November 15, 2005

Why Sony still sucks

Sony pledges not to use its fangs, but its corporate claws are in full swing.

After weeks of criticism, Sony has finally agreed to temporarily stand down on an abusive and likely illegal copy-restriction practice. Hold the applause.

» More

The uninstaller posted by Sony creates a large security hole.

Princeton's Ed Felten and Alex Halderman have published new research into a grave security vulnerability opened up if you run the "uninstaller" that Sony supplies to rid your PC of its malicious rootkit software, which it installs when you insert an audio CD into your PC, as a means of restricting your use of the music on the CD.
The new vulnerability is as grave as a security vulnerability can be. If you run the uninstaller, your computer can be utterly compromised by an attacker who can reach it via the Web. Your computer can be made to run any code and surrender your data. It can be enlisted to act as a "zombie" for sending spam or attacking sites that are being shaken down in protection rackets.

» Security hole

No comments:

Post a Comment