One man hidden in central Europe rivets the attention of security professionals worldwide. He calls himself holy_father. And he created Hacker Defender, the notorious rootkit used by adware, spyware, virus, digital rights management, and security professionals to bugger Microsoft Windows. Email Battles asked holy_father to weigh in on the Sony BMG copy-protection scandal. While we helped a bit with english and formatting, this is pure holy_father, so listen up:

Somehow it seems modern to use the term “rootkit technology” when you talk about software hiding itself. The problem is not that Sony BMG used rootkit technology to protect their property. But I do see some problems.

Evil 1: Changes OS Without Consent.
There is nothing mentioned in Sony BMG’s installation software about installing OS drivers that subvert the OS kernel. This is a big deal. Coding drivers is not easy stuff. If the driver is not coded very carefully, in some cases it may crash your OS very easily. So the question is whether that protection [Sony BMG’s DRM software] was thoroughly tested. On multiprocessor machines, there is a big chance of crash if the driver is not coded carefully. But a user doesn’t have to have a multiprocessor machine to have problems with this kind of driver.

Evil 2: Crashes Security Products.
Installation of a firewall, antivirus, IDS/IPS (Intruder Detection Service/Intruder Prevention Service), or other security program could cause the computer to crash if it is installed either before or after that driver from Sony BMG. All these risks should have been mentioned in the installation software. If not, it can cause a lot of headaches for a lot of people - even normal users. And of course, it can cause a lot of problems to Sony BMG then.

Evil 3: Can’t Be Uninstalled.
There is no easy way to uninstall that software once installed. It is very hard to believe that a serious company made something that is not fully uninstallable. If the only chance for common users is to reinstall their whole OS or to pay technical support to uninstall that stuff in combination with what I mentioned before (possible problems with later installations of security software), it could be a big problem for a lot of people again.

Evil 4: Triggers False Positives.
Sony BMG’s software is identified as malicious by security software. This is partially Sony BMG’s problem and partially a problem triggered by security software vendors. You can imagine a situation in some big company with a high level of security when the local admin finds malicious software on an employee’s workstation. That could cause this employee to be fired immediately.

Email Battles’ staff is willing to bet that Sony BMG lawyers will be scrubbing this mess long after Sony and BMG execs delete each other from their Christmas card lists.

Background: