This week in security
In 1984, Rockwell sang of paranoia in "Somebody's Watching Me." In 2005, music itself keeps an eye on its listeners.
Software from Sony BMG, installed when someone plays one of the record label's recent copy-protected CDs in a computer, hides itself on hard drives using a powerful programming tool called a rootkit. But the tool leaves the door open behind it, allowing other software, including viruses, to be deeply hidden behind the rootkit cloak.
The first malicious software already has been written --a Trojan horse that aims to give an attacker complete remote control over an infected computer by piggybacking on the Sony CD rootkit. As it turns out, this interloper didn't work well. But over the course of a day, others emerged that apparently fixed early flaws.
Sony's use of the rootkit software has sparked a firestorm of criticism online and off, highlighting concerns that remain over record labels' increasingly ambitious attempts to control the ways consumers can use purchased music.
Meanwhile, a Los Angeles court temporarily shut down an operation that the Federal Trade Commission accused of bundling spyware with downloads that allegedly hit 600 blog sites. The district court issued a temporary restraining order against Enternet Media and three of its officers. Federal regulators charged Enternet with distributed spyware through a wide net of affiliates, largely comprised of Webmasters who would receive payments from Enternet.
On their sites, the Webmasters placed Enternet-supplied text offering free downloads of music, ring tones or photographs, the agency alleged. When a visitor clicked on an installation icon to download the audio or images, the user would also unknowingly receive Enternet's spyware, the FTC charged.
In an unusual twist in the spyware debate, a maker of surveillance software is using a product download agreement to attempt to bar detection by anti-spyware tools, raising questions about the legal scope of such agreements. RetroCoder wants Sunbelt, maker of CounterSpy, to stop flagging its SpyMon software as spyware. RetroCoder charges that Sunbelt has violated the terms of the copyright agreement contained in its software, which specifically excludes anti-spyware research.
The matter poses yet another challenge for anti-spyware companies, which often face complaints from makers of software that is detected as a threat by anti-spyware tools. This particular challenge, however, shouldn't be hard to overcome, legal experts said.