Antivirus firms consider protection against Sony DRM rootkit

Antivirus firms consider protection against Sony DRM rootkit

Summary: Kaspersky calls it spyware, while at Sophos it's ineptware. Whatever you call the software used by Sony's digital rights management, antivirus companies are considering adding protection against it to their products

TOPICS: Tech Industry

Antivirus firms are considering protecting their customers from the digital rights management software used by Sony on some CDs.

Kaspersky Labs has classed Sony's DRM software as spyware because, among other things, it can cause crashes and loss of data and it can compromise system integrity and security.

Explaining its decision, Kaspersky said it used the definition of spyware provided by the Anti-Spyware Coalition. Sophos is similarly scathing of Sony and is calling the software "ineptware".

The issue reaches much further than the individual PCs of those users who buy particular Sony CDs, say the antivirus companies. The DRM software uses what is known as a rootkit, which means that it is invisible to the operating system, to most anti-virus and security software and to IT departments trying to cope with security on user's desktop and notebook PCs.

Furthermore, say the antivirus companies, the software can be exploited by hackers and viruses and used to cloak any file from the operating system.

"The Sony rootkit can be used to hide any files from the operating system, so we think the way that Sony has implemented this is somewhat flawed," said Graham Cluley, senior technology consultant at Sophos. "The danger is that other malware may come along which exploits the Sony rootkit."

Due to what Cluley said is a lack of malicious intent on Sony's part, Sophos is not defining the rootkit itself as malware, preferring instead to refer to it as ineptware.

"We don't really believe this is malware and so we don't currently detect it," said Cluley. However, he said detection for rootkits like that used by Sony will be built into Sophos Antivirus version 6, due out in 2006. "This is potentially unwanted...

For more, click here...

Topic: Tech Industry

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Sony's rootkit DRM is the worst kind of business hubris. Just because you can, doesn't always mean you should.
  • I think that the message here is: why don't anti-virus firms detect and stop rootkits in general?

    And in case you're wondering if you have one. Here's a free little and nice tool that you might find helpfull:

    And you might want to go here as well.
  • I think the best thing we can do is boycott ALL Sony products. Let's start with the Playstation 2 and PSP and then move on to SonyBMG records. I'm sick of Sony trying to ram their proprietary formats down our throat rather than support industry/open standards. The list includes Minidisc, ATRAC, Memory Stick, Betamax, Blu Ray DVD, HiFD, DAT, Sony Dynamic Digital Sound, UMD, SACD, ATRAC3. Go to the Sony music download site - you can only download music in ATRAC3 which only works on Sony hardware. Until 2004 they refused to even support MP3 in their hardware. Luckily for us Samsung, LG and the Chinese will put Sony's Consumer Electronics business out of business.
  • Well.....seems like a prime time to boycott all Sony products.
  • Christmas to come (and many more) should be a "No SONY Christmas"

    I am satisfied that the stealth-software installed by Sony is facilitating further stealth attacks from hackers by hiding other malware from AV software, that the stealth-software communicates with a Sony site, which allows for future intrusions by Sony, even if this appears currently not to be the case. To make a clear statement about the undesirability of worldwide brands intruding the private sphere of computer users and exposing them to risks, it is necessary that the public react strongly. Though I welcome attempts to protect IP, as long as it doesn't lead to excessive prices, the methods should be certainly not of an endangering nature. Sony clearly has failed to inform the customers of the nature of their protection kit, and the fact that Sony is unwilling to accept that their technicians have failed to observe careful programming must be told in no uncertain terms. Their arrogant attitude about the scandal they have created and their undiscerning approach must be exposed by the means available.

    The above combined with all kind of other monopoly attempts by Sony make action absolutely necessary. We have already one monopolist in the world of computers that grossly abuses its position - because the legislators have failed to protect consumers, not because of the monopolist
  • Sony and Philips have a long history of implementing restricive code into their audio products, from the DCC to the mini disk, and now the CD. None of these technologies benefit the honest consumer. I stopped buying Philips products after their use of copy protection prevented me from copying my own music. Now I will endevour to never buy a copy protected CD. Although I do already own several CD's which will only play on my twelve year old CD player
  • These DRM programs violate the entire reason for purchasing CD's over music downloads. That is, when copied onto your computer the bit rate is low and quality is poor. The DRM tracks included on CD
  • A good article on Sony, DRM in general, peoples rights...
  • Hiding something says it all. It is bad.

    anyway, the software patch available on the sony bmg site, which will remove the cloaking abality, is a full version install ..
  • Errr, Sony is far from alone with this DRM thing. There's Hollywood, Microsoft, others. Most likely because of the money involved in it for them. If you don't like DRM (rootkit or not) then you better start asking for regulations that require "DRM protected" stickers on all products that have it so you know what and what not to buy.
  • Surely it can not be legal to violate my privacy in this way without a court order?
  • It just gets worse .. New Sony Digital Camera Installs Rootkit to Stop Photo Sharing

    Many consumers are complaining about Sony's new Cybershot DSCP515 camera that installs digital rights management (DRM) software on the person's computer so they are unable to share their digital pictures with anyone.
    The DRM is similar to the one which Sony recently came under fire for on its music CDs. That software installed rootkits on consumer's computers making them vulnerable to cyberattacks.

    "Picture sharing flies under the radar when it comes to piracy," said Wilkerson. "People know about the dangers of music and movie piracy, but not about the dangers of sharing personal photos. What happens if a person takes a picture of Mariah Carey's latest CD? Think of the children."

    The system which also makes it difficult to print out pictures has prompted complaints from consumers. "I tried to send a picture of my daughter to her Uncle Tim, but this window popped up saying it was blocked. I decided to print it out and mail it to him. There was a 14-page license agreement that printed out first that I had to fill out and fax to Sony so they could send me an authorization code to print out the picture."
    This is a satire article from