Last Month, Mark Russinovich, of SysInternals.com, uncovered a so-called "rootkit" which is installed by Sony's new digital rights management-protected music CDs.
A rootkit is the common name for a malicious piece of software that is used by hackers or criminals to gain access to a computer system and be able to stealthly run other malicious code. Rootkits often contain hidden and hard to remove files and are designed to be difficult for the user to uninstall.
California, Italy and New York are the first to bring litigation against Sony BMG's digital rights management (DRM) software found in at least 20 music discs released by Sony. The software automatically installs after the user agrees to a end user license agreement (EULA) before the music disc can be played, and includes a rootkit that can create vulnerabilities in the user's Windows computer.
One trojan horse exploiting the security hole has reportedly been discovered.
The California suit claims that the software violates the Consumer Legal Remedies Act, the Consumer Protection Against Computer Spyware Act, and the California Unfair Competition Law. The upcoming lawsuit in New York seeks restitution for consumers across the nation.
Mathew Gilliat-Smith, the CEO of First 4 Internet, the company that created the software, claims it is "benign content." Meanwhile, in an NPR interview, a spokesman for Sony said, "users don't know what a rootkit is, and therefore, don't care."
Russinovich classifies Sony malware as a rootkit because it is alleged to open several serious security holes, one of which can be exploited to hide files and prevent the user from removing them. In particular, all executable files that begin with '$sys$' are hidden when the software is installed. Russinovich points out that these security holes would likely be exploited by hackers, or other malware producers besides Sony.
He goes on to explain that naively removing the files will result in the users operating system becoming crippled. Russinovich provides an explanation of the difficult step required to remove Sony's malware.
Playing the same CDs on computers not running the Windows operating system, or on a non-computer based CD player remains free of harm. As removing Sony's malware may violate the DMCA, ripping the CDs on computers running a non-Windows operating system may be the best legal and technically safe option for those who wish to listen to them under Windows, according to published reports.
The rogue software is automatically installed when a Sony CD is played on a computer, and is not mentioned in their EULA.
Sony and First 4 Internet have released "patches" and uninstall kits, after programmer Mark Russinovich discovered the hidden files from the rootkit. However, these uninstall kits are only installable online through an ActiveX application, a technology many security experts advise users to deactivate due to its high execution privileges on host computers.
In addition to questions of legality, the DRM software has come under fire from media rights activists and even artists.
Thomas Hesse of Sony BMG is quoted by the San Francisco Chronicle as saying that 60 percent of Sony BMG CDs released in the United States currently have copy protection measures, and that they aim to hit 100 percent by early 2006.
-- Compiled from wire reports
FEATURES 
