[Dshield] Sony, Rootkits and Digital Rights Management Gone Too Far
tholleb at teknowledge.com
Tue Nov 1 17:06:58 GMT 2005
> The first of these is, what is the difference between what
> Sony BMG has allegedly done here and if a someone breached
> Sony's systems? In my eyes, nothing. Sony has illegally
> accessed individual and organisation's computer systems and
> as such should be accountable to the same laws as anyone else
> committing this act.
I tend to agree, though I'm not sure the current laws are
actually up to the task. It's best not to support the twisting
of existing laws to support conclusions that you prefer, as
allowing laws to be to be twisted usually has unintended
The following actions, though, certainly SHOULD be illegal:
(1) taking actions that hide the existence of installed
applications or application components from consumers.
(2) Attempting to hinder or prevent the consumer from uninstalling
any installed applications or application components.
Regardless of the legalities, I do think that Sony should be held
liable for damages due to the increased difficulty in removing any
worm named $sys$*, since that increased effort is a direct result
of the action of Sony's software. I wonder if it occurred to the
Sony executives that they were opening themselves up for the
possibility of a billion dollar class action suit against them when
their rootkit is found to be aiding and protecting third party malware.
More information about the list