Antivirus firms consider protection against Sony DRM rootkit

Antivirus firms consider protection against Sony DRM rootkit

Summary: Kaspersky calls it spyware, while at Sophos it's ineptware. Whatever you call the software used by Sony's digital rights management, antivirus companies are considering adding protection against it to their products

TOPICS: Tech Industry
13 and we will add the capability to detect the bad stuff and give the enterprise more control over what is on their PCs. This software is the sort of thing we will consider adding."

At Kaspersky Labs, senior technology consultant David Emm said he was also dismayed to see Sony using rootkits. "We don't have an issue with Sony taking steps to protect its legal rights and licensing," he said. "But given that over the past 12 to 18 months we have seen an increasing use of rootkits (by criminals), to see similar technology being implemented from someone supposedly on the good side is particularly worrying."

Use of techniques that are usually the preserve of criminals by companies such as Sony are causing problems to antivirus and security companies. "Previously it has been possible to say a rootkit equals a bad thing, but now we're having to deal with things that are not so clear cut," he said.

Kaspersky uses the term riskware to define programs that behave like malware but may not have malicious intent behind them. Although it attempts to detect riskware, so that users can be asked what they would like to do with it and so that policies can be created, it does not currently detect the rootkit used by Sony's DRM. "At the moment this is still under discussion and no final decision has been made," he added.

[? /*CMS poll(20003927) */ ?]Sony's use of techniques usually employed by hackers and virus writers makes it much more difficult to differentiate between malicious and benign software, said Kaspersky on its blog. "Rootkits are rapidly becoming one of the biggest issues in cybersecurity. Vendors are making more and more of an effort to detect this kind of threat. So why is Sony opting to use this dubious technology?" wrote Kaspersky Labs.

"Naturally, we're strongly against this development. We can only hope that this message comes across loud and clear to the people who have a say in this at Sony and elsewhere. We'd hate to see the use of rootkits becoming a habit among mainstream software manufacturers when there are so many security and ethical arguments against such use."

Topic: Tech Industry

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Sony's rootkit DRM is the worst kind of business hubris. Just because you can, doesn't always mean you should.
  • I think that the message here is: why don't anti-virus firms detect and stop rootkits in general?

    And in case you're wondering if you have one. Here's a free little and nice tool that you might find helpfull:

    And you might want to go here as well.
  • I think the best thing we can do is boycott ALL Sony products. Let's start with the Playstation 2 and PSP and then move on to SonyBMG records. I'm sick of Sony trying to ram their proprietary formats down our throat rather than support industry/open standards. The list includes Minidisc, ATRAC, Memory Stick, Betamax, Blu Ray DVD, HiFD, DAT, Sony Dynamic Digital Sound, UMD, SACD, ATRAC3. Go to the Sony music download site - you can only download music in ATRAC3 which only works on Sony hardware. Until 2004 they refused to even support MP3 in their hardware. Luckily for us Samsung, LG and the Chinese will put Sony's Consumer Electronics business out of business.
  • Well.....seems like a prime time to boycott all Sony products.
  • Christmas to come (and many more) should be a "No SONY Christmas"

    I am satisfied that the stealth-software installed by Sony is facilitating further stealth attacks from hackers by hiding other malware from AV software, that the stealth-software communicates with a Sony site, which allows for future intrusions by Sony, even if this appears currently not to be the case. To make a clear statement about the undesirability of worldwide brands intruding the private sphere of computer users and exposing them to risks, it is necessary that the public react strongly. Though I welcome attempts to protect IP, as long as it doesn't lead to excessive prices, the methods should be certainly not of an endangering nature. Sony clearly has failed to inform the customers of the nature of their protection kit, and the fact that Sony is unwilling to accept that their technicians have failed to observe careful programming must be told in no uncertain terms. Their arrogant attitude about the scandal they have created and their undiscerning approach must be exposed by the means available.

    The above combined with all kind of other monopoly attempts by Sony make action absolutely necessary. We have already one monopolist in the world of computers that grossly abuses its position - because the legislators have failed to protect consumers, not because of the monopolist
  • Sony and Philips have a long history of implementing restricive code into their audio products, from the DCC to the mini disk, and now the CD. None of these technologies benefit the honest consumer. I stopped buying Philips products after their use of copy protection prevented me from copying my own music. Now I will endevour to never buy a copy protected CD. Although I do already own several CD's which will only play on my twelve year old CD player
  • These DRM programs violate the entire reason for purchasing CD's over music downloads. That is, when copied onto your computer the bit rate is low and quality is poor. The DRM tracks included on CD
  • A good article on Sony, DRM in general, peoples rights...
  • Hiding something says it all. It is bad.

    anyway, the software patch available on the sony bmg site, which will remove the cloaking abality, is a full version install ..
  • Errr, Sony is far from alone with this DRM thing. There's Hollywood, Microsoft, others. Most likely because of the money involved in it for them. If you don't like DRM (rootkit or not) then you better start asking for regulations that require "DRM protected" stickers on all products that have it so you know what and what not to buy.
  • Surely it can not be legal to violate my privacy in this way without a court order?
  • It just gets worse .. New Sony Digital Camera Installs Rootkit to Stop Photo Sharing

    Many consumers are complaining about Sony's new Cybershot DSCP515 camera that installs digital rights management (DRM) software on the person's computer so they are unable to share their digital pictures with anyone.
    The DRM is similar to the one which Sony recently came under fire for on its music CDs. That software installed rootkits on consumer's computers making them vulnerable to cyberattacks.

    "Picture sharing flies under the radar when it comes to piracy," said Wilkerson. "People know about the dangers of music and movie piracy, but not about the dangers of sharing personal photos. What happens if a person takes a picture of Mariah Carey's latest CD? Think of the children."

    The system which also makes it difficult to print out pictures has prompted complaints from consumers. "I tried to send a picture of my daughter to her Uncle Tim, but this window popped up saying it was blocked. I decided to print it out and mail it to him. There was a 14-page license agreement that printed out first that I had to fill out and fax to Sony so they could send me an authorization code to print out the picture."
    This is a satire article from