Sony Caught In Yet Another Rootkit Mess?

from the don't-they-know-to-check-for-these-things? dept

Tue, Aug 28th 2007 8:23am — Mike Masnick

Sony is a big company, and various parts and subsidiaries are pretty much totally disconnected from other areas of the company, but given the disastrous PR that Sony had to deal with following the original rootkit debacle (which really was more of a BMG issue than a Sony one) you would think that perhaps someone higher up at Sony corporate would have sent around a memo or something to all the rest of Sony, suggesting that they check around and make sure that none of their products had rootkit-like functionality. Either that didn't happen... or someone didn't get the memo. It appears that a line of USB flash drive sticks that Sony sold have been discovered to install rootkit-like functionality that hides a folder on users' computers. And, of course, just like the original Sony rootkit, this hidden folder is perfect for malware writers to use as hiding places for their malware. While this one probably isn't as big a deal as last time around, let's see if Sony figured out that brushing it off because no one knows what rootkits are isn't exactly the best response to such a discovery. In the meantime, this highlights (once again) how weak many security programs are that they don't automatically look for this type of action in order to prevent it from happening in the first place.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: rootkits, security
Companies: f-secure, sony

29 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

MATT, 28 Aug 2007 @ 8:40am

not quite 100%
from what I understood from the slashdot side, is that it is a hidden folder ish thing but not neccessarily a rootkit issue. If I am wrong, please slap down myself and sony but I believe it was considered "similar but not a rootkit"

http://it.slashdot.org/it/07/08/27/1334210.shtml
[ link to this | view in thread ]
Lance Fisher, 28 Aug 2007 @ 8:41am

Good Thing I Swore Off Sony
Good thing I swore off Sony after the last one. I've refused to buy CDs of bands I like because they are on the Sony label, and apparently it's good that I decided to not even buy hardware from them.
[ link to this | view in thread ]
Overcast, 28 Aug 2007 @ 8:43am

Yeah, just had to see it coming. I'm glad I just avoid Sony products. I recently bought my Dad a DVD recorder - the best two they had - minus the DVR were the Sony and the LG.

Needless to say, I walked out with the LG.
[ link to this | view in thread ]
Overcast, 28 Aug 2007 @ 8:49am

And from what I read there - doesn't matter if it's technically a rootkit or not, they are going out of their way - once again, to hide stuff from users.

That's just unacceptable, in any event. Too many companies try to pull this BS now, with so much competition, it's easy to just avoid them.

Oh and the LG DVD recorder had been working flawlessly.
[ link to this | view in thread ]
Joel Coehoorn, 28 Aug 2007 @ 8:50am

@MATT: This is more than just a standard hidden folder. This folder is specifically hidden even if you show hidden files, view hidden system folders, and all the rest of the little tricks you can do that normally show hidden folders.

@Mike: This is actually much worse than the previous breach, because it's much easier to take advantage of. I can't browse the folder in windows, but a simple line like this on the console will hide some malicious software:
copy myevilprogram.exe c:windowssonyhiddenfolder

I understand the other article I read correctly, not only is the program file now hidden from virus scanners and the like, but if it starts running the process won't show up either in places like task manager either.
[ link to this | view in thread ]
Chronno S. Trigger, 28 Aug 2007 @ 8:52am

Re: not quite 100%
Your absolutely right. it installs "rootkit-like functionality" (Copied directly from this article). The problem isn't the folder itself but the fact that there is already malware out there that use this folder to hide itself and not able to be scanned by certain anti-malware programs. (and sony won't respond on this issue)
[ link to this | view in thread ]
Anonymous Coward, 28 Aug 2007 @ 9:25am

My answer and/or comment works just fine. SCREW Sony!!!
[ link to this | view in thread ]
Anonymous Coward, 28 Aug 2007 @ 9:48am

Out of curiosity....
...what is the point of the hidden folder? Is Sony using it for something?
[ link to this | view in thread ]
Griffon, 28 Aug 2007 @ 9:56am

It's in the demo's too
That's nothing you can root kit your computer just be installing a popular demo like Bioshock on your PC, it's part of the secure rom crap sony uses to (not really) protect it's games. Why this crap is included in free demo that doesn't need to be protected is totally beyond me. Talk about not getting the memo, it's just business as usual and the customers be dammed.
[ link to this | view in thread ]
Anti-SONY, 28 Aug 2007 @ 10:06am

Never
I will never buy or use another Sony device, even if it is free. My family is not allowed to bring Sony crap in the house either. Last week one of my kids brought home a free ps2 from their cousin and I immediately sent it back. Their execs will learn one day when sitting under a bridge with the rest of the homeless, but maybe that's even too good for them.

