The Root of the Problem

So there's this thing, a computer thing, a Sony thing, a nasty thing called the Rootkit.

Now this thing has a noble purpose. It's supposed to prevent the spread of illegal mp3s. That's just fine, but this thing has some interesting ends to this means.

This thing installs itself from a Sony music CD loaded into a PC CD-ROM. It doesn't ask, it just does. It does its job, this thing, rather indiscriminately. So much so that it can crash your computer hard. It will do everything in its power to prevent you from burning CDs, or ripping if it isn't positive your CD is legitimate.

This thing also phones home. It sends a little message to Sony, making sure the CD you're using is unique. There isn't much to the message, just a simple request for some data from Sony so this thing knows what to do. But, when two computers communicate like that, information gets out. IP addresses, MAC addresses, connection type, and given the nature of the communication, the CD you purchased, all these are easily known.

This thing also hides, oh how it hides. It hides so well hackers now use it to hide their malicious programs so that nice programs like Norton don't know, so that they can cheat in online games, so that they can do what they want.

This thing, this "Rootkit", doesn't sound so noble now does it?

The worst part, this thing is everywhere.

Nice thing ain't it?

Prose aside, Sony's Rootkit they couples with a lot of recent music CDs has been a hot topic because of how it both violates personal freedom in the name of DRM, how it acts just like a trojan, and how it can be easily by hackers to hide programs they use to cheat in online games (such as WoW).

If you haven't bought any recent Sony CDs in the past month, you should be fine. Otherwise, you should probably find out whether it's on your computer, and what you can do about it. Sony certainly hasn't been the kindest company in the world in terms of dealing with the growing rumblings this has caused, and still hasn't provided a decent way of either detecting or removing it.

Ughification at its best.

No comments: