F-Secure skeptical of Sony's rootkit waysBy Justin Mann
Is Sony tinkering with rootkits again? You'd think that after their first horrendous experience they'd have learned their lesson, but apparently that is not the case.
While not as severe as it was last time, a newer product from Sony is using very similar tactics to hide software and files onto a machine, in such a fashion where it could pose a security risk. As F-Secure reports, it may be possible for some A/V suites to ignore certain files, which is where much of the risk comes from:
Files in this directory are also hidden from some antivirus scanners (as with the Sony BMG DRM case) --- depending on the techniques employed by the antivirus software. It is therefore technically possible for malware to use the hidden directory as a hiding place.
They do leave room for a plausible reason - such as certain critical data needing to be protected. That aside, F-Secure takes exception with the tactics Sony has employed. Sony has not yet responded to F-Secure's requests for an explanation. There isn't any mention of this tactic causing any harm to a system - and unlike last time, it doesn't seem to make it easy to accidentally cripple a system. There's merely the "potential" for risk.