Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

Sony USB Drives Pack Rootkit Surprise

By BetaNews Staff, BetaNews

August 28, 2007, 2:10 PM

Finnish security company F-Secure has reported on new rootkit-like software discovered on USB thumb drives manufactured by Sony. Although the software doesn't appear to cause damage to a user's system, it does create a hidden directory that is inaccessible via the Windows API and some virus scanners.

The product in question is Sony's MicroVault USM-F fingerprint reader software, included with the company's USB drives. Sony was widely derided in 2005 for bundling copy-protection software on its music CDs that utilized rootkit-like functionality. "It is our belief that the MicroVault software hides this folder to somehow protect the fingerprint authentication from tampering and bypass," says F-Secure. "However, we feel that rootkit-like cloaking techniques are not the right way to go here." The company contacted Sony about the issue, but received no response.

Add a Comment (71 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By SGD

posted Aug 30, 2007 - 10:33 AM

On a different note about how Sony fails check this out.

BD 1.1 spec on the rocks again?
In what is now becoming an absolute joke, too funny to be even called a fiasco, the "new, newer" deadline for all Bluray players to HAVE to meet the mandatory final player specification is approaching on November 1st, yet NO players, ZERO, are currently scheduled to ship that meet the BD 1.1 spec. In fact, all new BD players are being rushed to market before Nov 1st so that they do not have to meet the spec, and the only player to meet 1.1 has now apparently been delayed till 2nd quarter 2008!

Score: 0

By yountmj

posted Aug 30, 2007 - 5:42 PM

On Amazon Electronics, the Toshiba HD-A2 HD DVD player has been the #1 best-seller for quite some time... above all other electronics, period. Blu-ray isn't even in the top 100. That makes me chuckle.

Score: 0

By NULLedge

posted Aug 29, 2007 - 6:44 PM

is this is some form of new scary ps3 ad? seriously, those things are creepy. on a brighter note, i'm still happy not running windows and the service packs, root kits, virus scanners, and malware bundles aren't doing much to change that ;)

Score: 0

By Program86

posted Aug 29, 2007 - 11:12 AM

Here we go again (Sony)

Score: 0

By KSzostek

edited Aug 29, 2007 - 10:42 AM

WOW here we go again. Will Sony ever get a clue?

Let me say it again Sony deseves to be boycotted on ALL their products. They bring it on themselves every time.

Get a clue Sony.

Score: 0

By MinuteMaid

posted Aug 30, 2007 - 6:26 AM

I think you need to get a clue. Have you actually read past the headline? It's not a Rootkit dumba**. It's BetaRumours spreading FUD again.

Score: 0

By yountmj

edited Aug 30, 2007 - 10:03 AM

Are you just completely freaking brainless (or brainwashed), or is it your sole purpose to stir up crap?

$sql->Query("SELECT * FROM Dave WHERE clue != 0");
0 rows returned

MinuteMaid: "Next time BetaRumours, try doing 5 minutes on Google, before you end up looking like clueless idiots every time a Sony story crops up."

Done. Searched "Sony USB Rootkit" on Google as suggested...

Yep... ROOTKIT!

"A rootkit is a general description of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Techniques used to accomplish this can include concealing running processes, files or system data from the operating system. Rootkits have their origin in benign applications, but in recent years have been used increasingly by malware to help intruders maintain access to systems while avoiding detection. Rootkits exist for a variety of operating systems, such as Microsoft Windows, Mac OS X, Linux and Solaris. Rootkits often modify parts of the operating system or install themselves as drivers or kernel modules."

McAfee Avert: http://www.avertlabs.com...e-me-sony-one-more-time

F-Secure: http://www.f-secure.com/...ves/archive-082007.html

Sony Sweden confirmed publicly that it is a ROOTKIT.

However, you have not proven that it isn't, as usual. Go ahead, prove it. Do something different for a change.

