If possible, this Sony rootkit case is generating even more interest abroad than it is here. I got a passel of Swedish readers from yesterday’s link on the Swedish IDG site, and last night/this morning Damian from the UK and Giorgio from Italy pointed separately to information about a criminal investigation against Sony in Italy.
The suit was brought by ALCEI-EFI, which appears to be affiliated spiritually if not legally with the EFF. ALCEI-EFI’s complaint (Babelfish) has been posted on their site, as has a position statement (Babelfish). My Italian is shaky and the Babelfish is shakier, but it appears the crux of the complaint is that Sony BMG committed fraud by distributing a program whose purpose was to disable computer systems and by attempting to hide the program from the user of the system.
Computer Associates anti-virus unit eTrust agrees with the ALCEI-EFI that Sony’s rootkit looks like spyware. They have committed to implementing an XCP remover in their anti-virus program, and they note that even the remover patch that Sony posted last week counts as malware because “it fails to notify you about what it’s doing, and it can cause the system to crash.”
CA also posts helpful information about disabling Autorun, which prevents the XCP client from being installed unless it is run manually from the CD. (This is an interesting point and one for a future post.)
What is perhaps most astonishing at this point is that Sony still has yet to admit wrongdoing. Of course, as long as they keep the problem from affecting their stock price, they probably never will.