Sony RootKit Still A Problem?

XMilkProject writes "Current research indicates that some "350,000 networks--many belonging to the military and government--contain computers affected by [Sony's rootkit]." This is down from over half a million last month. "The security researcher worked from a list of 9 million domain-name servers.. asking each to look up whether an address used by the XCP software--in this case, xcpimages.sonybmg.com--was in the systems' caches." Will Sony face future repercussions for this potentially long-term damage?"

Repercussions? Nah.

[Alizarin Erythrosin]

Will Sony face future repercussions for this potentially long-term damage?

Probably not. They're already getting off somewhat easy for the original hubub.

Settled too soon.

[gasmonso]

If you look at the settlement in the New York District court it is nothing more than a slap on the wrist. Sony knowingly infected computers with what amounts to a trojan horse. In return they have to pay a little money and promise not to do it again. That's insane when you consider the witch hunts that have taken place for 16 year-old kids releasing a virus. Sony needs to pay and pay dearly for their deliberate criminal actions. The government always wants to send hackers a strong message...well then the same applies to corporations!

http://religiousfreaks.com/ [religiousfreaks.com]

Repurcussions? No.

[mindaktiviti]

"Will Sony face future repercussions for this potentially long-term damage?"

No they won't because they're a huge multinational corporation who will probably layoff some employees and reward their top execs from the whole ordeal. I'm not trying to be some hippie about this, it's just the way the world works.

Of Course, that is Sony's Security Policy

[slashbob22]

Security through Obscurity.

Simple answer..

[ThePatrioticFuck]

Will Sony face future repercussions for this potentially long-term damage?

Of course not. They may pay a (relatively) small fine or two, but a quick a donation to a politician here and there, and that'll be all she wrote.

Re:Makes you wonder....

[Prophet of Nixon]

Well, the scenario of taking CDs to work to play them on networked military PCs is not implausible at all; there are thousands of GS/staff employees who do that. What is implausible, at least in my experience, is those users having admin access to their machines. Was this rootkit able to install on XP under a user or power user account?

Problem not eliminated

[gbobeck]

Part of the problem with the Sony Rootkit is the fact that many stores **STILL** are selling the rootkit enhanced CDs.

I personally have seen this at several Borders stores in my area, and each time I mention this to the management I recieve blank "deer in the headlights" looks.

End result

[quokkapox]

These CDs will be out there forever, in users' libraries and bought and sold by used CD shops and flea markets. The end result of this fiasco is that Sony discs are something you watch out for and don't risk sticking in your computer, unless you're running the latest antivirus/antispyware software.

Sony == Dangerous to my PC

What a great way to promote a brand.

Re:Problem not eliminated

[quokkapox]

You would receive a similar blank stare if you remarked about mercury levels in the cans of tuna you are buying at the grocery store.

The retail checkout line is not the place to wage these types of battles.

Sadly, no.

[sethadam1]

Sadly, not only will Sony face no long term damage, but this will be a blockbuster year for them as they release PS3 and millions of quick-to-forget Slashdotters rush out to buy a PS3.

If consumers were smart, they'd go buy a Nintendo Revolution - or even an Xbox - and intentionally skip the next Playstation. Unfortunately, they won't, because their souls are fueled by acquisition and shiny-new-toy syndrome.

No.

[Bob9113]

Will Sony face future repercussions for this potentially long-term damage?

No. Who do you think pays our politicians' wages? Are they going to bite the hand that feeds?

One point, one question

[AviLazar]

First thing to note - just because a computer belongs to the military or any other branch of the gov't does not mean it is 1) a secured computer 2) a computer with access to sensitive materials. This computer could be the janitors computer.

What the hell...300,000 people are placing music CDs at work? No wonder our government gets nowhere - they are all busy listening to music and playing games. Get a regular CD player people - they aren't that expensive.

Re:Makes you wonder....

[Gonarat]

.. what kind of person takes their Sony CDs to work in order to play them on PCs on a military network. Kinda bizarre that that's even possible.

Once upon a time, bringing in the CD would have been the safest way to listen to music. Nothing can be copied to a CD, and nothing could be brought in on a pressed CD other than music. Nothing for Military Security to be worried about. Ipods and other MP3 players could potentially be used to sneak data out.