Score: 0

By SGD

posted Aug 30, 2007 - 7:41 AM

Funny betanews must own many other sites since they are all reporting the same thing. Sony messed up get over it Dave.

Score: 0

By SlapShot

posted Aug 30, 2007 - 6:35 AM

whatever you say dave

Score: 0

By fernz33

posted Aug 29, 2007 - 12:09 AM

This website and it's users are funny.
The anti-Sony propaganda is incredible?

Anti-MS story about recalled Steering Wheels - 28 comments in 5 days in support of product.

Anti-Sony story about a rootkit which turns out to not even be a rootkit - 50 comments in 1 day.

I see why the Beta"News" spin machine works so hard. It's just catering to it's audience. I just haven't figured out if the Spin Machine keeps the comments coming, or are the comments keeping the Spin Machine spinning?

"...Sony is still making the nukes."
Classic!

Score: 0

By yountmj

edited Aug 29, 2007 - 8:22 AM

The pro-Sony propaganda is worse.

$sql->Query("SELECT * FROM fernz33 WHERE clue != 0");
0 rows returned

Score: 0

By Setian^Stalker

posted Aug 29, 2007 - 6:38 AM

Beta news spin machine?
They are only reporting whats out in the wild. Its hardly the sites problem if more people are responding to Sony's problems than Microsofts. Join in the conversation, encourage your friends to do so and before you know it all topics may be just as active as each other
For the record, theres plenty of anti microsoft news on this site.

Score: 0

By leojei

edited Aug 29, 2007 - 12:16 AM

It's all about a human nature that bad things get more attention. So you should join in just to show you're a human~

The fact that I reply to your post is that, it stands out in a bad way.

I also agree on the post that utilizing rootkit-like technique to provide functionality is just not right. Ensuring bad things like spyware/malware/virus not having access to it and planting an inaccessible folder in HDD are 2 different stories that don't go well together.

Score: 0

By Ramhound

posted Aug 28, 2007 - 11:48 PM

The only thing SecuRom is ineffective software that only causes issues and doesn't actually protect anything.

It of course is NOT a Rootkit considering its doubtful it even meets a vague description of the word.

Score: 0

By alphatrigon

posted Aug 28, 2007 - 6:49 PM

I'm not siding or supporting Sony...BUT if someone tries to make security software, or software that tries to use the best methods of protecting itself for legit reasons, it still would not be looked at favorably even if it used the routines and algorithyms of a "rootkit"?

rootkits used to not be bad...
http://en.wikipedia.org/wiki/Rootkit

but eventually a lot of terms carry negative aspects...like the terms people make up for smart, intelligent people, or people who behave proper and are polite...I'll let you make your own assumptions and thoughts. :)

Score: 0

By leojei

posted Aug 29, 2007 - 12:25 AM

Nice point on "rootkit". I asked myself and it is negative to me.

Here's the up-side, Sony is providing a product with functionality, a service or package of how things work without using resources that you don't agree on (ie: users know/agree the USB drive is drawing power from the USB port, but users don't know their HDD is being used as a storage medium).

Now Sony is provinding a product with the potential to function, meaning users have to take their own risk and offer anything that Sony see fit while users use the product. It's like going into your house and get the scissors to do gardening without letting you know they went into your house to grab that scissors.

Score: 0

By Tenoq

posted Aug 28, 2007 - 10:14 PM

But they are the ones opening the doors to malicious rootkits. We made nukes, realised they could be used for malicious purposes and stopped making them. Sony is still making the nukes.

Score: 0

By siryak

posted Aug 28, 2007 - 6:05 PM

Ouch! Looks like everyone is starting to lose faith in Blu-Ray. I usually don't pay any attention to analyst, but this actually appears to be a well thought out article.
http://www.technewsworld...oduct-of-the-Week.xhtml

Score: 0

By siryak

posted Aug 28, 2007 - 5:56 PM

"Sony USB Drives Pack Rootkit Surprise"

Sony?!?!? Rootkits?!?!?! Never!!!

