Sony's Rootkit: the untold problem
Posted on Tuesday, November 15, 2005
The whole Sony debacle has been well documented over the last few days. What bugs me more is how Microsoft is dealing with the threat. Instead of attacking the root of the problem, they have stated in a blog post that they will be removing the rootkit with their AntiSpyware Tool. Why is this an issue? Microsoft’s approach is wrong. Their entire approach to security is, and this issue does nothing but affirm that. It shouldn’t be possible to install the Sony rootkit. Yes it is possible to install rootkits through buffer overflows and other shady methods, but these are MUCH more difficult install; consequently, they are much less frequent. The Sony rootkit is passively installed by the user when they run the CD, why isn’t the user notified of this, not even asked for their password in order to modify system files? This problem would never happen on OS X because it would ask the user for their password – something that shouldn’t happen when playing a standard audio CD. This minor difference in approaching security is a big part of why OS X has fewer security issues. Windows might be more securely coded than OS X (fewer buffer overflows etc.) but it invites exploits. I wish the trust everyone architecture could change overnight, it would solve most of the issues we face with the internet.