Tuesday, November 15, 2005

Still More on Sony's DRM Rootkit: "The root of the problem is a serious design flaw in Sony’s web-based uninstaller. When you first fill out Sony’s form to request a copy of the uninstaller, the request form downloads and installs a program – an ActiveX control created by the DRM vendor, First4Internet – called CodeSupport. CodeSupport remains on your system after you leave Sony’s site, and it is marked as safe for scripting, so any web page can ask CodeSupport to do things. One thing CodeSupport can be told to do is download and install code from an Internet site. Unfortunately, CodeSupport doesn’t verify that the downloaded code actually came from Sony or First4Internet. This means any web page can make CodeSupport download and install code from any URL without asking the user’s permission."

This means that if you played a Sony/BMG CD on your computer and let it install the software, you have the Sony rootkit installed. Then if you use the uninstaller Sony provides, you install a program that will allow ANYONE ON THE INTERNET to download and install whatever they wish on your system. Since there are MILLIONS of people who likely have the Sony rootkit installed, there is a huge pool of possible victims here if someone were to develop an internet worm looking for this uninstalled. And someone WILL write one, it's just a matter ot time.

Oh Sony - you morons.