BTW their movies rip great. LOL
[ link to this | view in thread ]
InSoMnIaC, 28 Aug 2007 @ 10:27am

The point of the "hidden" folder is to hide the biometric data from the finger print reader. I can honestly say from a programmers perspective this was piss poor planning. Why not store it in the flash drives memory rather than compromise a system. Yeah the malware can detect if the drive is inserted but a scanner should have picked up the malware by that point.
[ link to this | view in thread ]
Anonymous Coward, 28 Aug 2007 @ 10:48am

Same old same old
Who went to prison from Sony the last time they did this? 'Nuff said.
[ link to this | view in thread ]
Anon-i-mouse, 28 Aug 2007 @ 10:48am

SMSG
Just some more of the same garbage from Sony. I started boycotting them with the original root-kit fiasco, and so far everything they have done is just reinforcing my opinion that this is the right course of action - voting with my (not too shallow) pocketbook. I recently purchased a new HD TV (not Sony - NS), a new DVD player (NS), 10's of new DVDs (NS), a new auto stereo (NS), etc. If it says Sony or BMG on the label, I will not buy it, no matter how much I want it. As far as I'm concerned, Sony will never get another voluntary nickel from me. I'm even checking movies as they are released and will not pay to see one of them either if Sony is involved in any concrete way. Too bad, they lose...
[ link to this | view in thread ]
reed, 28 Aug 2007 @ 11:09am

Why do we need sony and the other big electronics
With micronization reaching the levels it has why do we need big centralized companies to disseminate all of our electronics?

It seems the time for these mammoth corporations that produce more waste than anything else need to go the way of the dinosaurs. Economically their model just doesn't make good sense and they only survive because of all their intense lobbying and political favors.

I for one am sick of enormous businesses and all their crapware. Show me a good product that MS or SONY makes and I will show you and independent small company that has a better solution. The big guys need to go away and let the market start working again. Time to bring out the big stick IMHO.
[ link to this | view in thread ]
Just Me, 28 Aug 2007 @ 11:43am

Post #14
"Economically their model just doesn't make good sense and they only survive because of all their intense lobbying and political favors."

But how will all of the smaller companies buy political favours??

I know - they'll form together and make one large entity. That way they can still buy politicians...oh wait, that already happened.
[ link to this | view in thread ]
Annoyed, 28 Aug 2007 @ 12:06pm

Same thing with Bioshock ... Stupid game installs root-kit like stuff when installing the game, too. This is rediculous. Can't they get the hint?
[ link to this | view in thread ]
Just Me, 28 Aug 2007 @ 12:19pm

Memo
Someone didn't use the new cover page for the TPS reports?

Did they get the memo?
[ link to this | view in thread ]
Protoplasm, 28 Aug 2007 @ 1:19pm

F**K SONY!

Proletariat Pigs, Sarasin Swine!

I have a SONY DVD drive and whenever I load a gaming application, I run a 50% chance of getting the dreaded "Conflict with disk emulation software" message. If I run the games on the Yamaha or a Generic drive, no such problem.

I have not used any emulation software ever. More proof, that Bill Gates *is* the anti-Christ.
[ link to this | view in thread ]
Chronno S. Trigger, 28 Aug 2007 @ 1:55pm

Re:
Please tell me you guys are pulling my leg. Bioshock is from Sony? Why then is it out for Xbox360?
[ link to this | view in thread ]
Chronno S. Trigger, 28 Aug 2007 @ 2:00pm

Re: Re:
PS: And windows, but not PS3?
[ link to this | view in thread ]
Sean, 28 Aug 2007 @ 2:56pm

It is wonderfull that more people are not buying Sony. I can honistly say I have never bought any Sony merchendise in the 21 years I have been alive. Excluding the BMG buy 2 cds get 10 free offers I have done that twice. My parents have only purchased 2 camcorders from them.

