×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Evidence for another Sony Rootkit

vux984 (928602) writes | about a year and a half ago

Privacy 0

vux984 (928602) writes "There's some preliminary evidence that SOE is heading face first into what may be another rootkit scandal. A poster named Bug started this thread here: (I expect it to disappear if the story gains traction.)

http://forums.station.sony.com/eq2/posts/list.m?&topic_id=520848
and posted his findings to a torrent:
http://thepiratebay.se/torrent/7522392/NEW_2012_Sony_Rootkit_Exploit

My read is frankly that "Bug" is overreacting to a lot of the details, and assigning a lot of malicious intent where I'm highly skeptical any exists.

Nonetheless: They do in fact install a browser add-on without any sort of proper disclosure in all major browsers. They do in fact silently add zones to your Internet 'trusted zones' lists. And they are in fact uploading scads of crash data (multiple GB) without user permission or review and its evident that the crash data can contain information the user would not wish to transmit to Sony.

Additionally, the combined effect of the add-on and white listed zones potentially exposes users to remote execution attacks; similiar to the way Sony's XCP could be exploited by 3rd parties. Again there is some circumstantial evidence at least that it is already being exploited in the wild.

There was an uproar here when Microsoft quietly added its .NET Framework Assistant add-on to Firefox , this seems to go way beyond that, and its the first time I think I've seen zones silently added to the trusted zone. I think Sony's crossed a line... again.

In any case, anyone here who plays any SOE titles should at least be aware what Sony is doing and decide for themselves what they think of it."

Link to Original Source

0 comment

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...