Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sony RootKit Still A Problem?

Posted by CmdrTaco on from the this-stuff-never-dies dept.

XMilkProject writes "Current research indicates that some "350,000 networks--many belonging to the military and government--contain computers affected by [Sony's rootkit]." This is down from over half a million last month. "The security researcher worked from a list of 9 million domain-name servers.. asking each to look up whether an address used by the XCP software--in this case, xcpimages.sonybmg.com--was in the systems' caches." Will Sony face future repercussions for this potentially long-term damage?"

12 of 268 comments (clear)

  1. Settled too soon. by gasmonso · · Score: 4, Insightful

    If you look at the settlement in the New York District court it is nothing more than a slap on the wrist. Sony knowingly infected computers with what amounts to a trojan horse. In return they have to pay a little money and promise not to do it again. That's insane when you consider the witch hunts that have taken place for 16 year-old kids releasing a virus. Sony needs to pay and pay dearly for their deliberate criminal actions. The government always wants to send hackers a strong message...well then the same applies to corporations!

    http://religiousfreaks.com/
  2. Repurcussions? No. by mindaktiviti · · Score: 3, Insightful

    "Will Sony face future repercussions for this potentially long-term damage?"

    No they won't because they're a huge multinational corporation who will probably layoff some employees and reward their top execs from the whole ordeal. I'm not trying to be some hippie about this, it's just the way the world works.

  3. Of Course, that is Sony's Security Policy by slashbob22 · · Score: 3, Insightful

    Security through Obscurity.

    --
    Proof by very large bribes. QED.
  4. Simple answer.. by ThePatrioticFuck · · Score: 3, Insightful

    Will Sony face future repercussions for this potentially long-term damage?

    Of course not. They may pay a (relatively) small fine or two, but a quick a donation to a politician here and there, and that'll be all she wrote.

  5. Re:Makes you wonder.... by Prophet+of+Nixon · · Score: 5, Insightful

    Well, the scenario of taking CDs to work to play them on networked military PCs is not implausible at all; there are thousands of GS/staff employees who do that. What is implausible, at least in my experience, is those users having admin access to their machines. Was this rootkit able to install on XP under a user or power user account?

  6. Problem not eliminated by gbobeck · · Score: 4, Insightful

    Part of the problem with the Sony Rootkit is the fact that many stores **STILL** are selling the rootkit enhanced CDs.

    I personally have seen this at several Borders stores in my area, and each time I mention this to the management I recieve blank "deer in the headlights" looks.

    --
    Navicula hydraulica plena anguilarum est. Omnes castelli tuus nostri sunt. Ed elli avea del cul fatto trombetta.
    1. Re:Problem not eliminated by quokkapox · · Score: 4, Insightful
      You would receive a similar blank stare if you remarked about mercury levels in the cans of tuna you are buying at the grocery store.

      The retail checkout line is not the place to wage these types of battles.

      --
      it's a blue bright blue Saturday hey hey
    2. Re:Problem not eliminated by meringuoid · · Score: 3, Insightful
      rootkit enhanced CDs

      This battle is one of propaganda as much as anything else. If you use the enemy's terminology, you've already lost.

      These are rootkit infected CDs. Use that phrase in conversation with your non-techie friends. 'Damn, I got an infected CD from Sony.' They'll not grasp all the geek details, but they'll get the picture.

      Similarly, call what it is trying to do 'Digital Restrictions Management' whenever you have to explain what 'DRM' is. It's a far truer portrayal of what's going on.

      --
      Real Daleks don't climb stairs - they level the building.
  7. End result by quokkapox · · Score: 4, Insightful
    These CDs will be out there forever, in users' libraries and bought and sold by used CD shops and flea markets. The end result of this fiasco is that Sony discs are something you watch out for and don't risk sticking in your computer, unless you're running the latest antivirus/antispyware software.

    Sony == Dangerous to my PC

    What a great way to promote a brand.

    --
    it's a blue bright blue Saturday hey hey
  8. Sadly, no. by sethadam1 · · Score: 4, Insightful

    Sadly, not only will Sony face no long term damage, but this will be a blockbuster year for them as they release PS3 and millions of quick-to-forget Slashdotters rush out to buy a PS3.

    If consumers were smart, they'd go buy a Nintendo Revolution - or even an Xbox - and intentionally skip the next Playstation. Unfortunately, they won't, because their souls are fueled by acquisition and shiny-new-toy syndrome.

  9. Re:Makes you wonder.... by Gonarat · · Score: 5, Insightful

    .. what kind of person takes their Sony CDs to work in order to play them on PCs on a military network. Kinda bizarre that that's even possible.

    Once upon a time, bringing in the CD would have been the safest way to listen to music. Nothing can be copied to a CD, and nothing could be brought in on a pressed CD other than music. Nothing for Military Security to be worried about. Ipods and other MP3 players could potentially be used to sneak data out.

    Of course now with the DRM crap on the "CD", this is no longer true. The once friendly store bought CD is now a potential risk. Way to go Music Industry! And you wonder why sales are down in 2005 from 2004...besides crappy offerings.

    --
    Beware of Sleestak
  10. Re:exactly correct by BVis · · Score: 3, Insightful
    Why some high level Sony USA execs aren't in the slammer now is beyond me.
    Rich people don't go to jail; also, the law hasn't caught up to this kind of crime, especially on this scale. (Martha Stewart went to prison because she was charged and convicted under well-understood and established laws.) Ask the average attorney what the crime is here and you'll get blank stares, not because it isn't blatantly illegal, but because the average person doesn't know or care about this kind of thing.
    Like you said, if some teenage scripter had done this, they would be facing 30 years or something,
    Unless Daddy is loaded. Then he'd get 20 hours community service and six month's probation. OTOH, if the teen in question was middle- or lower- class, its PMITA prison time.
    --
    Never underestimate the power of stupid people in large groups.