Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sony Rootkit may Lead to Regulation

Posted by ryuzaki0 on from the enough-is-enough dept.

An anonymous reader writes "Computerworld has a story about DHS officials meeting with Sony to read them the riot act, following the rootkit fiasco. From the story: 'A U.S. Department of Homeland Security (DHS) official warned today that if software distributors continue to sell products with dangerous rootkit software, as Sony BMG Music Entertainment recently did, legislation or regulation could follow.'"

8 of 266 comments (clear)

  1. Mr. & Mrs. Smith DVD by rminsk · · Score: 4, Informative

    Lets hope the industry learns soon. There are recent products shipping with rootkits on them like the german release of Mr. and Mrs. Smith. http://www.f-secure.com/weblog/archives/archive-02 2006.html#00000810

    1. Re:Mr. & Mrs. Smith DVD by Bazzalisk · · Score: 2, Informative

      Nope, it's a trojan, and it requires you to give it your admin password to do anything realy nasty.

      --
      James P. Barrett
    2. Re:Mr. & Mrs. Smith DVD by Tony+Hoyle · · Score: 3, Informative

      Oh and it *is* a true virus. It replicates in exactly the same way as eg. an outlook virus.

      Apple haven't got a fix out yet but I guess they will soon (WTF is system software doing loading libraries from the home directory anyway? There's a *reason* why /usr/lib is only writable by root..)

      From the virus summary:

      "Leap.A installs a bundle to '~/InputManagers/apphook' that hooks certain iChat functions. When any of the user's buddies change their status, the worm initiates a file transfer and sends a copy of ' 'latestpics.tgz'. The file transfer is not visible to the user as the worm hides the transfer status information."

      "The worm enumerates all applications on the computer that were used during the last month. Leap.A replaces the main executable of those applications with itself and saves the original file to a resource fork with the same filename. When the application is opened the worm activates first, then it runs the original application from the resource fork."

  2. Talk about a misleading submitted post by will_die · · Score: 2, Informative

    The main bulk of the article is about a recent speech where the director of law enforcement policy talked about how companies should be careful about how they implement copy protection and how it should not damage or surprise users in how it works.
    In there is a small paragraph mentioning that DHS and a talk with Sony that what they did "was not a useful thing", which becomes the main thing.
    The thing thing that should of been focused on was the message from DHS that companies should not defeat the security measures that people have in place on thier computers.

  3. What is a rootkit? by tom6a · · Score: 5, Informative

    If you are looking for a good reference to understand a rootkit I recommend Matt Vea's article "Rootkits: The 'r00t' of Digital Evil." He wrote it back in Novemeber when the Sony fiasco was first revealed. Link: http://www.omninerd.com/2005/11/22/articles/43

  4. Re:wrong act.... by sunya · · Score: 2, Informative

    Quibble, with both parent and GP, but The Riot Act comes into force only after it has been read out, bit it aint so with the RICO or PATRIOT : Hence the phrase "Reading the Riot Act"

    --
    MLT - simple and robust open source multimedia framework for Linux
  5. Sony BMG settles by Dachannien · · Score: 4, Informative

    On a side note, Sony BMG settled the class action lawsuit filed against them by the EFF. If you want replacement CDs released by Sony BMG that don't have XCP or MediaMax on them, head to http://www.eff.org/sony for more info.

    It's your chance to stick it to the man.

  6. Re:The recent Sony experience by Anonymous Coward · · Score: 3, Informative

    Surprised it ever made its way onto your list at all. Our MD got one (does a lot of presentations to clients, so the flashy screen helps the product look good), and the first thing I had to do was install XP Pro on it (it has to run a local IIS web server). It has an SATA HDD.

    As I have had many bad experiences with upgrading windows I tried to do a clean install of XP Pro. SATA not supported. OK, I thought, I'll download the controller drivers, write to floppy, and do the whole F6 thing.

    Checked the Sony website, no drivers. Checked Google, no drivers. Nowhere was any mention even of what controller the machine used. Fine, I thought, put in a support call. It went something like this:

    Me: "Hi, I'm installing XP Pro, blah blah blah, can you give me the drivers please?"

    Them: "Sorry, we don't support other operating systems"

    Me: "That's fine. I don't expect any support after this. Please send me the drivers"

    Them: "Sorry, we don't support other operating systems"

    I think: OK, that's the way it's going to be.

    Me: "OK. Please can you tell me what SATA controller is in the machine?"

    Them: "No. We cannot provide that information."

    At this point, I was a little agitated (which I didn't take out on the poor helpdesk guy), but that was basically the end of the conversation.

    This was some time before the whole rootkit fiasco came to light. Just a heads up for anyone else out there - don't buy Sony equipment - turns out you are only allowed to use it how they want you to. We certainly never will again. Seems very appropriate in hindsight...