, 2005-11-22
The big story the last few weeks has been the Sony BMG rootkit and in fact, it's the kind of story for which columnists drool: a big company does something unbelievably dumb that violates basic security principles. If you don't know what I'm talking about (and if you really don't, I'm amazed - you need to follow the news more!), you can read excellent coverage on SecurityFocus, plus a good write-up on Wired, or catch up with a timeline of events brought to you by Boing Boing (parts one, two and three).
Expand all |
Post comment
It looks like the U.S. Military is finally waking up to the security implications of SONY's rootkit. Here is an article from the Stars & Stripes, a military newspaper.
http://stripes.com/article.asp?article=33184
Also on a related note, SecuROM, SONY's other CD DRM project that is under investigation has removed from the FAQ the proof that they allow users to bypass administrator rights. Look at the Google cache link and then at the new page. Notice #7 has now been changed.
ORIGINAL GOOGLE CACHE PAGE:
http://72.14.207.104/search?q=cache:yArz3yeMNRIJ:www.securom
.com/support_faq.asp+Why+does+SecuROM%E2%84%A2+install+UASer
vice7.exe&hl=en
NEW PAGE:
http://www.securom.com/support_faq.asp
I have also found several articles on CNET about financial institutions finding rootkit infected systems in their banks. That's just great. Way to go SONY. National Security, Financial Institutions... whats next... Nuclear Plants?? Oh wait, guess what... I'm sure it has already happened.
Somebody please submit the Stars & Stripes article to Digg and /. I don't have accounts there and cannot create one from this system. Keeping this story alive and growing is the only way we have to stop this DRM nonsense from growing. Sony has done more to help us in this fight then we have managed to do in 3 or 4 years.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/370/32721#32721