TELECOM Digest OnLine - Sorted: Real Story of the Rogue Rootkit

Real Story of the Rogue Rootkit

Monty Solomon (
Thu, 17 Nov 2005 13:37:33 -0500

By Bruce Schneier

It's a David and Goliath story of the tech blogs defeating a

On Oct. 31, Mark Russinovich broke the story in his blog: Sony BMG
Music Entertainment distributed a copy-protection scheme with music
CDs that secretly installed a rootkit on computers. This software tool
is run without your knowledge or consent -- if it's loaded on your
computer with a CD, a hacker can gain and maintain access to your
system and you wouldn't know it.

The Sony code modifies Windows so you can't tell it's there, a process
called "cloaking" in the hacker world. It acts as spyware,
surreptitiously sending information about you to Sony. And it can't be
removed; trying to get rid of it damages Windows.

This story was picked up by other blogs (including mine), followed by
the computer press. Finally, the mainstream media took it up.

The outcry was so great that on Nov. 11, Sony announced it was
temporarily halting production of that copy-protection scheme. That
still wasn't enough -- on Nov. 14 the company announced it was pulling
copy-protected CDs from store shelves and offered to replace
customers' infected CDs for free.

But that's not the real story here.


Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Peter Godwin: "Internet Society Welcomes WSIS Proposal to Build on Internet"
Go to Previous message: Thomas Claburn: "Bloggers Break Sony"
TELECOM Digest: Home Page