Sony faces renewed security woes

Electronics giant Sony has again been accused of selling products that leave PCs vulnerable to attack by hackers.

Security firm F-secure have discovered a flaw in software packaged with memory sticks made by the Japanese firm.

The vulnerability is similar to one found on CDs sold by Sony BMG in 2005 that led to the discs being recalled and lawsuits against the company.

The software uses virus-like techniques to hide itself on PCs which could leave it open to infection, researchers say.

“The apparent intent was to cloak sensitive files related to the fingerprint verification feature included on the USB drives,” said researchers at security firm Mcafee, who have also investigated the flaw.

“However, in this case the authors apparently did not keep the security implications in mind.”

The latest vulnerability affects Sony’s MicroVault USB sticks with fingerprint readers.

Software packaged with the memory sticks creates a hidden directory on a computer’s hard drive according to researchers at F-secure.

The software, known as a “rootkit“, could allow a hacker to infect a computer as any files stored on the hidden directory would not only invisible to the user, but also from some virus scanners and security software. [Source: news.bbc]

Cred ca stirea asta ma determinat sa’mi revizuiesc ideea despre sony. O grseala nu poate fi facuta de doua ori de o asemenea firma.

E clara decizia mea: orice dispozitiv electronic de la mine din casa nu va fi SONY !

BTW: Banuiesc ca balaria asta de soft ascuns nu are sanse pe linux