Mark’s Sysinternals Blog: Sony, Rootkits and Digital Rights Management Gone Too Far

Mark’s Sysinternals Blog: Sony, Rootkits and Digital Rights Management Gone Too Far

Mark describes in great detail his experience of finding a “rootkit” on his system that was apparently installed by Sony. A music cd that he had purchased would not allow it to play through the standard PC media players. The music only worked with the player on the cd which installed the rootkit. In trying to remove it the rootkit disabled his cdrom completely. Without his’s understanding of the Windows OS he would have had to reformat and reinstall Windows.

I had a similiar experience a few weeks ago while removing spyware from someone’s home PC. This one was also likely installed as some copy protection scheme. In the case of the PC I worked on, the spyware was using or possibly hijacked the rootkit.

In both cases the programmer(s) who developed these rootkits did not do a very good job. And like spyware type applications this poorly written software does more to put the victims’ computers at risk than its intended purpose.