top 10 reasons why it's bad to include a rootkit in your CD.Follow

http://news.yahoo.com/s/nm/20051110/tc_nm/sony_hack_dc

So some ******* in marketing thinks to himself "hey, we can hide our copy protection software using spyware tactics! yay! i'll get a promotion, and the millions of comouter users out there won't notice the performance decrease on their computers every time they play a cd... nooo, that couldn't happen. But wait? what if someone hijacks our spyware sneakyness and uses it for evil? nah...

1 week later:

AMSTERDAM (Reuters) - A computer security firm said on Thursday it had discovered the first virus that uses music publisher Sony BMG's (6758.T) controversial CD copy-protection software to hide on PCs and wreak havoc.

Under a subject line containing the words "Photo approval," a hacker has mass-mailed the so-called Stinx-E trojan virus to British email addresses, said British anti-virus firm Sophos.

When recipients click on an attachment, they install malware, which may tear down a computer's firewall and give hackers access to a PC. The malware hides by using Sony BMG software that is also hidden -- the software would have been installed on a computer when consumers played Sony's copy-protected music CDs.

"This leaves Sony in a real tangle. It was already getting bad press about its copy-protection software, and this new hack exploit will make it even worse," said Sophos's Graham Cluley.

Later on Thursday, security software firm Symantec Corp. (Nasdaq:SYMC - news) also discovered the first trojans to abuse the security flaw in Sony BMG's copy-protection software. A trojan is a program that appears desirable but actually contains something harmful.

Sony BMG's spokesman John McKay in New York was not immediately available to comment.

The music publishing venture of Japanese electronics conglomerate Sony Corp. (6758.T) and Germany's Bertelsmann AG (BERT.UL) is distributing the copy-protection software on a range of recent music compact disks (CDs) from artists such as Celine Dion and Sarah McLachlan.

When the CD is played on a Windows personal computer, the software first installs itself and then limits the usage rights of a consumer. It only allows playback with Sony software.

The software sparked a class action lawsuit against Sony in California last week, claiming that Sony has not informed consumers that it installs software directly into the "roots" of their computer systems with rootkit software, which cloaks all associated files and is dangerous to remove.

Sophos said it would have a tool to disable the copy protection software available later on Thursday.

Sony BMG made a patch available on its Web site on Tuesday that rids a PC from the "cloaking" element that is part of the copy-protection software, while claiming that "the component is not malicious and does not compromise security."

The patch does not disable the copy protection itself.

The Sony copy-protection software does not install itself on Macintosh computers or ordinary CD and DVD players.

Don't they count as viruses in themselves?

Why aren't people mad that Windows can create hidden directories without informing the user?

Please, Im in no way defending Sonys BS at all, but it makes you wonder if this is the only instance of such an exploitation.. God, Windows is such fuc[/u]king garbage!

You can also have some fun with alternate data streams in NTFS if you like hiding things.

Not me.

You never let me have any fun.

I'll add to Kao's post,

Some MMORPG hackers hide their software behind sony's rootkit to protect them from the scans some MMO's have (World of Warcraft, Linage series for example)

3 viruses now found:

http://news.bbc.co.uk/2/hi/technology/4430608.stm

and up to 6 class action suits against Sony Corp. very very very glad to see them getting the short end of the stick for a change.

cheers thanks

and one more link to add to the frey.


http://www.theinquirer.net/?article=27426

You have to wonder how long it's going to be before some idiot marketing exec decides "hey, let's include these on game cd's too!"