Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sony RootKit Still A Problem?

Posted by CmdrTaco on from the this-stuff-never-dies dept.

XMilkProject writes "Current research indicates that some "350,000 networks--many belonging to the military and government--contain computers affected by [Sony's rootkit]." This is down from over half a million last month. "The security researcher worked from a list of 9 million domain-name servers.. asking each to look up whether an address used by the XCP software--in this case, xcpimages.sonybmg.com--was in the systems' caches." Will Sony face future repercussions for this potentially long-term damage?"

7 of 268 comments (clear)

  1. Re:Sony won't be harmed, users will by Anonymous Coward · · Score: 1, Informative

    You mean they cane you? Or beat you in some other way?

    Or did you mean court martial instead of corporal punishment.

    Anonymous Pedant

  2. You obviously didn't read the settlement by TubeSteak · · Score: 3, Informative
    As part of the settlement, Sony is agreeing not to enforce two key portions of the EULA
    1. A $5 limit on damages
    2. The requirement that you must sue Sony in New York
    Once the settlement is official, Sony will have opened themselves up, such that they can be sued in court anywhere in the United States.

    Small claims court is the most likely venue, because you don't really need a lawyer to represent yourself and if Sony doesn't send a representative, you get a default judgement.

    Collecting might be a bitch, but in this case, it definitely won't be the lawyers making all the money.
    --
    [Fuck Beta]
    o0t!
  3. Re:How-to? by earthloop · · Score: 3, Informative

    You do a non-recursive lookup.


    [root@kryten pete]# nslookup
    > set norecurse
    > www.xmob.co.uk
    Server: 192.168.0.1
    Address: 192.168.0.1#53

    Name: www.xmob.co.uk
    Address: 217.77.184.55

    > www.microsoft.com
    Server: 192.168.0.1
    Address: 192.168.0.1#53

    Non-authoritative answer:
    *** Can't find www.microsoft.com: No answer
    >

  4. Re:Sony won't be harmed, users will by Perl-Pusher · · Score: 2, Informative

    It's also a slang term for non-judicial punishment,letter of reprimand, article 15 etc. Yes, it also means spanking. The term corporal punishment, is a variation from the term "slap on the wrist".

  5. Re:Problem not eliminated by jonfelder · · Score: 2, Informative

    The original post said management.

    While the person replying said "checkout line", the original post still makes sense.

  6. Re:Makes you wonder.... by CSfreakazoid · · Score: 2, Informative

    Having spent time Working for the government/military. It is entirely plausible that these ramdom people have admin access to their machines. I a user wants to intall a program they call the admin and he oversees it. after the third of fourth time, the admin gets tired of it, and gives the user local admin access. I had it after working there for only a week.

  7. Re:Never made sense by Effugas · · Score: 2, Informative

    What can I say? I got the data, saw what it said, rubbed my eyes and said...

    No, that's just...not...possible.

    And yet, the data just keeps coming back loud and clear.

    It doesn't do this for all names. Certainly, Sunncomm Mediamaxx is reported on far fewer networks -- 50K, maybe? And as mentioned, I threw out hundreds of thousands of servers for returning values they shouldn't already have cached.

    You know, if I was wrong -- and I'd love to be, it's a rare day in security where things are *better* than you thought -- you'd think Sony would have corrected me by now. But look at their very own figures:

    2.1M CD's sold.
    38% Penetration of the PC code.

    That's ~700K systems, which is vaguely in line. No, the count is not what's interesting...it's the international nature of the data. That just has no explanation to speak of.