Maid Mirawyn's Photos Maid Mirawyn's Photos

Friday, November 11, 2005

More on Sony's Rootkit

Some people just can't admit when they're wrong, and apparently some corporations can't either. Like Sony. They have released a patch on their website for the infamous rootkit. Do they apologize for their mistake? No! Does their patch remove the rootkit? No! They deny any wrongdoing, and claim they're only providing a patch to "alleviate concerns." Even when the outcry is so strong that they've had to discontinue its use, they won't admit they were wrong. (Though apparently they were quick to modify their EULA.)

According to Sony, the rootkit "is not malicious and does not compromise security..." Um, how does hiding any file starting with "$sys$" not compromise security? Especially since there is already a trojan making the rounds that exploits the rootkit, disabling your firewall! And if they were so well-intentioned with their rootkit, why didn't they provide full disclosure (or any disclosure)?

Sony's little patch (or "Service Update") doesn't remove the rootkit, or even fix its other problems. The only thing it does, by all accounts, is remove the cloaking. Presumably, uninstalling it the hard way would still disable your CD-ROM drive!

What about the Sony brass? Here's what one Sony exec, Thomas Hesse, had to say to NPR: "Most people, I think, don’t even know what a rootkit is, so why should they care about it?"

Why should we care? Because rootkits can be harmful! Just because I don't know what it is does not mean it's okay to hack my computer! Isn't that like saying it's okay to steal, as long as the victims don't know you're stealing from them? Or that it's okay to slip poison into people's food as long as they don't know it's poison? Hello! How about some logic here? At this point, I would be delighted just to see a shred of common sense!

Oh, and the rootkit "phones home." (See the Sysinternal article again, or this summary on Slashdot.) So far it doesn't seem to send data, just look for a banner related to the album being played. And of course, we can trust Sony to remain honest, right?

By the way, Sony, it's probably not a good thing that you have your own category on Slashdot!


No comments: