F-Secure skeptical of Sony's rootkit ways

By Justin Mann on August 27, 2007, 8:08 PM
Is Sony tinkering with rootkits again? You'd think that after their first horrendous experience they'd have learned their lesson, but apparently that is not the case.

While not as severe as it was last time, a newer product from Sony is using very similar tactics to hide software and files onto a machine, in such a fashion where it could pose a security risk. As F-Secure reports, it may be possible for some A/V suites to ignore certain files, which is where much of the risk comes from:

Files in this directory are also hidden from some antivirus scanners (as with the Sony BMG DRM case) depending on the techniques employed by the antivirus software. It is therefore technically possible for malware to use the hidden directory as a hiding place.
They do leave room for a plausible reason such as certain critical data needing to be protected. That aside, F-Secure takes exception with the tactics Sony has employed. Sony has not yet responded to F-Secure's requests for an explanation. There isn't any mention of this tactic causing any harm to a system - and unlike last time, it doesn't seem to make it easy to accidentally cripple a system. There's merely the "potential" for risk.




User Comments: 5

Got something to say? Post a comment
Fornacis said:
For the love of............who CARES!?!?! I run Napster, Steam, Xfire, and several other programs that are probably a greater security risk than this crap. I giggled when all the dorks said they wouldn't install BioShock because SecureRom had a root kit.LOL*deep breathe*LOL
PanicX said:
I care.I'm not at all interested in installing software that can compromise my PC. Currently I can't be bothered to try software created by organizations that are lax or negligent on software security, including Symantec and Apple. I'd ditch Microsoft in a heartbeat if they didn't have a strangle hold on the gaming market.
kitty500cat said:
But this can still be a huge security risk. Malware writers can simply write their viruses or whatever in locations hidden by the rootkit, making them virtually undetectable by traditional virus-seeking methods.You'd think Sony would get the hint one of these times...
Fornacis said:
You like others are making mountains out of mole hills. Any piece of software can be comprimised, so why run around with your arms in the air bumping into walls.
kitty500cat said:
Check out [url=http://www.f-secure.com/weblog/archives/archive-082007.
tml#00001264]this more recent post[/url] on F-Secure's blog.This rootkit isn't as nasty as the Sony XCP DRM rootkit was, but it could still be maliciously exploited.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.