[Dshield] Rootkits All Around: Universal Music Has It ,Too
ed.truitt at etee2k.net
Wed Nov 2 21:35:30 GMT 2005
Well, since this package hides itself from the system, I think it meets the criteria for a rootkit. The fact that it cripples your system if you try and remove it (and aren't very, very careful) gives it a distinctive flavor of 'malware'.
If it walks like a duck, and talks like a duck... DUCK!
From: Mrcorp <mrcorp at yahoo.com>
Date: Wed, 2 Nov 2005 11:03:24
To:General DShield Discussion List <list at lists.dshield.org>
Subject: Re: [Dshield] Rootkits All Around: Universal Music Has It ,Too
Perhaps I am a bit confused over terms, but are we talking rootkit, spyware, or something else? I
find it extremly odd that music companies would be putting rootkits on peoples computers.
--- Fergie <fergdawg at netzero.net> wrote:
> Mike writes over on techdirt.com:
> I doubt this is surprising to anyone. But, following all the talk about Sony's rootkit-style
> copy protection found on some music CDs, people are looking to see who else the copy protection
> company works with. Riley turned up a press release, showing that the company is also outfitting
> certain Universal Music Group CDs with their special brand of malware copy protection -- even
> highlighting in the announcement that it's the same as found on SonyBMG CDs. Of course, given
> Universal Music's CEO Edgar Bronfman's history of believing he must control everything, it's no
> surprise at all that they'd be using this too.
> Given the lawsuits against adware firms for sneaky installs (and, recognizing that this rootkit
> stuff is actually much more dangerous by opening up additional holes in your computer), doesn't
> it seem like these record companies have just opened themselves up to a serious legal liability?
> They installed something on computers without asking or alerting you. They make it very, very,
> very difficult to remove. They break certain features of your computer and they open up a major
> security vulnerability that others can exploit. And then they call all their customers
> criminals. Can't imagine why they're having trouble with their existing business model.
> - ferg
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawg at netzero.net or fergdawg at sbcglobal.net
> ferg's tech blog: http://fergdawg.blogspot.com/
> Using .Net? Need to know more about .Net Security?
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see:
Using .Net? Need to know more about .Net Security?
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
-E D Truitt
Sent via my BlackBerry from Cingular Wireless
More information about the list