Score: 0

By Galway

posted Aug 28, 2007 - 3:31 PM

Will they ever learn !!

http://games.slashdot.or...s/07/08/24/213256.shtml

Sony is really not grasping this PR thing are they ?

Score: 0

By yountmj

edited Aug 28, 2007 - 5:07 PM

Sorry, but SecuROM is not a rootkit, despite how much I despise it.

The only thing worse than referencing Wiki these days is referencing /.

http://www.extremetech.c...2/0,1697,2176151,00.asp

"The copy protection scheme used in BioShock is called SecuROM, which is a product of the Sony Corporation. Sony has come under fire before for installing rootkits when some of its audio CDs were played on Windows computers. Now SecuROM, which is installed by both the demo and full versions of BioShock, is erroneously being called a rootkit by alarmist bloggers...

You don't have to like DRM, but in the age of wanton piracy of PC games, it's a necessary evil. It's one thing to complain about what a DRM scheme actually does, but it's another entirely to start an online riot by accusing it of evils of which it's not even guilty."

SecuROM has been used on numerous PC titles.

Score: 0

By meb

posted Aug 29, 2007 - 10:36 AM

Remind me again why SecuROM needs to be attached to a fully downloadable demo?

I thought the purpose of the demo is to distribute it freely and get it 'known' so people get hooked and buy the 'real deal'.

Are we sure SecureROM doesn't have other nasty features... and if not - why is it in the demo?

Score: 0

By Meth

posted Aug 29, 2007 - 4:31 PM

Ok I'm not defending SecuROM in gerenal, I think it's a piece of crap and it sucks that they include it. To answer your question though demo's often have the same binary as the full version they just strip out the data leaving a single or limited set of levels for example. It has been a common practice in the past therefor to buy the game with the copy protection and then replace the executable with the non-protected executable from the demo resulting in an completely unlocked game. Putting the copy protection in the demo therefore negates this type of piracy.

Score: 0

By siryak

posted Aug 28, 2007 - 5:58 PM

Call it what you will, it is still a very disliked and annoying software. I see people complaining about SecuROM all the time in PC gaming forums. Especially on Bioshock.

Also they are wasting their time with all this DRM crap. The only people it is harming is the people that aren't pirating it! It will get hacked just like all of the other DRMs that have ever came out.

Score: 0

By yountmj

posted Aug 28, 2007 - 6:39 PM

Don't get me wrong bud, I hate it as well, and I agree with you completely. Right there with you.

I see DRM as the electronic version of gun control. The only thing it is really accomplishing is making life more complicated for the law-abiding users.

Daemon Tools is a rather nice workaround.

Score: 0

By siryak

posted Aug 28, 2007 - 8:39 PM

Oh I wasn't implying that you didn't. Just kinda stating my thoughts on it is all lol.

Score: 0

By Alpha258

posted Aug 28, 2007 - 3:16 PM

I hate Sony products and I hate you Sony, nearly as much as Microsoft.

Another cent of mine will never go to either company. My money is better spent elsewhere.

Score: 0

By Latz !

posted Aug 28, 2007 - 8:09 PM

I bought a Sony 16X DVD-RW last week, it was defective. Wouldn't read anything, let alone write. It's depressing to think back to when Sony actually meant quality.

Score: 0

By FubarJeb

posted Aug 28, 2007 - 3:43 PM

Not all of there products are terrible. I for one like Sony's tv's and A/V receivers and Microsoft publishes some pretty good games.

I do agree that hidden root kits are bad, shame on you Sony.

Score: 0

By poopoopoo

edited Aug 28, 2007 - 6:34 PM

And how long until they have some way on their TV's and DVR's that prevent you from recording programs?

They would probably have such DRM out now, if they had reliable technology in it.

I quit giving Sony money when I got their first rootkit on my computer. It's a relatively moot issue for me, at least concerning computers, since I switched my main desktop to Linux, but on the few occasions I have to use my Windows machine for something, stories like this stick out in my mind a bit too much.

