Blogs » Digital Babble » Why you need to know about Sony rootkits


If you buy CDs and listen to them on your computer, this concerns you.

First what is a rootkit and why is Sony using them?

A rootkit is software that is installed without knowledge of the computer user. The purpose of a rootkit is to install files, directories or registry keys. Hackers often use rootkits to gain privileged access to a computer or an entire network of computers. Then they can alter files, capture passwords and attack other machines on the network. Rootkits are also difficult to detect. Your common anti-virus or spyware software generally cannot detect it.

So where does Sony come into play?

Computer security expert Mark Russinovich discovered recently that a rootkit had been installed on his computer. The culprit: a CD he had recently purchased and played on his computer.

Russinovich had purchased a copy-protected CD produced by Sony-BMG on After he put the disc in his computer he clicked through an installation agreement. It was later that he found out the rootkit was installed on his computer as part of the digital rights management (DRM) component on the Sony audio CD.

The problem with this is that hackers could exploit existing rootkits, such as the one installed by the Sony CD.


"This creates opportunities for virus writers," said Mikko Hypponen, director of AV research for Finnish firm F-Secure Corp. "These rootkits can be exploited by any malware, and when it's used this way, it's harder for firms like ours to distinguish the malicious from the legitimate."

So what is a music lover to do?

A number of vendors, including Microsoft, F-Secure, and Sysinternals, offer applications that can detect the presence of rootkits. If a rootkit is detected, however, the only sure way to get rid of it is to completely erase the computer's hard drive and reinstall the operating system.

Sony has also released a patch to try and fix the problem.

Playing a music CD, even one by Yanni, should not result in having to wipe your hard drive clean.

This issue is starting to heat up and a lawsuit is already in progress by people who claim their computers have been damaged by the software. For more info on the lawsuit, click here.

As if the rootkit weren't the only reason to have concerns about Sony-BMG, read what the Electronic Frontier Foundation(EFF) has to say about the EULA rights that come with the Sony-BMG CDs. Here are a few of my favorites listed on this page :

You can't keep your music on any computers at work. The EULA only gives you the right to put copies on a "personal home computer system owned by you."

If you move out of the country, you have to delete all your music. The EULA specifically forbids "export" outside the country where you reside.

If you file for bankruptcy, you have to delete all the music on your computer. Seriously.

The EFF website has a list of CDs that contain the rootkit. Click here to see the list and for more information on how to determine if a CD has that software included.