November 11, 2005 General 3

Schneier on Security:

Bruce Schneier was where I first heard about this at. It has since gotten much worse. I have purposely not posted on this until things have shaken out a bit.

1. First it is discovered that sony has been installing a rootkit into wondows systems via it’s audio cd’s.

2. Mark Russinovich first discovered the sony rootkit by running the latest version of his Rootkit revealer on his own system.

3. It was then discovered by the same researcher that removing the DRM can and usually does result in the loss of your cd-rom drive. If you use the uninstaller that was released it can crash windows due to poor coding.

4. It has been further discovered that the drm software phones home about what cd you are playing and the tracks you are playing. This is classic spyware behavior.

5. The first external thing is that a world of warcraft hack that uses the sony rootkit to hide itself.

6. A trojan was rewritten to take advantage of the rootkit from sony to hide itself.

7. It is later discovered that this rooting behavior extends to the Mac as well.

I am now having to lock down my client’s neworks in terms of denying usage to the cd-rom drive.

*UPDATE*: Sony has ditched the DRM but serious problems continue to exist(Hat Tip: Freedom to Tinker). Namely the uninstaller opens computers up to serious security holes as well(another Kudos to Freedom To Tinker). The security issues are even worse than the original cloaking exploit.