November 15, 2005
Sony's Web-Based DRM Uninstaller Unsafe
Sony can’t get it right — following its rootkit fiasco, the entertainment and technology giant released an “uninstaller” that actually causes more harm, according to computer scientist Ed Felten.
Alex Halderman and I have confirmed that Sony’s Web-based XCP uninstallation utility exposes users to serious security risk. Under at least some circumstances, running Sony’s Web-based uninstaller opens a huge security hole on your computer. We have a working demonstration exploit.
Felten and colleague Halderman are asking for technically sophisticated volunteers to help them in their investigations of this latest PR nightmare for Sony.
Posted by Cynthia Brumfield at November 15, 2005 07:40 AM