UPDATE on the Antenna construction: Construction is complete on the antenna assembly and the leads on the antenna itself; I’m currently waiting for a part to arrive in the mail to complete the cable required to attach the antenna to my phone!
Remember Sony and that old BMG Root kit problem? Ah yes, those we’re the days…except those days are here again. Reports coming from Network World and F-Secure make the startling accusation that a specific brand of Sony thumbdrives, the Sony MicroVault USM-F thumb drive, installs a driver that rests in an ultra-hidden, normally-inaccessible folder in your “Windows” directory. Drivers aren’t usually a big deal, but it is when their characteristics directly compromise-or have the ability to compromise-the integrity of your computer. This thumb drive model (F) is already special because it uses biometrics to perform a number of tasks including screensaver lock, automatic login using retained Logins and Passwords, file and folder encryption and the saving of Bookmarks for easy access, but this issue might introduce new problems to your computer. You’d think “security” would be the top priority to the designers of this model, but apparently not! The directory can be used to hide spyware and other malware, and additionally, the properties of this hidden folder allow it to go unnoticed by certain Anti-virus programs! The prior combination of factors makes the presence of the USM-F drivers on your PC dangerous.
Now, I’m going to take the other side of the issue. I know that, because it’s in the extended portion of the article, it won’t be seen as much, but from statements by Mikko Hypponen say that the folder is being hid to protect the vital security drivers required for the biometric scanner from being tampered with. Hypponen, the chief research officer at F-Secure, says, “It is obvious that user fingerprints cannot be in a world writable file on the disk when we are talking about secure authentication. However, we feel that rootkit-like cloaking techniques are not the right way to go here.” The cloaking is especially dangerous because the folder with the special cloaking properties can be written and read from by other programs, making it a ‘safehouse’ of sorts for any program that is based there, including viruses or trojans designed to take advantage of the masking.
Overall, though, this fiasco doesn’t look anywhere near as bad as the XCP DRM rootkit controversy. In many respects, it’s less severe: registry entries aren’t edited or masked, the XCP was poorly written, this case of cloaking was designed to actually protect the consumer, etc. In fact, it looks more like a case of a company who hasn’t learned from it’s mistakes, however boneheaded and potentially damnable they may be. I’ve tried to shop around at local electronics stores and it’s difficult for me to find any copies of the USM-F series flash drive. NewEgg returned no hits on the device, as well, so this F-style brand of USB drive seems to be much more contained than the extended territory the XCP rootkit covered.
The key to defeating this? As this issue comes more to light, Virus scanners will update the methods needed to remove the cloaking. McAfee’s VirusScan has already been equipped to defeat the masking program, but take the utmost caution if you attempt to manually remove the mask. As you can see in the following video, it’s VERY dangerous if you aren’t careful…
——
Also, here’s a link to McAfee’s Avert Labs Blog, which explains the process the rootkit goes through to mask itself.
Pictures courtesy of: Sony;
