| lieliski |
[Nov. 3rd, 2005|08:21 am] |
Ceru, ka nav gadījies spēlēt Sony BMG diskus?
02:07 PM Nov. 02, 2005 PT
Sony BMG is facing a cacophony of criticism this week following the revelation that some of its CDs are packed with special copy-protection software that conceals itself with an advanced hacker cloaking technique. We think the company is getting off easy.
The firestorm began when Mark Russinovich, a computer security expert with Sysinternals, discovered evidence of a "rootkit" on his Windows PC. Through heroic forensic work, he traced the code to First 4 Internet, a British provider of copy-restriction technology that has a deal with Sony to put digital rights management on its CDs. It turns out Russinovich was infected with the software when he played the Sony BMG CD Get Right With the Man by the Van Zant brothers.
A rootkit is a particularly insidious type of Trojan horse that hides its existence from users and programs by tampering with the operating system on the most fundamental level. Where normal malicious code might be content to choose a deceptive file name, a rootkit "hooks" operating system calls that might reveal its presence, and essentially reprograms them to lie -- like bribing the coroner to conceal a murder.
And the lie the First 4 Internet code tells is a whopper. Under the program's influence, Windows will deny the existence of any file, directory, process or registry key whose name begins with "$sys$." Russinovich verified this by making a copy of Notepad named "$sys$notepad.exe," which promptly vanished from view.
That means that any hacker who can gain even rudimentary access to a Windows machine infected with the program now has the power to hide anything he wants under the "$sys$" cloak of invisibility. Criticism of Sony has largely focused on this theoretical possibility -- that black hats might piggyback on the First 4 Internet software for their own ends.
On Wednesday, Sony answered its critics by promising to issue a patch that allows antivirus software to pierce First 4 Internet's cloaking function. But in our view, the hacker and virus threat is something of a red herring. The harm of the Sony DRM scheme is not that it enables evildoers, but that Sony itself did evil.
We needn't go skulking through the computer underground to find malicious action here. By deliberately corrupting the most basic functionality of their customers' computers, Sony broke the rules of fair play and crossed a bright line separating legitimate software from computer trespass. Their actions may be civilly actionable.
Sony may even have committed a crime under the U.S. Computer Fraud and Abuse Act, which can carry fines and prison terms for anyone who "knowingly causes the transmission of a program ... and as a result of such conduct, intentionally causes damage, without authorization, to a protected computer." Corrupting Windows so it misreports the contents of a hard drive sounds a lot like "damage," and the click-wrap license agreement on the Sony disk amounts to pretty thin "authorization" -- disclosing only that "this CD will automatically install a small proprietary software program ... intended to protect the audio files embodied on the CD."
Nor are we comforted by assurances from First 4 Internet's CEO Mathew Gilliat-Smith, who, in an interview with CNET's News.com, defended his software this way: "For the eight months that these CDs have been out, we haven't had any comments about malware (malicious software) at all." Rootkits, like other cover-ups, rarely generate complaints before they're discovered.
Sony should immediately disclose the full details of its deployment of the First 4 Internet software, and assure the public that it will not use similar tactics in the future. Honest programs have no need to conceal themselves or their actions from users. Honest companies, too. |
|
|
![[info]](http://klab.lv/img/userinfo.gif){kind=small}