Graham Titterington
Sony's DRM woes deepen
Symantec has now reported that a Trojan which exploits the mechanisms in the Sony DRM download has been found in the wild. The Stinx-E Trojan is distributed through spam email. This is certain to be followed by numerous other viruses. Comment: Sony is rapidly turning a PR crisis into a disaster. Thomas Hesse, the president of SonyBMG's global digital business division, said in an interview on radio station NPR that "Most people don't even know what a rootkit is, so why should they care about it?". The entertainment industry must sort out the limits on how far it can go to protect its copyright material. It is totally unacceptable that it is laying its customers open to identity theft as the price of protecting its royalty revenues. Sony is placing some copy-prevention software on its music CDs which uses a technique called "rootkits", which patch themselves into the system's kernel and "cloak" themselves to prevent their detection by anti-virus products. The technique is controversial because it had previously only been used by criminal gangs, and it questions the right of a PC owner to control their own equipment. While defending its actions, Sony has now made available some software to disable the "cloaking" part of its download, but not the core copy prevention mechanisms and the vulnerability that it brings to host machines. A group of consumers initiated a class action against Sony in California on 1 November. We will no doubt be hearing more about this as it progresses and Thomas Hesse will get his answer. Symantec has rated the threat from this Trojan at level 2, on a scale from 1 (most serious) to 4. It allows an attacker to steal information from a compromised machine, and also to subvert the user's machine for malicious purposes such as sending out spam to third parties.Symantec has now reported that a Trojan which exploits the mechanisms in the Sony DRM download has been found in the wild. The Stinx-E Trojan is distributed through spam email. This is certain to be followed by numerous other viruses.
