At Kaspersky Labs, senior technology consultant David Emm said he was also dismayed to see Sony using rootkits. "We don't have an issue with Sony taking steps to protect its legal rights and licensing," he said. "But given that over the past 12 to 18 months we have seen an increasing use of rootkits (by criminals), to see similar technology being implemented from someone supposedly on the good side is particularly worrying."
Use of techniques that are usually the preserve of criminals by companies such as Sony are causing problems to antivirus and security companies. "Previously it has been possible to say a rootkit equals a bad thing, but now we're having to deal with things that are not so clear cut," he said.
Kaspersky uses the term riskware to define programs that behave like malware but may not have malicious intent behind them. Although it attempts to detect riskware, so that users can be asked what they would like to do with it and so that policies can be created, it does not currently detect the rootkit used by Sony's DRM. "At the moment this is still under discussion and no final decision has been made," he added.
[? /*CMS poll(20003927) */ ?]Sony's use of techniques usually employed by hackers and virus writers makes it much more difficult to differentiate between malicious and benign software, said Kaspersky on its viruslist.com blog. "Rootkits are rapidly becoming one of the biggest issues in cybersecurity. Vendors are making more and more of an effort to detect this kind of threat. So why is Sony opting to use this dubious technology?" wrote Kaspersky Labs.
"Naturally, we're strongly against this development. We can only hope that this message comes across loud and clear to the people who have a say in this at Sony and elsewhere. We'd hate to see the use of rootkits becoming a habit among mainstream software manufacturers when there are so many security and ethical arguments against such use."