It keeps getting worst for Sony. Hey, Avast isn't it time to make a public statement on this mess? This will probably be my last post on this subject unless you all want me to continue? Here is a summary from Mark Russinovich's website
http://www.sysinternals.com/blog/2005/11/sony-you-dont-reeeeaaaally-want-to_09.html:
The DRM software Sony has been shipping on many CDs since April is cloaked with rootkit technology:
* Sony denies that the rootkit poses a security or reliability threat despite the obvious risks of both
* Sony claims that users don’t care about rootkits because they don’t know what a rootkit is
* The installation provides no way to safely uninstall the software
* Without obtaining consent from the user Sony’s player informs Sony every time it plays a “protected” CD
Sony has told the press that they’ve made a decloaking patch and uninstaller available to customers, however this still leaves the following problems:
* There is no way for customers to find the patch from Sony BMG’s main web page
* The patch decloaks in an unsafe manner that can crash Windows, despite my warning to the First 4 Internet developers
* Access to the uninstaller is gated by two forms and an ActiveX control
* The uninstaller is locked to a single computer, preventing deployment in a corporation
Consumers and antivirus companies are responding:
* F-Secure independently identified the rootkit and provides information on its site
* Computer Associates has labeled the Sony software “spyware”
* A lawfirm has filed a class action lawsuit on behalf of California consumers against Sony
* ALCEI-EFI, an Italian digital-rights advocacy group, has formally asked the Italian government to investigate Sony for possible Italian law violations