weekly debrief, 6 Nov 09

This week, Europe decides what to do with illegal file sharers

Intel unveils its micro server platform

Small-enclosure systems take aim at hosting market

More video

IT white papers

Search white papers

Top categories

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

  • More available - 'submit' to view

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Spotlight

Top 10 cup

Top 10 technologies in a death spiral

A look at some technologies that may soon be departed

Thunderbird

Thunderbird 3 out this month

Open source email system gets a makeover

Best Buy to storm Blighty's stores

Now that Circuit City is gone, Best Buy's ruling the...

Internet Explorer

Europe's browser war heats up again

Mozilla and Opera demand changes to Microsoft's proposed ballot system

Primary Navigation