Sony security blunder

Ouch...this has to go in as our first "Classic quote" for Security Market Wrap!

Two weeks ago a Windows operating system expert named Mark Russinovich described how Sony's new controversial DRM copy protection technology for CD's, named XCP (Extended Copy Protection) used "rootkit" cloaking techniques to hide itself on his computer. (See here). At the time, Russinovich described the software as "digital rights management gone too far," and criticized it for not warning users that it would become virtually undetectable and extremely difficult to remove.

This caused somewhat of a heated battle between Sony and the security community.Rootkit software uses a variety of techniques to gain access to a system and then cover up any traces of its existence so that it cannot be detected by system tools or antivirus software. Russinovich and other computer experts were concerned that hackers might somehow use XCP's cloaking ability to hide their software from antivirus products. That prediction came true Thursday when the first variations of a malicious Trojan program that exploited the XCP software began circulating on the Internet.

A day later, Sony announced that it was abandoning the project. The Sony Rootkit issue as it became known, prompted calls for an office clampdown on CD use.

CATEGORIES: 1classic quote, 1rootkits, 1DRM, 1rights management