Spontaneous Monotony

There has been widespread condemnation of Sony’s use of a rootkit (of virus, spyware and hacker fame) to enforce its so-called ‘Digital Rights Management’ on its music discs, but until now there has been nothing victims could do about it short of a full system reformat. Now Microsoft says that Windows Antispyware (soon to be Windows Defender) will receive an update to enable it to remove this latest dirty trick, and that those who do not use the program can still remove the rootkit with the forthcoming December release of the Malicious Software Removal Team (included with every monthly Windows Update):

We are concerned about any malware and its impact on our customers’ machines. Rootkits have a clearly negative impact on not only the security, but also the reliability and performance of their systems [...] We have analyzed this software, and have determined that in order to help protect our customers we will add a detection and removal signature for the rootkit component of the XCP software

[Anti-Malware Engineering Team blog]

It’s good to see Microsoft finally taking a stand against those who think they have the right to install malware on Microsoft customers’ computers simply because a statute gives them a limited intellectual right in a sound recording.

Literally in the last minute or two (I was watching the streaming video live on the BBC website) Tony Blair’s plans for 90 days’ internment without charge have been voted down in the House of Commons – by three hundred and twenty something (322 I think) 322 to 291. I would like to thank every MP who voted against it, for favouring democracy and the rule of law over Blair’s police state.

Update:
The Tory 28-day amendment has passed 323 – 290

See Also

• BBC News: Blair defeated over terror laws

It’s looking more and more likely that the combined efforts of Opposition parties and the few Labour MPs who believe in the rule of law will manage to overturn Tony Blair’s attempt to bring the spectre of internment back into British life. What is truly frightening is the attempts to deliberately mislead the public and the Commons by making false comparisons to other legal systems – by comparing the 90 days proposal with six months to two years in other European countries. The only catch is that, in all the countries mentioned, that period of detention without trial is only justified when there is actually evidence that someone has committed a crime- ie after they have been charged, whereas Blair says that the police have made ‘a convincing case’ (remember this is the same police who hunt down and kill innocent commuters for looking a bit foreign) for being allowed to hold people for three months without any evidence at all. Lets hope that – as it has previously done over top up fees and other issues – the resistance from Labour’s backbenches doesn’t evapourate in a cloud of career-enhancing spinelessness. This is far too important.

Apparently research by F-Secure has shown that Sony BMG CDs comes with an actual, honest-to-goodness virus installed. Some CDs they bought from Amazon.com installed a rootkit when inserted into Windows PCs – a tool more normally associated with being hit by a virus or a particularly nasty piece of spyware – not a problem for the copyright cartel apparently:

When you insert such a CD to a Windows-based PC, the record will display a license agreement and then it will seem install a song player software – while it really installs a rootkit to the system. Once the rootkit is there, there’s no direct way to uninstall it. The system is implemented in a way that makes it possible for viruses (or any other malicious program) to use the rootkit to hide themselves too. This may lead to a situation where the virus remains undetected even if the user has got updated antivirus software installed.

[F-Secure blog]

You might not be familiar with what a rootkit is (hell, I wasn’t until the Security Now podcast devoted an episode or two to the subject)

A root kit is a set of tools used by an intruder after cracking a computer system. These tools can help the attacker maintain his or her access to the system and use it for malicious purposes. [...] A root kit is often used to hide utilities used to abuse a compromised system. These often include so called “backdoors” to help the attacker subsequently access the system more easily. For example, the root kit may hide an application that spawns a shell when the attacker connects to a particular network port on the system. Kernel rootkits may include similar functionality. A backdoor may also allow processes started by a non-privileged user to execute functions normally reserved for the superuser. All sort of other tools useful for abuse can be hidden using rootkits. This includes tools for further attacks against computer systems the compromised system communicates with such as sniffers and keyloggers. A common abuse is to use a compromised computer as a staging ground for further abuse. This is often done to make the abuse appear to originate from the compromised system or network instead of the attacker. Tools for this can include (D)DoS tools and tools to relay chat sessions, (spam)E-mail or attacks.

[Root kit – Wikipedia]

Says it all, really.

Update: No [other] virii as yet, but according to The Register it is already being used by World of Warcraft cheats to disguise their various bots (perhaps it’ll teach Blizzard that spyware is not the answer)