Wednesday, November 16, 2005
Rootkits and Bootkicks
Rootkits and Bootkicks
The fabulous thing about a culture that rewards those who shirk responsibility and accountability is that in engenders such arrogance that the self-absorbed perpetrators do a better job of digging their own graves than anyone else could ever wish to.
Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit. Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden [...]
The DRM reference made me recall having purchased a CD recently that can only be played using the media player that ships on the CD itself and that limits you to at most 3 copies. I scrounged through my CD’s and found it, Sony BMG’s Get Right with the Man (the name is ironic under the circumstances) CD by the Van Zant brothers. I hadn’t noticed when I purchased the CD from Amazon.com that it’s protected with DRM software, but if I had looked more closely at the text on the Amazon.com web page I would have known [...]
At that point I knew conclusively that the rootkit and its associated files were related to the First 4 Internet DRM software Sony ships on its CDs. Not happy having underhanded and sloppily written software on my system I looked for a way to uninstall it. However, I didn’t find any reference to it in the Control Panel’s Add or Remove Programs list, nor did I find any uninstall utility or directions on the CD or on First 4 Internet’s site. I checked the EULA and saw no mention of the fact that I was agreeing to have software put on my system that I couldn't uninstall. Now I was mad.
Mathew Gilliat-Smith, F4i managing director, says: "The first few weeks following an album's release are extremely important in sales terms, and piracy at an early stage costs the label a great deal of money."
Safeguarding a CD is a complex process, as protection must not affect the disc's ability to be played on all music systems, nor must it interfere with the sound quality. We have developed an effective solution that has earned us credibility with the major labels.
This story -- the hidden planting of potentially dangerous, and certainly improper, software by Sony on customers' computers -- continues to get more amazing. The behavior of the companies more outrageous.
The most incredible part of the story is not that Sony and its technology partner, a U.K. based outfit called First 4 Internet, have been hiding what they do and then pretending it's no big deal (CNET) or failing to tell the entire truth (Freedom to Tinker) about it. It's that any of this could be remotely legal; but in this society, where governments care far more about property rights than individual rights, this is what happens.
If The Washington Post is circling the wagons in preparation for a confidential sourcing fight with federal investigators, it certainly isn't showing it. Both reporter Dana Priest and Executive Editor Leonard Downie Jr., tell E&P that no plans have been formulated to respond to a possible inquest by either Congress or the Justice Department about a Nov. 2 Priest story on secret overseas prisons.
"I don't have concerns at the moment because nothing has happened," Downie said Monday. "I don't want to speculate about this. I don't know if people are going to be seeking sources from us."
Priest, who declined comment on any potential investigation, said she had not met with any attorneys or Post officials about what may come next. "I'm trying not to pay attention to the discussion about investigations," she said. "I'm trying to focus on the next set of stories."
Priest's story, coming on the heels of the Judith Miller subpoena/jailing/resignation mess, drew both criticism and praise for reporting what she described as a "covert prison system" set up by the CIA four years ago. Priest's use of confidential sources prompted the House Intelligence Committee last week to launch an investigation into who leaked the information, while the CIA asked the Justice Department to review possible sources.
© Copyright 1997-2021 ApolloMedia Corporation. All Rights Reserved.
annoy.com Site Information