F-Secure skeptical of Sony's rootkit ways

By Justin Mann on
Is Sony tinkering with rootkits again? You'd think that after their first horrendous experience they'd have learned their lesson, but apparently that is not the case.

While not as severe as it was last time, a newer product from Sony is using very similar tactics to hide software and files onto a machine, in such a fashion where it could pose a security risk. As F-Secure reports, it may be possible for some A/V suites to ignore certain files, which is where much of the risk comes from:

Files in this directory are also hidden from some antivirus scanners (as with the Sony BMG DRM case) depending on the techniques employed by the antivirus software. It is therefore technically possible for malware to use the hidden directory as a hiding place.
They do leave room for a plausible reason such as certain critical data needing to be protected. That aside, F-Secure takes exception with the tactics Sony has employed. Sony has not yet responded to F-Secure's requests for an explanation. There isn't any mention of this tactic causing any harm to a system - and unlike last time, it doesn't seem to make it easy to accidentally cripple a system. There's merely the "potential" for risk.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.