sigher: Well some anti-DRM stuff NEEDS to hide itself, like the anti copy protection should not know you run a game from an emulated CD, and therefore daemon tools for instance has to try to hide itself a bit, it's sad but necessary to play games without swapping DVD's like some idiot.
Of course they do it more elegantly than sony does, sony likes to share and let anyone piggyback through security.

Unfortunately I find that as problematic as modern anti-cheat software.

It is a cure either worse or equally as bad as the ill.

That's a lose lose situation.

The sad thing is there are alot more companies than just Sony who do shady things in Windows with their software.

I personally think any program that uses undocumented calls to subvert, control the behavior of the user, and actively scan a computer is a rootkit, even if the program does that out in the open. That said programs often force you to use Admin priviledges is a solid tip off they are up to no good.

That pretty much labels every major copy protection scheme short of Safedisc and every major video game anti-cheat protection.

Sad thing is, this community is selective in its' outrage. DRM bad, but rootkits to stop cheating, good.

So we just need a rootkit that enforces DRM while stopping cheating and we should see the whole community suffer a divide by zero error.

Cheetopet: But the hole in the OS is much more likely to be removed to avoid further exploitation

I don't think some of you grasp the fundamentals of all this.

*NIX developers aren't gonna start just ripping and removing reserved calls.

But people massively keep buying sony products, seems sony is not the only one who has some trouble picking up a hint then.

I hate Sony as much as the next guy, but this report kind of bothered me:

It is our belief that the MicroVault software hides this folder to somehow protect the fingerprint authentication from tampering and bypass. It is obvious that user fingerprints cannot be in a world writable file on the disk when we are talking about secure authentication. However, we feel that rootkit-like cloaking techniques are not the right way to go here.

#1: I'm not sure how "hidden directory" == rootkit.
#2. So F-Secure says it's "not the right way to go", but then fails to provide any alternative solution for protecting the authentication software from tampering on the host machine. WTF? If Sony had instead left the software out in the open, you can bet F-Secure would be screaming about how insecure their implementation was.

Give a better solution or stop complaining.

albundy: If Mac OSX supported all my games and ran on my hardware, I'd switch in a heartbeat.

OSX/*NIX is no less vulnerable to these styles of poor developer choices.

No, this is not in itself a rootkit. However...

Sony installs a driver which hides a directory and therefore anything in that directory from Windows and any tools that use the Windows API to see files and directories. Therefore anything placed in that directory is invisible to the user, to Windows, and to most tools like antivirus and anti-spyware.

Knowing this, a malware writer can attempt to place his payload in that directory and then execute it from there, making it difficult to discover and even harder to eradicate. It isn't a rootkit itself, but it enables malware writers to make their wares worse.

This is exactly what Sony was doing with the driver that got installed from their audio CDs (in that case you merely had to give a file a name starting with a few key characters to have it "disappear") and exactly what caused them to pay out damages and recall their CDs. So while you may not think this is a big deal, the courts have disagreed.

It amazes me that Sony has tried to do this again.

It's Microsoft's fault.

If they built a more secure OS, Sony and others wouldn't have to worry about protecting data. Windows isn't secure now and it probably never will be. Also, it's Microsoft's terrible OS that allows rootkits to be created so easily.

I wouldn't exactly call a single hidden folder a 'rootkit' ^^;;;

It's not consumer friendly, but come on now. really. Now when they start installing hidden services, you start talking rootkit.

Sony is like a lab rat fed with crack to see its effect. You can see it hit the same wall over and over until it knocks itself out, yet still having no clue of what they are doing when they wake up. Amusing at first, but kinda sad at the same time.

And some people actually ask me why I hate Sony more than any other tech company.

*Giggles*

Do they ever learn?