“Let our rigorous testing and reviews be your guidelines to A/V equipment – not marketing slogans”
Facebook Youtube Twitter instagram pinterest

Sony Rootkit Strikes Again... And Again

by August 30, 2007
Sony and Rootkits, Part Two

Sony and Rootkits, Part Two

It was reported on Reuters that high-end memory sticks sold by Sony Corp can make personal computers vulnerable to attack by computer hackers, according to researchers with two Internet security firms. It's the attack of the Sony rootkit... part two... or is it part 3?

Sony's MicroVault USB memory stick and fingerprint reader comes with rootkit software that creates a hidden directory on the computer's hard drive. This was discovered by researchers with F-Secure Corp, the Finnish security software maker who also discovered the 2005 DRM-centric rootkit.

They say that the USB case is not as bad as the XCP DRM case, largely because users at least know they are installing software from a provided CD. There is also a way to uninstall the software, removing the rootkit. Additionally, the fingerprint reader's driver wasn't as deeply hidden as the XCP DRM folder. As a result compromising software wouldn't be made as invisible from antivirus scanners.

Some other differences listed on the blog of F-Secure Corp:

  • The Microvault software does not hide processes or registry keys. XCP DRM did.
  • It's also trickier to run executables from the hidden directory than with XCP. However, it can be done.
  • With the DRM rootkit, Sony was attempting to restrict the user from accessing the music on a CD they bought. With the fingerprint reader they are simply attempting to guard against unauthorized use and access as part of the security process. Their intent is more beneficial to the consumer in this case.

The trouble is that this new rootkit (locally downloadable at sony.net) can be used by any malware author to hide any folder. If you extract one executable from the package and include it with malware, it will hide that malware's folder, no questions asked.

In general rootkits are neat pieces of software, however they carry the potential of being abused and allowing malicious software (malware) writers opportunities to infect personal computers. The invisible nature of rootkits makes them more difficult to detect by typical antivirus programs.

On Tuesday, researchers with McAfee Inc. said they had confirmed the vulnerability described by F-Secure.

“The apparent intent was to cloak sensitive files related to the fingerprint verification feature included on the USB drives,” said McAfee spokesman Dave Marcus. “However, software creators apparently did not keep the security implications in mind. The application could be used to hide arbitrary software, including malicious software.”

F-Secure is the company that found Sony software installing hidden directories on the drives of its customers in the 2005 case involving DRM software for Sony CDs.

mtrycrafts posts on August 31, 2007 15:55
GlocksRock, post: 303393
Yet another reason why I can't stand Sony and refuse to buy their products… and another reason I hope HD-DVD wins.

Hope you are not a BR fan What are they hiding in that?
mtrycrafts posts on August 31, 2007 15:54
admin, post: 303369
It was reported on Reuters that high-end memory sticks sold by Sony Corp can make personal computers vulnerable to attack by computer hackers, according to researchers with two Internet security firms. It's the attack of the Sony rootkit… part two… or is it part 3? Sony's MicroVault USB memory stick and fingerprint reader comes with rootkit software that creates a hidden directory on the computer's hard drive. This was discovered by researchers with F-Secure Corp, the Finnish security software maker who also discovered the 2005 DRM-centric rootkit.


Discuss “Sony Rootkit Strikes Again… And Again” here. Read the article.


And we want the Blu-Ray to be the high def DVD format???
patnshan posts on August 31, 2007 09:06
I hate Sony because of the first time, thanks for the additional ammo.

There was also a nice article I saw today about how their proprietary digital music program has officially flopped (it really flopped at the starting gate, they have just finally admitted it).

Pat
naisphoo posts on August 31, 2007 08:43
jliedeka, post: 303407
I don't think it's really a root kit but could be a root kit enabler. I guess that doesn't make a poignant headline, though.

Jim

Sony this and that….this site is so anti-Sony. But yet we never heard of the red ring of death and the 33% failure rate for the xbox 360…or the crappy, full of bugs Vista.
jliedeka posts on August 30, 2007 16:24
I don't think it's really a root kit but could be a root kit enabler. I guess that doesn't make a poignant headline, though.

Jim
Post Reply
About the author:
author portrait

Clint Deboer was terminated from Audioholics for misconduct on April 4th, 2014. He no longer represents Audioholics in any fashion.

View full profile