Why Didn't Anti-Malware Find the Sony Rootkit?

The obvious solution to this kind of unacceptable invasion by Sony is to NEVER, EVER buy anything from Sony again, AND to let them know that you won't ever buy anything from them again.

On november 29th this year sony reached the 100,000,000 PS2's sold mark. No thats not a misprint that number is 100 million.

Like it or not sony produces some of the most popular gaming systems. Gamers are not going to hold off on getting a PS3, which is expected to be the most popular gaming system this generation.

What sony did with the root kits was wrong and their lack of compasion for those effected is scary. But I really don't think that they are going out of business any time soon.

Although I will get a PS3, I will never buy a sony music CD ever.

I'm annoyed (really mad, actually) that my operating system will allow a music CD to install software and modify system files on my computer, without even asking permission.

actually my Zonealarms triple firewall defence prvented the malware from installing that was really cool actually

If Sony goes ahead with their ill-fated plan to make it so PS3 games can't be played on any system but the one they are first inserted in, their PS3 sales will be hit hard.

The only Sony product I would consider these days is a PSP. Their computer hardware is over priced and lacking.

In response to Eagekr: what if they deploy something sinisterly similar in there other products?

Legislation should be brought up so that other companies wouldn't be quite so foolish in trying to "protect" their properties this way.

I am not advocating piracy by any means but Sony stupidly assumed that their buying customers were these criminals they hoped to stop.

Why aren't Sony rushing to issue an "uninstal" prog to wipe out the damage they have caused to thousands of innocent CD buyers ?. Company policy statement number one, NEVER admit mistakes !

I was considering a Sony Laptop but---not in this lifetime.

PCWorld is to be commended for carrying and following this story. Many magazines and newspapers have avoided reporting any stories questioning DRM. This includes PCMagazine, NY Times and the LA Times.

Alot of people that purchase cd's also rip them to there harddrives and such. Sony wanted stuff like that stopped and they should do whatever it takes you shouldnt make illegial copies, rips etc. period.

What about DVDs? Sony is also a movie company that puts out movies. What about those who like to watch movies on their computers, especially those who watch movies on their laptops? Do you think Sony has a different but equally sinister rookit on their DVDs?

Whatever. I will rip anything I want. I never buy music anymore.

I guess Madonna won't be able to afford that 100th Mercedes/Jaguar/Lexus/BMW/Lamborghini.

Isn't it sad that it's safer to download music illegally from the internet than to get it from the legal vendor?

Something is screwed up here.

Who knows?
Maybe we will one day discover that Sony and the anti-malware vendors got together, and decided they didn't WANT the rootkit to be found.

While I actually doubt that, I wouldn't be at all surprised if it turned out to be true.

Don't understand why they have not put an encredible effort to get those CD's from the market. You can still buy them in shops. As far as I can see from a legal standpoint every body who has such a cd (and has the rrotkit on his/her PC) can claim consequential damages from Sony/BMG. If the general public who is ignorantly buying their rootkit CD's finds out that claiming Sony/BMG is a good money source who knows what will happen. This is maybe the biggest liability they have and for that reason I do not understand why they still leave their rootkit cd's in the shop.

Secondly I also don't understand why they have not been prosecuted for criminal offence (except in Italy) If such virus is distributed by others they would go to jail very rapid.

What Sony did was wrong and dispicable. Howerver, it is important to point out that Windows was designed to allow such mischief. This is a result of the decision to have a regular user to run with "adminstrative" or "root" (Unix/Linux term) access by default. Duh.

On Linux or Mac OS X or other Unix systems, normal user accounts can NOT modify the operating system like this, unless they provide the "root" password. This is why it is called a "rootkit", it gives the software "root" or Administrative or super-user access to do ANYTHING.

Microsoft is ultimately to blame for their lax approach to security. While they have made some improvements (Windows SP2 is a good start) they have a very long way to go.

Redesigning Windows to run as a normal user is high on my list for them to fix.

"Alot of people that purchase cd's also rip them to there harddrives and such. Sony wanted stuff like that stopped and they should do whatever it takes you shouldnt make illegial copies, rips etc. period."

This is not illegal, this is provided for under the Fair Use part of the copyright law.

What DRM tries to do is make a technological way to take away your Fair Use rights under copyright law.

I'm against file sharing, but it is no business of Sony or anyone else how many copies I make, or how many computers, players, phones, operating systems, etc. I enjoy them on. I bought the music, it is mine to use as I wish for my own personal use. That's what Fair Use says.

Sony of course knows this. They don't care about consumer rights, and they knew what they were doing when they put the rootkit on their music CDs. It was not a virus or an "accident", it was deliberate.

They should suffer the consequences for their ill-conceived actions.

Microsoft Windows is designed for maximum program interoperability. it is also designed to be open to sharing whatever you want however you want. Openness is what they were shooting for. It is the job of the user to either get linux of harden the OS themselves.
As for the rootkit. Sony went too far. And I agree there is something wrong with the world when getting stuff illegally is easier and safer than getting it legit.
And another thing, I am going to copy, rip and remix everything I have at least 12 times on all 5 computers i have and ill be damned if anyone trys to stop me.

I have an EMI music CD that will only work on my computer through the installed player...same thing? Any other companies doing this should pay too.

But.

If you put a piece of scotch tape on the edge of the disc, the player is bypassed! I kid you not, try it. I didn't believe it either til it worked.

From: John Guarino - TecAngels.com (Sony rootkit reporter).

Copy Protection: you try to copy - it doesn't work - you wasted time.

DRM: in this case the worst case scenario of DRM (a rootkit) is akin to a:
- Satellite installer that comes to your home= a CD you try to install.
- Makes you sign a disclaimer (a lot of legalese that even if you
read it you won't understand)= disclaimer you agree to when you
install Sony music CD.
- After the installer has finished you find out that the installer
has not left and is "hiding" in your home= rootkit software.
- You call the satellite company and tell them about it and they say
"you agreed". You tell them that the installer is hiding in your home
and that you want him out no matter what= Sony says you agreed and
does not provide an uninstaller!
- You find out that he comes out from hiding once in a while and that
he might bring other friends (whitout your knowledge), he also eats
from your refrigerator and occupies space in your apartment= Rootkit
software uses memory, harddisk space, and since it's hidden you don't
know what it's doing and makes it easier/possible for other rootkit
software (or viruses/spyware) to piggyback on it.

These are the differences between copy protection and rootkit
software (an EXTREMIST case of DRM).

I hate to point this out, but with opensource software like audacity or even software that comes with your soundcard, you should be able to record from a portable cd player into your linein or mic line the whole cd, bypassing any security. So its pretty lame to try software to stop this kind of thing if someone really wants to copy there is ALWAYS away.