Slashdot Mirror

← Back to Stories (view on slashdot.org)

Another Sony Rootkit?

Posted by ScuttleMonkey on from the slow-learners dept.

An anonymous reader writes to tell us F-Secure is reporting that the drivers for Sony Microvault USB sticks uses rootkit techniques to hide a directory from the Windows API. "This USB stick with rootkit-like behavior is closely related to the Sony BMG case. First of all, it is another case where rootkit-like cloaking is ill advisedly used in commercial software. Also, the USB sticks we ordered are products of the same company — Sony Corporation. The Sony MicroVault USM-F fingerprint reader software that comes with the USB stick installs a driver that is hiding a directory under "c:\windows\". So, when enumerating files and subdirectories in the Windows directory, the directory and files inside it are not visible through Windows API. If you know the name of the directory, it is e.g. possible to enter the hidden directory using Command Prompt and it is possible to create new hidden files. There are also ways to run files from this directory. Files in this directory are also hidden from some antivirus scanners (as with the Sony BMG DRM case) — depending on the techniques employed by the antivirus software. It is therefore technically possible for malware to use the hidden directory as a hiding place."

15 of 317 comments (clear)

  1. Re:Is there a way to permanantly disable this? by BronsCon · · Score: 2, Funny

    Is there anything that would break if one was to find a way to nullify this functionality in OS calls?
    No. But, the universe would begin to unravel as Windows became more secure.

    Yes. That flushing sound you hear is my karma going down the toilet.
    --
    APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
  2. Re:Sony by omeomi · · Score: 2, Funny

    Don't forget about Memory Stick, the solution to a problem that nobody has...a lack of choices among removable flash storage media.

    --
    ZuluPad, the wiki notepad on crack
  3. Re:Sony by hackstraw · · Score: 3, Funny

    It started when they became an entertainment corp, rather than a technology corp.

    So, are rootkits entertainment or technology?

  4. Re:Sony by Anonymous Coward · · Score: 5, Funny

    I'm finding this all quite entertaining, I must say. So I think that's your answer.

  5. Wikipedia? by Spy+der+Mann · · Score: 5, Funny

    So, it sounds like a rootkit as described by wikipedia.

    Not for long! *rushes to edit wikipedia*

    "A rootkit is a set of software tools intended to conceal running processes, files or system data from the operating system, except when it's with Sony products"

    There! Now by definition, sony's isn't a rootkit anymore! :D

    (Legal Disclaimer: This was actually a joke, I didn't vandalize wikipedia or the like. <-- you can't never be too sure these days)

    1. Re:Wikipedia? by Anonymous Coward · · Score: 1, Funny

      Yes, but I did. And Spy der Mann will take all the blame, bwahaha.

    2. Re:Wikipedia? by Spy+der+Mann · · Score: 2, Funny

      Just remember your IP is recorded :P

  6. Re:Sony by Anonymous Coward · · Score: 2, Funny

    Which shows that better marketing beats better technology...

    The proliferation of Windows and the proliferation of x86 processors is the ultimate proof of that statement.

  7. Re:Format before use by Bob+of+Dole · · Score: 2, Funny

    "If these USB memory cards are just like doors, then this mythbusters episode is relevant!"

    Come on man, I know mythbusters is cool and all, but whaaaaaaaaaaaaat

    --
    I respond to your sigs
  8. Re:Sony by Captain+Splendid · · Score: 1, Funny

    So, are rootkits entertainment or technology?

    It's shitty technology, but it's damn entertaining watching 'em do it.

    --
    Linux, you magnificent bastard, I read the fucking manual!
  9. Re:A Nasty Trick by sholden · · Score: 2, Funny

    Whenever people left themselves logged in (not as root, since no one used root...) we'd always add

    echo sleep 1 >>$HOME/.bash_profile

    to their .bash_profile

  10. If it looks like a duck... by IBBoard · · Score: 4, Funny

    If it looks like a duck, quacks like a duck,...

    Then lawyers for some large corporation will argue that it's actually some previously rare form of feathered marsupial?
  11. A propos... by Mr_Icon · · Score: 2, Funny

    A humorous story about what would happen if porn had "root kits." (SFW)

    --
    If you open yourself to the foo, You and foo become one.
  12. Karma Abuse Poetry by MightyMartian · · Score: 2, Funny

    Let's see if I can get even more karma by posting this old poem I wrote on Sony last year:

    Well the Devil had a brand new plan,
    "I don't want any ordinary DRM!"
    So he called his boys at Sony Corp,
    "I'll make this fast and I'll make it short."

    "There's a Limey company, as evil as hell,
    They've got a rootkit they're waiting to sell.
    So grab some cash, make it quick,
    There's a half million networks we just gotta fix."

    Now Sony knew the Devil well,
    Why these guys were already half way to Hell.
    So off they went to England fair,
    And bought themselves a rootkit there.

    To protect themselves and their evil scheme,
    They wrote a EULA that would make you scream.
    "No problem," they said, "we can do as we please,
    We're all scummy bastards, so what's some more sleaze?"

    But not all were asleep when they played Van Zant,
    And the racket grew so loud Sony just had to recant.
    "We'll take back all those discs, we really were wrong,
    Oh, and you Mac users, your turn's coming before long."

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  13. Re:Sony by Alioth · · Score: 2, Funny

    Where have all the rootkits gone?
          Long time passing
    Where have all the rootkits gone?
          Long, long ago
    Sony picked them, every one.
          When will they ever learn?
          When will they ever learn.

    --
    Oolite: Elite-like game. For Mac, Linux and Windows