p2pnet - rss feed: US rootkit spyware legislation?
p2p news / p2pnet: The dirty dealings of a German/Japanese record company which tried to spy on its customers may result in new laws being introduced in the US.
Sony(Japan) BMG(Germany) planted secret rootkit DRM applications made by America’s SunnComm and the UK’s First 4 Internet on music CDs.
When buyers played inserted the discs into their PCs, the spyware was installed without their knowledge or permission, also creating security hazards.
Sony BMG is still suffering the consequences of what’s become a major PR disaster affecting not only it, but also the other members of the Organized Music cartel, Vivendi Universal, Warner Music and EMI, who, together with Sony BMG, are also being probed by the state of New York in a separate bribery scandal.
The company has been ordered to recompense victims via cash payments or replacements and now, “A U.S. Department of Homeland Security official warned today that if software distributors continue to sell products with dangerous rootkit software, as Sony BMG Music Entertainment recently did, legislation or regulation could follow,” says PC World.
“We need to think about how that situation could have been avoided in the first place,” the story has Jonathan Frenkel, director of law enforcement policy with the DHS’s Border and Transportation Security Directorate, saying. “Legislation or regulation may not be appropriate in all cases, but it may be warranted in some circumstances.”
The DHS has, “no ability to implement the kind of regulation that Frenkel mentioned,” but it’s, “attempting to increase industry awareness of the rootkit problem,” he said.
“All we can do is, in essence, talk to them and embarrass them a little bit.”
Nor is this the first time that the department has expressed concerns over the security of copy protection software, says PC World, going on:
“In November, DHS assistant secretary for policy Stewart Baker warned copyright holders to be careful in protecting their music and DVDs. ‘In the pursuit of protection of intellectual property, it’s important not to defeat or undermine the security measures that people need to adopt in these days,’ Baker said.”
Meanwhile, the Sony BMG debacle doesn’t seem to have sounded a warning note to other companies.
An example of Settec Alpha-DISC DRM with rootkit-like features was found on a DVD of the movie Mr. & Mrs. Smith.
Also See:
bribery scandal - 9 radio stations in bribery probe, February 9, 2006
PC World - Sony Rootkit Experience May Lead to Federal Oversight, February 16, 2006
rootkit-like features - Mr and Mrs Smith: with rootkit, February 14, 2006
February 17th, 2006 at 4:09 pm
First off, there are more important things for our gov’t to worry about than regulating copy protection software. Bad CPS can be easily fixed… don’t buy the infected product. No gov’t regulation needed
February 17th, 2006 at 6:33 pm
Sure and if people didn’t own stuff we wouldn’t need to outlaw robbery either. But people do own stuff, so we outlawed theft.
Likewise people do purchase software/music/etc that goes in their computers, and many end users/customers would never know what they installed is actually doing to their computers. So yes a law to ensure that the customer is protect from Malware/DRM is needed.
February 18th, 2006 at 1:25 am
The same thing could be said about copyright infringement. If you want to play libertarian, don’t you think there would be a race to the top in terms of effective access control if the government stopped enforcing copyright law, since the only way to protect profit would be to develop strong self-help measures?
Of course, it also would lead to cybervigilanteism would companies would destroy end user systems.
February 20th, 2006 at 4:16 pm
Someone answer a question for me.
From what I understand, many “rootkits” as they appear on Windows attach themselves and then clear their existence from the list of running process information so they aren’t viewable, but are still queued in the task scheduler for execution. Why doesn’t Windows check the list of running process data against the processes/threads set for execution periodically and throw errors when a queued task has no associated process information?
I know very little about how Windows handles these things, but from what I’ve read about how a rootkit hides itself from things like Task Manager et al, this would effectively make the rootkit very noisy unless it relied explicitly on hooking into the kernel or something.