Comments on: Rootkit woes for Sony again?
Security researcher points to rootkit found in fingerprint authentication software in Sony's Micro Vault USB drive.
Most Popular
Google's mobile hopes go beyond Nexus One
The world may have thrilled to the potential for a Google Phone, but what Google actually unveiled is its plan for a new smartphone world order.
• Photos: Unboxing Nexus One
Using your smartphone safely
faq Worms, Trojans, and SMS attacks are risks for mobile phones, but the biggest practical threat to users is losing the device.
About News Blog
Recent posts on technology, trends, and more.
Add this feed to your online news reader
another Sony product since the las fiasco and this just reinforces
my feeling that I was right.
Here's a better definition: A root kit is a set of tools used by an intruder after cracking a computer system. These tools can help the attacker maintain his or her access to the system and use it for malicious purposes.
1. There's no cracking here; I'm sure the license agreement is very precise on what this software will or won't do.
2. There's no permanency; I'd bet the software has an uninstall tool.
moreover
3. There is no malicious intent !
Now you can try to argue that the driver itself may (who knows ?) have flaws that would allow any unrecognized applications to live under this hidden folder. Three things: a) if Windows can't find it, and the malicious file riding the door left open by the driver does not have the collaboration of the driver to let Windows find it, then it won't load, period. b) Did you obtain a disassembly of the code, or did you just guess that it may bring in vulnerabilities "cuz you never know" ? c) If the driver uses the most common types of cloaking, the cloaking will only be truly effective against nefarious software; good anti-virus software, with their greater legitimate access to a system and far greater testing and implementation resources, will locate all the files in this hidden folder in case static data is of concern to you.
This is either sensationalistic reporting, or some guy who really has no clue what he is talking about.
http://en.wikipedia.org/wiki/Rootkit
--mark d.
You have not established any arguments to tell us how you think your understanding differs from mine, though; that make sit difficult to figure out what your contention is.
You complain that a root kit's doesn't hide itself for self-defense. But from the Wikipedia article:
"A rootkit's purpose is typically to hide files, network connections, memory addresses, or registry entries from other programs used by system administrators to detect intended or unintended special privilege accesses to the computer resources."
You complain there's no cracking. Then I guess the Sony/BMG root kit isn't a root kit by your defintion. But, referring to the Wikipedia article again:
"Rootkits are not always used to attack and gain control of a computer. Some software may use rootkits to hide from 3rd party scanners to prevent detection or tampering. Some emulation software and security software is known to be using rootkits."
You complain about a lack of permanency and presume a removal tool. Yet, two applications that use rootkits cited in the Wikipedia article include Alcohol 120 and Daemon Tools, commericial app's that I'd bet a dollar to a donut have removal tools (a much safer bet than anything from Sony having one, if history is any indication!).
--mark d.
- sony micro vault
- by alexab99 September 21, 2007 4:03 AM PDT
- I have a Sony Micro vault usb memory device.
- Like this Reply to this comment
-
(12 Comments)I worked for about a month and then "failed".
I was unable to access it as a drive.
It would not reformat.
Any advice appreciated.