Proud to have a life time ban on buying Sony products.
[ link to this | view in thread ]
FreakUnique, 28 Aug 2007 @ 2:58pm

Whoops they did it again. I will advise dad to not buy Sony but he won't listen.

Anyways Sony are actively boycotted by me also. I only allow current Sony products in the house because my parents will moan to Hell and that drives me potty. I won't touch the Sony products if I can help it. Mother's Sony mini stereo doesn't want to read many of my legit CDs despite the fact that they work on everything else. Very suspicious
[ link to this | view in thread ]
Red, 28 Aug 2007 @ 3:27pm

Re: Post #14
"But how will all of the smaller companies buy political favours??"

They won't buy any real favors because they are too small to have the lobbying power of a major corporation. The idea is to keep our country representing the people not some disembodied perversion of capitalism known as modern corporations.

"I know - they'll form together and make one large entity. That way they can still buy politicians...oh wait, that already happened."

Then we take out the big stick and beat them back again. It is all part of balancing our country's interest. Despite what many people believe nowadays breaking up large coporations is a good thing for the little guy (Which is in the majority last time I checked).

(reply to this comment) (link to this comment
[ link to this | view in thread ]
notsonaive, 28 Aug 2007 @ 3:49pm

Boycott Sony
Y'all are more than a little naive. Do you think all Sony's competitors are clean as a whistle? Do you realize that ALL electronics make parts for each other? You can't avoid Sony anymore than you can avoid Microsoft. Complain to Sony. Maybe enough complaints will make a difference ;)
[ link to this | view in thread ]
Annoyed, 28 Aug 2007 @ 3:49pm

Re: Re: Re:
Yep ... 360 and windows ... better stick to the 360 version or you'll have hidden solders brought to you by Sony yet again. Bioshock isn't made by Sony, but it's affiliated, and therefor, comes with all Sony's bulls**t.
[ link to this | view in thread ]
Jimbob, 28 Aug 2007 @ 3:56pm

Who knows what garbage will on the Spiderman 3 DVD when it comes out. As for my personal experience with Sony, they sold laptops the had MAC addresses the began with 99 instead of the industry standard of 00. My friend's ISP wouldn't let his NIC obtain an IP address because it saw the 99 as illegal granted my friends ISP is crappy but he had to use USB to hook to his cable modem. Sony is always trying to do it their way and Blu-ray is just latest because the don't want to pay royalties to the inventors of HD-DVD. Sony go to hell in a handbag.
[ link to this | view in thread ]
John (profile), 28 Aug 2007 @ 4:00pm

Microsoft to blame?
I know it's "cool" to bash Microsoft, but why haven't they been blamed for any of this?
Who the **** thought it was a good idea to allow software to tell the operating system to create hidden folders?

The meeting probably went something like this:
"Hey, Joe, wouldn't it be cool if applications could create folders that were hidden from the user and that could hidden from virus-scanners and anti-spyware programs?"

"Man, that would be awesome. Just think about all the legitimate reasons why companies would want to hide their files. Nah, who are we kidding. Let's open as many backdoors as possible. We'll let the 'patch department' issue a security HotFix five years from now to fix it."
[ link to this | view in thread ]
Unknowledgeable Geek, 29 Aug 2007 @ 5:33am

Re: Microsoft to blame?
So idiots such as yourself don't delete sys files. Got to hide some stuff from the ignant.
[ link to this | view in thread ]
Joe Smith, 29 Aug 2007 @ 10:56am

Bioshock
Problems with BioShock might be worth a little more attention from TechDirt. My teenager has been looking forward to it for months and ran out to buy it as soon as it came out. First he hits the installation hassle and then it turns out that the video card I bought last year for him (Radeon 850 with 512 meg of video ram) is not up to the job of running BioShock because the game needs Pixel Shader 3.0 and the card only supports Pixel Shader 2.0.

So my advice to any other dads out there is F**K ATI and F**K BioShock - go spend your money on something else for the kids.
[ link to this | view in thread ]