Ed Felten on Sony's Rootkit "Remover"

["Fergie" <fergdawg () netzero net>]

Via Boing Boing:

 http://www.boingboing.net/2005/11/03/felten_on_sonys_root.html

[snip]

Ed Felten has a great look at Sony's "fix" for the malicious, crash-inducing rootkits they forced their customers to 
install in order to listen to the CDs they bought:

The update is more than 3.5 megabytes in size, and it appears to contain new versions of almost all the files included 
in the initial installation of the entire DRM system, as well as creating some new files. In short, they're not just 
taking away the rootkit-like function -- they're almost certainly adding things to the system as well. And once again, 
they're not disclosing what they're doing.

No doubt they'll ask us to just trust them. I wouldn't. The companies still assert -- falsely -- that the original 
rootkit-like software "does not compromise security" and "[t]here should be no concern" about it. So I wouldn't put 
much faith in any claim that the new update is harmless. And the companies claim to have developed "new ways of 
cloaking files on a hard drive". So I wouldn't derive much comfort from carefully worded assertions that they have 
removed "the ... component .. that has been discussed".

[snip]

http://www.freedom-to-tinker.com/?p=921

- ferg

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.