[ insider_reports_insider ]
Sony Has Another Rootkit Issue
David Utter
Staff Writer
2007-08-28
 Insider Reports RSS Feed
It's not Velvet Revolver CDs at risk this time, but USB sticks distributed under Sony's name that show up with hidden software.
 | | Sony Has Another Rootkit Issue |  |
Although the security community probably owes Sony a thank you for helping millions more people understand what a rootkit is, they will be surprised that once again a Sony consumer product has been dropping hidden files onto systems.
Security firm F-Secure discovered that the software accompanying the Sony MicroVault USB storage device exhibited "rootkit-like behavior." F-Secure's investigation found not one, but two, instances of such software being dropped onto machines:
The Sony MicroVault USM-F fingerprint reader software that comes with the USB stick installs a driver that is hiding a directory under "c:windows". So, when enumerating files and subdirectories in the Windows directory, the directory and files inside it are not visible through Windows API. If you know the name of the directory, it is e.g. possible to enter the hidden directory using Command Prompt and it is possible to create new hidden files. There are also ways to run files from this directory.
This time around, their could be a legitimate reason for the software to engage in this hiding practice. "It is our belief that the MicroVault software hides this folder to somehow protect the fingerprint authentication from tampering and bypass," F-Secure noted.
"It is obvious that user fingerprints cannot be in a world writable file on the disk when we are talking about secure authentication. However, we feel that rootkit-like cloaking techniques are not the right way to go here."
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
