|
| 98% of sysadmins said that Sony's copy-protection
code posed a security threat. |
A web poll of more than 1500 business PC users, conducted by
Sophos*, has revealed that 98% believe that Sony BMG's
controversial digital rights management software, which can
introduce a "cloaking" vulnerability onto PCs which play some of
its music CDs, is a security threat.
The news comes as Sony announces in the media that it is
suspending production of any further CDs which contain the
controversial technology. Only 2% of sysadmins polled on the Sophos
website felt that it was a fair way to fight music pirates.
Sony's technology caused concern after Trojan horses were
discovered that exploited its functionality in an attempt to
hide themselves from anti-virus products. Any file with $sys$ in
its name is automatically cloaked by Sony's copy-protection code,
making it invisible on computers which have used CDs carrying
Sony's software.
"In taking aim at the music pirates, Sony succeeded only in
shooting itself in the foot," said Graham Cluley, senior
technology consultant at Sophos. "System administrators have a very
low opinion of any code which endangers the safety of their
networks, and they have sent a loud and clear message to Sony and
other companies that this kind of code is unacceptable to
them."
Sophos has issued a tool which will detect the existence of
Sony's DRM copy-protection on Windows computers, disable its
"cloaking" function, and prevent that functionality from
re-installing. The tool also detects versions of the Troj/Stinx
Trojan horse which exploit the Sony vulnerability.
Sophos recommends that businesses ensure their computers are
kept automatically up-to-date with the very latest anti-virus software.
Survey results
Is Sony's DRM copy protection
|
| a security
threat? |
|
|
| a fair way to fight
music pirates? |
|
|
|
|
* Sophos online survey, 1,501 respondents, 11-14
November 2005
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.