Sony Rootkit Fiasco Prompts Federal Warning

At the RSA Conference 2006 in San Jose, Department of Homeland Security official Jonathan Frenkel warned that if software distributors continue to distribute rootkit-like software designed to circumvent or defeat computer security measures, legislation or regulation may be necessary to rein in their practices.

Frankel was discussing the 2005 incident where XCP copy protection software embedded on selected Sony BMG music titles was found to compromise the security of Windows computers, and was later exploited by Windows malware. The software also installed itself without disclosing its presence and was difficult for users to remove without severely compromising Windows. The incident proved to be a public relations fiasco for Sony, whose repeated attempts to obscure, downplay, and minimize the issues only put more egg on their faces. Sony has since withdrawn the products and is working to settle private, state, and class action lawsuits.

“We need to think about how that situation could have been avoided in the first place,” said Frenkel. “Legislation or regulation may not be appropriate in all cases, but it may be warranted in some circumstances.” DHS officials reportedly met with Sony after news of XCP copy protection woes broke to express strong concerns over the product, but have not taken any formal action.

One open question is what the U.S. government or the Department of Homeland Security could do to prevent similar incidents in the future. Although Sony BMG was clearly cognizant of the technology in the XCP copy protection software, there is no reason to suspect the company distributed the digital right management system with the deliberate intent of compromising the security of customers’ computers (as much as Sony did desire to limit users’ ability to use their computers in ways it felt impinged on Sony’s rights). Any number of software products may contain bugs and loopholes which compromise user security, often in interoperation with other products. It’s unknown to what degree regulation or legislation could prevent those holes from being discovered and exploited; further, industry watchers note any civil, criminal, or regulatory penalties may simply serve to stifle product development and innovation as firms weigh the costs of new liabilities against their product development plans.

Despite the Sony fiasco, rootkit-like copy protection schemes don’t seem to be going away. Security developer F-Secure reported that it had found similar copy protection technology developed by Settec on a German DVD release of the film Mr. and Mrs. Smith.

Smart Home

Consumer groups call out retailers in a bid for better IoT security

Consumer groups posted a "Dear retailer" letter on February 12 that called out Walmart, Best Buy, Amazon, and Target, shaming the companies for selling insecure smart home devices.
Computing

These 30 useful apps are absolutely essential for Mac lovers

There are literally hundreds of thousands of great software programs compatible with MacOS, but which should you download? Look no further than our list of the best Mac apps you can find.
Mobile

Google insists it’s doing what it can to purge Play Store of malicious apps

Google's efforts to provide a secure and safe Play Store for Android users resulted in the company rejecting 55 percent more app submissions in 2018 compared to a year earlier. But the challenge is ongoing.
Computing

Lose the key for your favorite software? These handy tools can find it for you

Missing product keys getting you down? We've chosen some of the best software license and product key finders in existence, so you can locate and document your precious keys on your Windows or MacOS machine.
Computing

Microsoft’s Presidents Day Sale cuts price of some Surface laptops by up to $200

It is a great time to save on Windows 10 laptops. Microsoft's retail store is running a sale on some of the best tablets and laptops, cutting pricing by up to $200 on the Surface Laptop 2 and more.
Gaming

Here’s how to set up a virtual private network (VPN) on your Xbox One

Online privacy is more important now than it's ever been, and gaming is happening online more than ever before. Here's a quick guide on how to set up a VPN for your Xbox One so you game in safe anonymity.
Computing

New Chrome feature aimed at preventing websites from blocking Incognito Mode

A new Chrome feature will prevent websites from blocking Chrome users as they browse using Incognito Mode. The feature is supposed to fix a known loophole that allows websites to detect and block those using Incognito Mode.
Photography

What’s the difference between Lightroom CC and Lightroom Classic?

Lightroom CC has evolved into a capable photo editor, but is it enough to supplant Lightroom Classic? We took each program for a test drive to compare the two versions and see which is faster, more powerful, and better organized.
Computing

Reluctant to give your email address away? Here's how to make a disposable one

Want to sign up for a service without the risk of flooding your inbox with copious amounts of spam and unwanted email? You might want to consider using disposable email addresses via one of these handy services.
Computing

Chrome is a fantastic browser, but is is still the best among new competitors?

Choosing a web browser for surfing the web can be tough with all the great options available. Here we pit the latest versions of Chrome, Opera, Firefox, Edge, and Vivaldi against one another to find the best browsers for most users.
Computing

Don't use streaming apps? Try the best free media players for your local music

Rather than using music-streaming apps, you may want something for playing your local music. Good news! There are some good alternatives. These are the best media players you can download for free on Windows.
Mobile

Need speed? Qualcomm unveils the Snapdragon X55, the world’s fastest 5G modem

Qualcomm is preparing for an even faster future: The silicon giant just unveiled a second generation 5G modem for smartphones, promising blistering download speeds as high as 7Gbps.
Mobile

Barbie’s Corvette ain’t got nothing on Sphero’s fully programmable robot car

Sphero is known for devices like the Sphero Bolt and BB-8 Star Wars toy, but now the company is back with another addition to its lineup -- the Sphero RVR. The RVR is a fully programmable robot car that can be expanding with different…
Photography

Luminar’s libraries gain speed, drop need for you to manually import images

Luminar 3 just got a performance boost. Skylum Luminar 3.0.2 has improved speed over December's update, which added the long-promised libraries feature giving editors a Lightroom alternative.