The consumer is the enemy, whether they are honest or not. If things don't change, in ten years, we'll be living in an online police state (at least in the States).

Score: 0

By Niro

posted Aug 28, 2007 - 6:54 PM

Sony receivers are some of the worst in the market, and sony tv's, although good...are way overpriced.

Score: 0

By bobthegoat2001

posted Aug 29, 2007 - 6:38 AM

You hit the nail on the head.

Score: 0

By bobthegoat2001

posted Aug 30, 2007 - 4:51 AM

Err... I said that backwards.

Score: 0

By SGD

posted Aug 28, 2007 - 8:49 PM

Agreed I buy Denon receivers.

Score: 0

By siryak

edited Aug 28, 2007 - 7:12 PM

Agreed. You can get a Samsung TV cheaper and most of the time end up with as good or better TV in the end.

Score: 0

By GoodThings2Life

posted Aug 28, 2007 - 3:08 PM

Actually, MinuteMaid, this article was reported elsewhere yesterday.

As for Sony, well, a second root-kit is just retarded. I would think they'd have learned their lesson the last time.

Score: 0

By MinuteMaid

posted Aug 28, 2007 - 2:44 PM

lol, BetaRumours make themselfs out to be total Sony haters yet again..

This "Rootkit", is not such thing, the original article has been misrepresented. Take a look on Slashdot for details.

Next time BetaRumours, try doing 5 minutes on Google, before you end up looking like clueless idiots every time a Sony story crops up.

Score: 0

By terminalx

edited Aug 28, 2007 - 6:43 PM

Slashdot, yes there's a reliable source, you should read the article as it states a "rootkit like device" and because it behaves like one, it could be used for malicious purposes such as the blizzard hack.

Its not necessarily sneaky but its poorly implemented. at least it hasn't caused any damage yet to anyone's pcs.

Score: 0

By yountmj

posted Aug 28, 2007 - 5:16 PM

Oh please, give it a rest with your elitist attitude... you, the one who embellishes and blows out of proportion every single news item regarding the Xbox 360.

Oh noes! It's burned down half of San Francisco!
It's killed thousands of children!
The wireless adapters will make you sterile!
Blah blah...

Talk about your clueless idiots... you have extremely little room to judge others, least of all the editors.

Score: 0

By SGD

posted Aug 28, 2007 - 4:24 PM

Sony makes others hate them because of the stupid things that they do. They bring it all on themselves. Maybe someday you will understand.

Score: 0

By Ano

edited Aug 28, 2007 - 3:02 PM

I'm always surprised when I see people refer to BetaNews writers as "sony-haters" or "microsoft-haters"; While this particular article is sparse in content and could certainly have used a bit more research, if only to provide a more juicy and in-depth commentary, it is to be expected that a news source would focus on *notable* events or information regarding the companies they cover.

As such, articles such as "Sony sells yet another high-definition Widescreen TV to some guy with too much money", though possibly complimentary to the company, are not *news*. Should you have an 'inside source' on pertinent data of the type you believe BetaNews should be covering, you can always send an e-mail to their staff asking them to look into it.

Score: 1

By SGD

posted Aug 28, 2007 - 2:42 PM

Same crap same company what a surprise. Avoid their products like the plaque.

Score: 0

By lvthunder

posted Aug 28, 2007 - 2:34 PM

So they find the rootkit after Sony stops making them, but like everything else they can still be in the supply chain. Who wants a USB key that you have to install a driver anyways?

Score: 0

By Setian^Stalker

posted Aug 29, 2007 - 6:40 AM

Who wants a usb key that you have to install a driver?? The article states 'fingerprint authentication' so... at a guess those who want fingerprint authentication?

Score: 0

By PC_Tool

posted Aug 28, 2007 - 4:48 PM

Ever used a Kingston U2 USB flash drive? Damnthing installs an app on *every* f-ing computer you plug it into. I would not be the *least* bit surprised to see Sony pulling the same crap here, just digging deeper and *trying* to hide it better.

