Computer security companies had been predicting such exploit code in the wild for weeks, since an independent developer had exposed the presence of a “rootkit” tool on the Sony CDs. The rootkit technology hid the copy protection from view, but also left open a hole that could hide other software.
Virus writers quickly took advantage of that hole, modifying an old Trojan horse to take advantage of the powerful inadvertent shielding provided by the Sony software.
On Friday, Sony responded to the furor and announced that it will suspend production of CDs that contain this particular copy-protection technology and take a second look at its digital rights management strategy.
Antivirus companies are now offering a range of advice, and confusion remains about exactly what the software does and how dangerous it can be to a PC. Here are the basics that everyone should know about this potentially dangerous issue:
What is on the Sony CDs?
The CDs involved are loaded with a relatively new kind of content protection created by British company First 4 Internet. When a listener puts the album into a computer’s CD drive, it pops up a license agreement. If the listener accepts, it installs the copy protection rootkit onto the hard drive.
The rootkit element of the software is used to hide virtually all traces of the copy protection software’s presence on a PC, so that an ordinary computer user would have no way to find it. The software acts to limit the number of copies that can be made of the CD and prevents a computer user from making unprotected MP3s from the music.
What is a rootkit? Isn’t that something that virus writers use?
A rootkit is a powerful piece of software that takes over control of a computer at the most fundamental level. In computer terms, it establishes “root” access, which is similar to administrative access, instead of access for just an ordinary user. It can potentially prevent a computer user from detecting its presence or from performing certain tasks on their own PC.
Like most computing tools, this is not intrinsically a bad thing, but can be abused. Virus writers use these tools to help take over computers and hide the presence of their work