Sony Caught Installing Hidden Software on Computers

Did you know that if you have played a new Sony music CD in your computer within the last year, your computer is probably infected with a malicious software program that allows Sony to change the way you use your computer? All to true, as we have been finding out this week.

Sony, in its attempt to enforce it digital rights management system (DRM), has put a software program on its music CD's that installs itself into your computer, whether you want it or not and without asking your permission. It is written in the form of a rootkit, a malicious code that is nearly impossible to detect and can sometimes give its creator a "backdoor" into your computer whenever he wants. (I will be writing more about rootkits and their threat in an upcoming blog.)
Sony's digital rights management technology, now shipping on CD's by Sony Corp. and BMG Music, employs stealthy, rootkit-style techniques to hide from users, according to security experts. The new technology, which Sony has dubbed "sterile burning," manipulates the Windows core processing center, or "kernel," to make the DRM almost totally undetectable on Windows systems. It can also prevent you from burning music on your CD's or computer's hard drive.

These kind of files are almost impossible to remove without fouling Windows systems and could be used by malicious hackers to hide their own programs. The security expert who discovered the hidden Sony software found that if he removed it, it wrecked his Windows software and prevented him from accessing his CD player completely.

Sony BMG has acknowledged that the rootkit-style features are part of DRM technology that began shippCD's with CDs in 2005. The company claims that it is issuing a fix, so the software can be neutralized. However, early reports from users who have run the software say it does not remove the rootkit software; it only changes it so it is not hidden.

Despite Sony's assertions to the contrary (Sony says, "This component is not malicious and does not compromise security"), analysis from two Windows expert authorities show clearly that any other attacker could take advantage of the rootkit functionality to hide their own files and registry entries, and that techniques used by the software run the risk of making the system unusable.

Rather than go on and on about this, I strongly recommend you read this excellent editorial by Molly Wood of CNET. She explains how it happened, what it can do to your computer, how it changes the way you can use your computer, and how outraged we should all feel.