This week in security

In 1984, Rockwell sang of paranoia in "Somebody's Watching Me." In 2005, music itself keeps an eye on its listeners.

Steven Musil Night Editor / News

Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.

Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.

See full bio

Steven Musil

Nov. 11, 2005 3:25 p.m. PT

2 min read

Back in the 1980s, one-hit wonder Rockwell sang about paranoia in "Somebody's Watching Me." Now, ironically, music itself is helping to keep track of listeners.

Software from Sony BMG, installed when someone plays one of the record label's recent copy-protected CDs in a computer, hides itself on hard drives using a powerful programming tool called a rootkit. But the tool leaves the door open behind it, allowing other software, including viruses, to be deeply hidden behind the rootkit cloak.

The first malicious software already has been written --a Trojan horse that aims to give an attacker complete remote control over an infected computer by piggybacking on the Sony CD rootkit. As it turns out, this interloper didn't work well. But over the course of a day, others emerged that apparently fixed early flaws.

Sony's use of the rootkit software has sparked a firestorm of criticism online and off, highlighting concerns that remain over record labels' increasingly ambitious attempts to control the ways consumers can use purchased music.

Meanwhile, a Los Angeles court temporarily shut down an operation that the Federal Trade Commission accused of bundling spyware with downloads that allegedly hit 600 blog sites. The district court issued a temporary restraining order against Enternet Media and three of its officers. Federal regulators charged Enternet with distributed spyware through a wide net of affiliates, largely comprised of Webmasters who would receive payments from Enternet.

On their sites, the Webmasters placed Enternet-supplied text offering free downloads of music, ring tones or photographs, the agency alleged. When a visitor clicked on an installation icon to download the audio or images, the user would also unknowingly receive Enternet's spyware, the FTC charged.

In an unusual twist in the spyware debate, a maker of surveillance software is using a product download agreement to attempt to bar detection by anti-spyware tools, raising questions about the legal scope of such agreements. RetroCoder wants Sunbelt, maker of CounterSpy, to stop flagging its SpyMon software as spyware. RetroCoder charges that Sunbelt has violated the terms of the copyright agreement contained in its software, which specifically excludes anti-spyware research.

The matter poses yet another challenge for anti-spyware companies, which often face complaints from makers of software that is detected as a threat by anti-spyware tools. This particular challenge, however, shouldn't be hard to overcome, legal experts said.