Sadly, Mac OS is not immune, although it did prompt for a password.
I recently purchased Imogen Heap's new CD (Speak for Yourself), an RCA
Victor release, but with distribution credited to Sony/BMG. Reading
recent reports of a Sony rootkit, I decided to poke around. In addition
to the standard volume for AIFF files, there's a smaller extra partition
for "enhanced" content. I was surprised to find a "Start.app" Mac
application in addition to the expected Windows-related files. Running
this app brings up a long legal agreement, clicking Continue prompts you
for your username/password (uh-oh!), and then promptly exits. Digging
around a bit, I find that Start.app actually installs 2 files:
PhoenixNub1.kext and PhoenixNub12.kext.
Personally, I'm not a big fan of anyone installing kernel extensions
on my Mac. In Sony's defense, upon closer reading of the EULA, they
essentially tell you that they will be installing software. Also, this
is apparently not the same technology used in the recent Windows
rootkits (made by XCP <http://www.xcp-aurora.com/>), but rather a DRM
codebase developed by SunnComm, who promotes their Mac-aware DRM
technology <http://www.sunncomm.com/Brochure/> on their site.
from http://www.macintouch.com/#tip.2005.11.10.sony via Digg.com
BTW: I apologize, I misspelled lot's (should be lots) in a previous message.
PM
Tom Rockwell wrote:
> Sony's software is only installed on Windows computers. The security
> model of Linux and Mac OS X should prevent this type of software from
> automatically being installed. It seems safe to qualify "your
> computer" to "your Windows computer".
>
> As for work Windows computers, is there a way to lock out users from
> installing (either willfully or inadvertently) new or modified
> drivers? Is there no way for an administrator to prevent this such
> auto-installs (something more robust than disabling autorun for CDs)?
>
> -Tom
>
|