Sony, Rootkits and Digital Rights Management Gone Too Far

SysInternals has posted an interesting article on Sony’s DRM program, and how it appears that Sony has not only built support for DRM, but also have built a Rootkit like program to support their digital rights management scheme:

Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit. Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden (see my “Unearthing Rootkits” article from the June issue of Windows IT Pro Magazine for more information on rootkits).

Share
  • http://arik.baratz.org Arik

    Let’s not be too naive here.

    ‘Rootkit technology’ has been used forever by software which business is to hide from other software. Anti-virus and Anti-spyware, for instance. And for a good reason.

    There’s nothing ‘illegal’ about applying this technology. Like all technology, it can be used for good and for bad. The only problem begins when malicious code uses it to hide itself. If you don’t like Sony’s DRM doing that – don’t install it.

    Rootkit technology doesn’t kill computers. Malware kills computers.

  • http://aviv.raffon.net Aviv Raff

    The problem with Sony’s DRM is that it will not remove the rootkit when the installed software is removed.
    The rootkit itself might be harmless, but being there after the user uninstalled the DRM software is bad.

  • cpgguru

    This is only the beginning…If you read some of my postings on blog, weeks before this was discovered, in http://blogs.securiteam.com/index.php/archives/114 you will find some basic insight of what was said earlier for this type of weaponry…Its a new type of war. A Battle of the rings, “Rootkit Technology” will allow for ‘illegal’ access to your personal data with legal intention by larger corporations. This form of stealth and “power” has been around for years. I have professional experience developing Rootkit Technology and let me tell you…the next few years is going to get ugly…lets put it this way…the techniques you might be reading about now are old, public methods, the “NT Executive” allows for fun places to dig into for “Undocumented Objects, API’s, and other forms of internal structures not publically documented”…not only in the Windows environment but the theory and concept has been around for a long while. Take a look at the way Finnish Law is going…http://www.cs.helsinki.fi/u/nikki/files/copyprot_faq_en.txt
    . If this type of stuff don’t scare you…Then I don’t know what will…Someone please….write up a nice “Expl0iting the L4W” (For Fun and Profit). This is going to get ugly…. — cpgguru. :D

  • Boshcash

    using rootkit technology is a dirty way to deal with users and sony doesnt have the right to do this. there is no big difference between legal and illegal programs doing this , because i believe the user must know whats going on , on his pc , its ur pc not their pc, any authorization or security check should be done outside your pc (server) .. not you , this is exactly like javascript blocking right clicks or some sh*t .. again i repeat this is silly and no one like to install a rootkit on his pc and who knows what will sony do maybe a secret update and spy on your pc , running something hidden is a COMPLETE invasion of the user’s privacy , u didnt lease ur pc off them , did u ?

  • Pingback: SecuriTeam Blogs » First Trojan using Sony DRM spotted

  • Pingback: SecuriTeam Blogs » The Black hat of Symantec