Not only have the first exploits of the root-kit that SONY so recklessly installed on thousands of computers in a self-serving and thoughtless attempt to protect their own interests appeared...
The Troj/Stinx-E Trojan horse appears to have been deliberately spammed out to email addresses, posing as a message from a British business magazine. . .
. . . If the attached program is run, the Trojan horse copies itself to a file called $sys$drv.exe. Any file with $sys$ in its name is automatically cloaked by Sony's copy-protection code, making it invisible on computers which have used CDs carrying Sony's copy protection.
And not only has the web-based XCP uninstaller that SONY has provided been shown to be dangerous in its own right...
. . . I have confirmed that Sony’s Web-based XCP uninstallation utility exposes users to serious security risk. Under at least some circumstances, running Sony’s Web-based uninstaller opens a huge security hole on your computer. We have a working demonstration exploit.
But it also seems that SONY has used other copy protection schemes. One in particular appears to be just as bad, if not even more deceitful, than the XCP is.
What few people realize is that Sony uses another copy protection program, SunnComm’s MediaMax, on other discs in their catalog, and that this system presumably is not included in the moratorium. Though MediaMax doesn’t resort to concealing itself with a rootkit, it does behave in several ways that are characteristic of spyware.
Like XCP, recent versions of MediaMax engage in spyware-style behavior. They install software without meaningful consent or notification, they include either no means of uninstalling the software or an uninstaller that claims to remove the entire program but doesn’t, and they transmit information about user activities to SunnComm despite statements to the contrary in the end user license agreement and on SunnComm’s web site.
And, in possibly in the biggest display of disdain for the customer SONY has shown through this whole period of displaying nothing but disdain for their customers...
When a MediaMax-protected CD is inserted into a computer running Windows, the Windows Autorun feature launches a program from the CD called PlayDisc.exe. Like most installers, this program displays a license agreement, which you may accept or decline. But before the agreement appears, MediaMax installs around a dozen files that consume more than 12 MB on the hard disk.
How SONY or any other company can justify using software such as this to protect themselves and their content while abusing the property and privacy of their customers is a mystery to me.
To summarize, MediaMax software:
- Is installed onto the computer without meaningful notification or consent, and remains installed even if the license agreement is declined;
- Includes either no uninstall mechanism or an uninstaller that fails to completely remove the program like it claims;
- Sends information to SunnComm about the user’s activities contrary to SunnComm and Sony statements and without any option to disable the transmissions.
Hopefully SONY's use of the MediaMax software will come under the same scrutiny and be subject to the same recalls, apologies and legal ramifications that their use of the XCP root-kit has.
No comments:
Post a Comment