11.03.2005

The Sony DRM/Rootkit Saga Continues

I found an interesting and humorous post while scanning my RSS feeds this morning.  Check out this link from Secunia re: the Sony rootkit debacle (if it isn’t a debacle yet, it will be soon).  I especially like their proposed solution – “Use another product”.  I’d like to suggest another one – “Write your Representative”.

While you’re at Secunia, I’d seriously consider adding their RSS feed to your feed viewer.  They generate a lot of traffic, but it’s worth it to stay on top of emerging security threats.  One interesting thing you’ll notice if you subscribe is the number of security issues affecting non-Microsoft products.  Huh, I thought only Microsoft products had security problems?!?

UPDATE: Sony has a web site where you can request permission to uninstall their rootkit.  Thanks, Sony – that’s very generous of you.  I’d suggest giving them a piece of your mind via the feedback form.

UPDATE 2: Here are a couple new links.  First, Sony’s FAQ site now links to a utility from their DRM provider First 4 Internet (F4I).  This update (confusingly named Service Pack 2) supposedly removes the “component” from your system.  I don’t know about you, but I live by the rule “fool me once, shame on you – fool me twice, shame on me”.  I’d avoid this update like the plague.  The only true cure for a rootkit'ed machine is a rebuild.

UPDATE 3: This ZDnet article leads me to believe the only thing the F4I patch does is unhide the DRM software, and not actually remove it.  The article even mentions that the F4I “cleanup” utility will be included in DAT updates from all the major AV vendors.  I don’t believe everything I read – so I think I’ll go buy one of these CDs and conduct my own research.  This is a perfect time to fire up VMware Workstation and break some stuff ;)