.comment-link {margin-left:.6em;}

 The image “http://photos1.blogger.com/img/18/3404/640/NewsORamaLogo-rev1.jpg” cannot be displayed, because it contains errors.

Thursday, November 03, 2005
  Wired News: The Cover-Up Is the Crime
Wired News: The Cover-Up Is the Crime: "The firestorm began when Mark Russinovich, a computer security expert with Sysinternals, discovered evidence of a 'rootkit' on his Windows PC. Through heroic forensic work, he traced the code to First 4 Internet, a British provider of copy-restriction technology that has a deal with Sony to put digital rights management on its CDs. It turns out Russinovich was infected with the software when he played the Sony BMG CD Get Right With the Man by the Van Zant brothers.

A rootkit is a particularly insidious type of Trojan horse that hides its existence from users and programs by tampering with the operating system on the most fundamental level. Where normal malicious code might be content to choose a deceptive file name, a rootkit 'hooks' operating system calls that might reveal its presence, and essentially reprograms them to lie -- like bribing the coroner to conceal a murder.

And the lie the First 4 Internet code tells is a whopper. Under the program's influence, Windows will deny the existence of any file, directory, process or registry key whose name begins with '$sys$.' Russinovich verified this by making a copy of Notepad named '$sys$notepad.exe,' which promptly vanished from view.

That means that any hacker who can gain even rudimentary access to a Windows machine infected with the program now has the power to hide anything he wants under the '$sys$' cloak of invisibility. Criticism of Sony has largely focused on this theoretical possibility -- that black hats might piggyback on the First 4 Internet software for their own ends.

On Wednesday, Sony answered its critics by promising to issue a patch that allows antivirus software to pierce First 4 Internet's cloaking function. But in our view, the hacker and virus threat is something of a red herring. The harm of the Sony DRM scheme is not that it enables evildoers, but that Sony itself did evil.

We needn't go skulking through the computer undergroun to find malicious action here. By deliberately corrupting the most basic functionality of their customers' computers, Sony broke the rules of fair play and crossed a bright line separating legitimate software from computer trespass. Their actions may be civilly actionable.

Sony may even have committed a crime under the U.S. Computer Fraud and Abuse Act, which can carry fines and prison terms for anyone who "knowingly causes the transmission of a program ... and as a result of such conduct, intentionally causes damage, without authorization, to a protected computer." Corrupting Windows so it misreports the contents of a hard drive sounds a lot like "damage," and the click-wrap license agreement on the Sony disk amounts to pretty thin "authorization" -- disclosing only that "this CD will automatically install a small proprietary software program ... intended to protect the audio files embodied on the CD." "
 
Comments: Post a Comment

Links to this post:

Create a Link



<< Home
Current events with a sprinkle of opionion.

Name:

A prematurely crusty South Park Republican, with a raging addiction to internet news and current events.

Contact NewsORama:
 



powered by FreeFind

Daily light reading:

September 2004 / October 2004 / November 2004 / December 2004 / January 2005 / February 2005 / March 2005 / April 2005 / May 2005 / June 2005 / July 2005 / August 2005 / September 2005 / October 2005 / November 2005 / December 2005 / January 2006 / February 2006 / March 2006 / April 2006 / May 2006 / June 2006 / July 2006 / September 2006 /


Powered by Blogger