Of course now with the DRM crap on the "CD", this is no longer true. The once friendly store bought CD is now a potential risk. Way to go Music Industry! And you wonder why sales are down in 2005 from 2004...besides crappy offerings.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Get Back On Our Own - Boycott Sony

[utexaspunk]

So... you're going to boycott Sony by not playing the PS2 that you already paid for? How is that hurting Sony? Why not sell your PS2? Then you've at least possibly deprived Sony of purchase.

But then, the division that makes the PS2 is fairly disparate within the company from the one you're attempting to hurt. But then you've already admitted that you don't buy CD's, the record company couldn't really care less about you. Still- why attempt to harm the folks within the company who make a cool product for the actions of another part of the company which they have no say in?

What I don't and never have understood is..

[Crilen007]

Who are they affecting?

People who download music won't be affected, because they are downloading (IE Not buying the infected CD's)

So, just who are they trying to spy on? The customers who are giving them money and doing what they want?

It's so... 180 degrees out...

Re:Problem not eliminated

[meringuoid]

rootkit enhanced CDs

This battle is one of propaganda as much as anything else. If you use the enemy's terminology, you've already lost.

These are rootkit infected CDs. Use that phrase in conversation with your non-techie friends. 'Damn, I got an infected CD from Sony.' They'll not grasp all the geek details, but they'll get the picture.

Similarly, call what it is trying to do 'Digital Restrictions Management' whenever you have to explain what 'DRM' is. It's a far truer portrayal of what's going on.

Re:End result

[Neillparatzo]

The end result of this fiasco should just be that people disable Autoplay.

Many viruses don't achieve this level of penetrati

[SkunkPussy]

From the article: "I don't see the federal government suing a big company like Sony," she said. "The fact that military networks have likely been affected by this won't change that."

I think this is a larger problem - that Sony can do what is clearly an unauthorised incursion into the core of someone's computer without being sued.
2.1 million cds have been sold. So something of the order of magnitude of 2.1 million computers have been infected by this rogue code. Many viruses don't achieve this level of penetration!!!! I doubt the combined force of slashdot readers has achieved this level of penetration either! hehe

If an individual had perpetrated this, whether or not he had the best intentions he would be arrested immediately. But Sony because it has such a strong brand, has only been sued in a few US states by a few Attourney Generals. Despite this being without any doubt prosecutable at the highest level.

I hate to whinge on about this but why on earth are coporations less obliged to follow the law of the land than individuals!! Its a joke.

Re:exactly correct

[BVis]

Why some high level Sony USA execs aren't in the slammer now is beyond me.

Rich people don't go to jail; also, the law hasn't caught up to this kind of crime, especially on this scale. (Martha Stewart went to prison because she was charged and convicted under well-understood and established laws.) Ask the average attorney what the crime is here and you'll get blank stares, not because it isn't blatantly illegal, but because the average person doesn't know or care about this kind of thing.

Like you said, if some teenage scripter had done this, they would be facing 30 years or something,

Unless Daddy is loaded. Then he'd get 20 hours community service and six month's probation. OTOH, if the teen in question was middle- or lower- class, its PMITA prison time.

Re:Makes you wonder....

[drinkypoo]

IMO the problem is that the labeling restrictions for CDs are not strong enough. You can still put the "CD digital audio" logo on your audio CD if it is a CD-Extra and not just a good old Red Book CD. Without this, there might have been more consumer awareness. The properly paranoid will now note that the CD system was invented by Sony and Philips and Philips is the body behind the logos.

Re:Makes you wonder....

[Tim Browse]

So the fact that you think that the Sony rootkit manages to bypass Windows admin/driver privileges is what you use as proof that the admin privileges scheme doesn't work?

There's a flaw in that logic somewhere, but I can't put my finger on it...

The right thing:

[jafac]

I think that what is needed, is an Explorer plugin, to be made freely and widely available, which circumvents this "cloaking" technology (using Mark Russinovich's term).

If all of this "cloaking" crap were to be made irrelevant, then these kinds of things would no longer be a security issue - it would return administrative control over machines to the machine's owner. Whether that's Symantec's cloaking for their recycle bin, or whether it's Sony's rootkit, or anything else.

Computer owners don't need a corporate nanny protecting them from shooting themselves in the foot. Good software design does that. Not sneak tactics.

I'm not sure how the EULA is relevant...

[blorg]

...if you clicked 'Don't Agree' to it and the rootkit installs itself anyway.

Re:Problem not eliminated

[gbobeck]

In polite non-geek company I call XCP "protected" disks DEFECTIVE (or some variation of that word mixed in with some 4 letter explicatives). Makes it much easier to explain the problem without resorting to any jargon.