Score: 0

By tankist

posted Aug 28, 2007 - 3:09 PM

maybe someone who sees the sony label, automatically thinks "quality added" and doesn't know anything about them drivers (unles those are pickup truck drivers)

Score: 0

By bourgeoisdude

edited Aug 28, 2007 - 2:31 PM

"Root-kit like cloaking..."

"Although the software doesn't appear to cause damage to a user's system, it does create a hidden directory that is inaccessible via the Windows API and some virus scanners."

It's just a stretch from the media. No, it's not betanews's fault, but F-Secure's.

Yes, it is newsworthy, but the news is misreported (by f-secure) is all. This is NOT a rootkit, but it does use questionable methods to hide files from windows nonetheless.

Score: 0

By Paul Skinner

posted Aug 28, 2007 - 4:14 PM

Excellent. You spotted the slightly Chinese-whispery effect this story seems to have had here.

I agree. It's newsworthy, just not like this.

(By the way, how do you do italic and bold in BetaNews comments [I keep meaning to ask that])

Score: 0

By yountmj

edited Aug 28, 2007 - 4:44 PM

Paul,

You use brackets [ ] before and after the word(s) you want them to affect... with an "i" for italics, or a "b" for bold (without quotes). Insert the appropriate letter in between the brackets. For the closing tag, inside the brackets, use a "/i" or "/b" (without quotes) to close it.

Basically, find an example on this page, note it, view the page source from within your browser... find the word you noted earlier and look at the tags before and after it... except substitute the less-than and greater-than symbols with brackets.

Score: 0

By Paul Skinner

posted Aug 28, 2007 - 5:01 PM

Thank you.

(I really should have known myself - I do build websites now and then).

Score: 0

By Sarg

posted Aug 28, 2007 - 4:53 PM

In other words...

[b]bold[/b]
[i]italic[/i]

Score: 0

By PC_Tool

posted Aug 28, 2007 - 5:14 PM

Ooh...that was tricky. ;)

Score: 0

By Paul Skinner

posted Aug 28, 2007 - 5:01 PM

Cheers.

Score: 0

By yountmj

edited Aug 28, 2007 - 5:02 PM

Yeah, what he said. LOL

I couldn't figure out how to just simply type it out without the forum thinking they shouldn't be there. Thanks.

EDIT: Ahh, never mind... that's clever. :)

Score: 0

By Sarg

edited Aug 29, 2007 - 6:11 AM

Where there's a will... ;)

Score: 0

By tazandpig

posted Aug 28, 2007 - 2:30 PM

Dear Gawd.

It never ends.

Score: 0

By skags442

edited Aug 28, 2007 - 2:21 PM

how many times will this company shoot its self in the foot?

i am glad i stopped buying sony products years ago. too bad they have their tenticals reaching into so many other companys products

Score: 0

By yountmj

posted Aug 28, 2007 - 2:16 PM

Good grief...

Score: 0

Sep 5 - 8:44 PM ET Mozilla's Aza Raskin: The journey back to Ubiquity

Sep 5 - 7:10 PM ET Red Hat buys virtualization specialist Qumranet

Sep 5 - 7:06 PM ET Analysts: Online news viewers rising as newspaper readership falls

Sep 5 - 6:55 PM ET Where does Sarah Palin stand on technology issues?

Sep 5 - 6:51 PM ET Adobe Flash to deliver NFL games in full

Sep 5 - 4:29 PM ET Exclusive beta invitation from GameTap and BetaNews

Sep 5 - 4:09 PM ET Report: OLPC buy one, give one deal returns

Sep 5 - 3:45 PM ET No ruling yet in TiVo vs. EchoStar patent case

Sep 5 - 3:37 PM ET Google Analytics starts tracking Chrome, with intriguing results

Sep 5 - 2:14 PM ET Comcast challenges FCC's authority in sanction appeal