Wednesday, November 02, 2005

SONY GUILTY OF WRITING A MALICIOUS TROJAN!

You heard right! Sony is guilty of writing and distribution a Trojan that may constitute a violation of the U.S. Computer Fraud and Abuse Act. Sony has secretly installed a form of malware, known as a 'rootkit', on any PC that loaded a music CD infected with First 4's new DRM scheme.

A criminal act under this US law is defined as any code which: "knowingly causes the transmission of a program ... and as a result of such conduct, intentionally causes damage, without authorization, to a protected computer." This rootkit, which indiscriminately hides the contents of a private hard drive from its owner, clearly violates this statute.

The new First 4 cloaking function is a type of DRM designed to hide anything saved with a file name beginning with $sys$. Try this with a copy of a small program - notepad for example - and if the new file vanishes from your directory...you are infected.

You can get this Trojan root from the Sony BMG CD Get Right With the Man by the Van Zant brothers. There are doubtless other infected CD's. My advice is that no SONY CD is safe.

Sony claims that it will discontinue use of this rootkit in future releases. For my part, until Sony either puts a warning in bold print on any CD label containing this malware or publishes and maintains a comprehensive list of the media containing this Trojan in a public forum, I am done with Sony.

My camera of choice is the Panasonic DVX100a. My next camera purchase will be the Panasonic HVX200 and I shoot professionally with the Panasonic AJHD 27f so I can say with all honesty that this is no hollow threat. Sony, you are off my vendor's list. Goodbye.