Feeds

Sony to exorcise 'rootkit' from USB drives

Thumbs down

Internet Security Threat Report 2014

Sony is prepping an update to remove rootkit-like technology that shipped with a range of USB storage devices featuring fingerprint authentication.

The Sony MicroVault USM-F fingerprint reader software that comes bundled with the USB stick installs a hidden directory under Windows. Files in the directory might be hidden from some antivirus scanners, potentially creating a hiding place for malware that virus authors could seek to exploit.

The tactic, a misguided attempt to protect fingerprint authentication from tampering and bypass, was uncovered by net security firm F-Secure. Three Sony MicroVault USB stick models with fingerprint readers contain the software. They are no longer in production but are available still for purchase.

According to Sony, the blame lies with code supplied by a third-party developer from China. An update to resolve the problem is scheduled for release in mid-September.

The behaviour of the MicroVault software is similar to - but less easy to exploit than - that created by the notorious DRM technology that shipped on Sony CDs. The latter was a practical rootkit risk that was exploited by a number of Trojans.

In 2005 Sony BMG created a public-relations and legal nightmare when it emerged that digital rights management (DRM) software installed on some of its music CDs created a handy means for hackers to hide malware from anti-virus scanning programs. Under pressure, Sony recalled discs loaded with the technology and set up an exchange program for consumers. The music label still faces class action lawsuits by users who allege that their PCs have been damaged by the technology.

Throwaway comments made by Rick Rubin, a music producer and recently appointed co-head of Columbia Records, which is owned by Sony BMG, this week are likely to further inflame the controversy. He told the New York Times that the technology "recorded information about whoever bought the record", indicating that some kind of "spyware" also came with the cloaking technology introduced by Sony's DRM software. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.