Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sony RootKit Still A Problem?

Posted by CmdrTaco on from the this-stuff-never-dies dept.

XMilkProject writes "Current research indicates that some "350,000 networks--many belonging to the military and government--contain computers affected by [Sony's rootkit]." This is down from over half a million last month. "The security researcher worked from a list of 9 million domain-name servers.. asking each to look up whether an address used by the XCP software--in this case, xcpimages.sonybmg.com--was in the systems' caches." Will Sony face future repercussions for this potentially long-term damage?"

12 of 268 comments (clear)

  1. Safe.. by seann · · Score: 5, Funny

    Because new music sucks.

    --
    I'm a big retard who forgot to log out of Slashdot on Mike's computer! LOOK AT ME.
  2. They might as well change their name to by Anonymous Coward · · Score: 5, Funny

    NOSY

  3. Get Back On Our Own - Boycott Sony by Py+to+the+Wiz · · Score: 5, Interesting

    I personally don't buy CDs so I wasn't affected but from what I've heard there are some serious problems with the "patch" Sony provided. I'm just a bit curious... Does the patch keep the rootkit permanently disabled and removed? It seems to me that if we put a deviant Sony CD back into our computer that the rootkit would just be reinstalled. Then do we have to run the patch again? This is rediculous. I've do not intend on purchasing any music that has the SONY lable on it. This to me is just plain stupid. What gives Sony the right to install deviant software on "MY" pc and then make it stealth so that I don't know it's there. As far as I'm concerned I think that's the lowest a company can go. That's stooping to the level of those bastard red headed step children Spammers/Spyware installer/Virus/worm pushing assholes.

    I'm to the point now watching this rediculous attempt from Sony to attach it's controls on something that I purchase the rights to use/listen/backup and trying to enforce through deviant means. What is this rootkit supposed to do!? They just wanted to install it for the Hell Of It? Nope, it's supposed to reinforce their stupid DRM bullshit and keep me from listening to the music that I paid for. I'm to the end of my rope. I think that there needs to be a group or mutiple groups put together that should purposefully break what Sony is trying to do. I've been years out of the programming/Computer industry and thus lack the skills to do it, but I think that we should form Anti-DRM, anti-Sony groups to demolish the protection that they put on their stupid CD's. I will not from this day forward purchase anymore music from Sony until they drop their Bullshit practices. I call for a Boycot of Sony's Music. I'm not sure what one man can start, but I'll be damned if I'm going to stand around any longer and watch Sony impose itself on me! They want me to buy their shit, then they want to enforce by deviance their policy, and after all that they hijack my PC for WHo knows what! Ahhh! Time for a Revolution. I love my PS2, but am refusing to play it again until SONY stops all this Bullshit! No more video games purchased either. Damn you Sony! Leave me the Hell alone! Stay off of my Computer and my CD's! Damn you!

    With that said, I feel somewhat better, but am still disturbed deep inside that they would have to stoop to that level to try and enforce their protection. Maybe they don't realize that as the sound comes out of the speakers it can be recorded with a MIC and pirated that way, or through LINE OUT. Damn them. Rant Over.

    --
    Fight the fall of slashdot by supporting PlayfullyClever in your sig.
    1. Re:Get Back On Our Own - Boycott Sony by Luke+PiWalker · · Score: 5, Funny

      Better yet, you could take in an old box and drop it on the front desk and go "Excuse me, you've installed a virus on my PC via a Sony CD. Will you be removing it or should I charge by the hour at £X00(add as many 0s as you likee, but 2 sounds about right) for having to remove it via a repair guy (don't say you, it seems supicious).

      Demand compensation (for petrol to get there), the money to fix it and if they refuse tell them you'll take them to court for the damages (claim the box was used for something important like hosting websites and the rootkit has not passed some safety tests that all servers must pass at your company).

      Aww the fun of being a sick little geek :D

      --
      Fed up with slashdot? I am too.
  4. The quote that sums it up by Anonymous Coward · · Score: 5, Interesting


    "While the security issues related to the copy-protection software have apparently affected U.S. government and military computers, the Department of Justice will not likely get involved, said Jennifer Granick, executive director of the Center for Internet and Society at Stanford Law School.

    "I don't see the federal government suing a big company like Sony," she said. "The fact that military networks have likely been affected by this won't change that."

  5. Apology? by omeg · · Score: 5, Interesting

    By the way, regardless of the magnitude of this problem currently, has Sony ever formally apologized for their damaging rootkit? They've said that most people "shouldn't care", or that it was their "right" to cripple people's computers, but I've not once heard them say sorry. Can anyone clarify?

  6. Sony's unintended consequences hurts them by digitaldc · · Score: 5, Interesting

    Robert K. Merton listed five causes of unanticipated consequences:
    (I have applied them to Sony's decision to use rootkits)

    1. Ignorance (It is impossible for Sony to anticipate everything.)

    2. Error (Incomplete analysis of the rootkit problem, or following habits that worked in the past but may not apply to the current situation.)

    3. Immediate interest in stopping a computer from copying something, may override long-term interests of sustaining their reputation as honest and trustworthy.

    4. Basic values of trusting your customers may require or prohibit certain actions like installing a rootkit, even if the long-term result might be unfavorable. (These long-term consequences may eventually cause changes in those same basic values.)

    5. Installing malware on people's computers is always a self-defeating prophesy (Fear of some consequence drives people to find solutions before the problem occurs, thus the non-occurrence of the problem is unanticipated.)

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  7. Re:Makes you wonder.... by Prophet+of+Nixon · · Score: 5, Insightful

    Well, the scenario of taking CDs to work to play them on networked military PCs is not implausible at all; there are thousands of GS/staff employees who do that. What is implausible, at least in my experience, is those users having admin access to their machines. Was this rootkit able to install on XP under a user or power user account?

  8. Sony, the new ELO? by Anonymous Coward · · Score: 5, Funny

    ...I heard somewhere that if you play these new Sony CD(s) backwards, the rootkit data will say, "yur sole iss miiine. yur sole iss miine. Haaaaale Goooooogle! Whaaaaaat issss thigh bidding miii massster? RaaaaaaaaaaAaAaaAaaa!" ...and a plume of blood will shoot out of your CD tray and melt your face like that dude from Raiders of the Lost Ark.

    \\//_

  9. Re:Makes you wonder.... by Gonarat · · Score: 5, Insightful

    .. what kind of person takes their Sony CDs to work in order to play them on PCs on a military network. Kinda bizarre that that's even possible.

    Once upon a time, bringing in the CD would have been the safest way to listen to music. Nothing can be copied to a CD, and nothing could be brought in on a pressed CD other than music. Nothing for Military Security to be worried about. Ipods and other MP3 players could potentially be used to sneak data out.

    Of course now with the DRM crap on the "CD", this is no longer true. The once friendly store bought CD is now a potential risk. Way to go Music Industry! And you wonder why sales are down in 2005 from 2004...besides crappy offerings.

    --
    Beware of Sleestak
  10. Re:Makes you wonder.... by antiMStroll · · Score: 5, Interesting

    What's implausible is the Sony executives responsible for distributing a hidden exploit aren't basking in the Guantanamo sun. Had this been Swedish or Thai teens you can bet your ass their faces would adorn newpapers worldwide and software giants decrying the vandalism.

  11. exactly correct by Anonymous Coward · · Score: 5, Interesting

    The sony rootkit fiasco is an example of criminal conduct, not a civil tort matter. Why some high level Sony USA execs aren't in the slammer now is beyond me. Like you said, if some teenage scripter had done this, they would be facing 30 years or something, but because it's a large important company they are facing a few fines.