puttin’ a rootkit on ya
Ok, one more link about Sony being teh e-vil – because it discusses the facet of the story that interests me more, not necessarily “how could Sony?” but more, “how could all those other people I pay to keep my system safe drop the ball?”
Real Story of the Rogue Rootkit | Wired News
The story to pay attention to here is the collusion between big media companies who try to control what we do on our computers and computer-security companies who are supposed to be protecting us.
Initial estimates are that more than half a million computers worldwide are infected with this Sony rootkit. Those are amazing infection numbers, making this one of the most serious internet epidemics of all time — on a par with worms like Blaster, Slammer, Code Red and Nimda.
What do you think of your antivirus company, the one that didn’t notice Sony’s rootkit as it infected half a million computers? And this isn’t one of those lightning-fast internet worms; this one has been spreading since mid-2004. Because it spread through infected CDs, not through internet connections, they didn’t notice? This is exactly the kind of thing we’re paying those companies to detect — especially because the rootkit was phoning home.
But much worse than not detecting it before Russinovich’s discovery was the deafening silence that followed. When a new piece of malware is found, security companies fall over themselves to clean our computers and inoculate our networks. Not in this case.
P.S. An interesting footnote, on all those artists’ cd pages at Amazon: This Sony CD includes XCP digital rights management (DRM) software. Due to security concerns raised about the use of CDs containing this software on PCs, Sony has asked Amazon.com to remove all unsold CDs with XCP software from our store. If you have purchased this CD from Amazon.com, you may return it for a full refund regardless of whether the CD is opened or unopened, following our normal returns process. Simply indicate that the CD is “defective” as the reason for return. – HA, damn right it’s defective.