Macs Not Totally Immune to Sony Spyware

Macs Not Totally Immune to Sony Spyware

Summary: It looks like I may have spoken too soon in my article on the Mac being immune to the Sony Rootkit—Advantage Macintosh.

It looks like I may have spoken too soon in my article on the Mac being immune to the Sony Rootkit—Advantage Macintosh.
On Macintouch Darren Dittrich reports that Sony's DRM software targets Macs too. Digging into the "enhanced" content on the disk, he found a that, when run, shows a license agreement, then asks you for an admin password. On entering this, it installs two kernel extensions, PhoenixNub1.kext and PhoenixNub12.kext.

Note that these aren't the rootkits that infect Windows PCs -- Sony's Mac crippleware comes from a different vendor called Sunncomm.

Dittrich reveals that the Sony EULA that he agreed to indicates that they will be installing software, so read those agreements and question anything asking you to login as an admin. Caveat emptor.

The good news is that this is apparently not the same technology used in the recent Windows rootkits (made by XCP), but rather a Mac-aware DRM codebase developed by SunnComm. And the second main difference between the Windows and Mac versions of Sony's Spyware is that it doesn't automatically install on Mac OS X.

I also reported on the PowerPage that Copy Control discs carry their own Mac OS 9 player, so watch out for that too. Keep an eye out for CDs that use the Copy Control trojan and avoid them like the plague. (Thanks Boing Boing)

Topic: Apple

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Why mac is better

    Programs never automaticially install on the mac, even in admin mode. You are prompted for the admin password before any software is installed.
    • Your right in this case the user ...

      ... unknowingly installs the software. The end effect is the same however.
    • What about those widgets?

      Apple screwed up big time on widgets. Those downloaded automatically, then installed automatically. Apple then patched it to prompt on download but not on auto-install. Then Apple had to patch it again to prompt on download and install.

      This was this year. Pretty dumb if you ask me.
      • Nobody...not even Apple is perfect...:)

        Mistakes will happen to the best of us...heck I think there was once
        in my 43 years that it turned out I was wrong!!!! Strange but it

        Pagan jim
        • ...not even Apple is perfect..

          But they are a heck of a lot closer than Micropits!
    • NO, your missing the big picture

      Windows users were told they needed the software. They were told they were loading a media player. They were tricked into wanting to load the software. At that point, game over. If you can convince a Mac user that they want to load a piece of software, the results will be the same.
  • xpcbffu 10 ldm

    conknn,pjksgaps32, vmdtu.