 |
 |
Sadly, Mac OS is not immune, although it did prompt for a password. I recently purchased Imogen Heap's new CD (Speak for Yourself), an RCA Victor release, but with distribution credited to Sony/BMG. Reading recent reports of a Sony rootkit, I decided to poke around. In addition to the standard volume for AIFF files, there's a smaller extra partition for "enhanced" content. I was surprised to find a "Start.app" Mac application in addition to the expected Windows-related files. Running this app brings up a long legal agreement, clicking Continue prompts you for your username/password (uh-oh!), and then promptly exits. Digging around a bit, I find that Start.app actually installs 2 files: PhoenixNub1.kext and PhoenixNub12.kext. Personally, I'm not a big fan of anyone installing kernel extensions on my Mac. In Sony's defense, upon closer reading of the EULA, they essentially tell you that they will be installing software. Also, this is apparently not the same technology used in the recent Windows rootkits (made by XCP <http://www.xcp-aurora.com/>), but rather a DRM codebase developed by SunnComm, who promotes their Mac-aware DRM technology <http://www.sunncomm.com/Brochure/> on their site. from http://www.macintouch.com/#tip.2005.11.10.sony via Digg.com BTW: I apologize, I misspelled lot's (should be lots) in a previous message. PM Tom Rockwell wrote: > Sony's software is only installed on Windows computers. The security > model of Linux and Mac OS X should prevent this type of software from > automatically being installed. It seems safe to qualify "your > computer" to "your Windows computer". > > As for work Windows computers, is there a way to lock out users from > installing (either willfully or inadvertently) new or modified > drivers? Is there no way for an administrator to prevent this such > auto-installs (something more robust than disabling autorun for CDs)? > > -Tom >