"The on-line community is buzzing about a cloaking device favoured by hackers being put to use by a company everyone knows: Sony-BMG Corp.

The Japanese giant is being accused of surreptitiously planting "rootkits" on people's computers to enforce digital rights management policies on music CDs.

According to Mark Russinovich, a Windows expert at a U.S. company called Sysinternals, which does deep-level software analysis, some of Sony-BMG's music CDs install antipiracy software that uses methods typically used by hackers and virus writers to hide malicious programs and prevent users from uninstalling them.

These tools are called by the generic name of "rootkits,' which hackers commonly use to cover their tracks after breaking into someone' computer. Typically, they are designed to make sure common PC tools cannot see whatever has been planted on the victim's machine. Properly written rootkits can be extremely difficult to remove, and it is often easier to erase and reformat an entire drive than to attempt to remove one.

When Mr. Russinovich ran a new Sysinternal diagnostic program called RootKitRevealer, he discovered one on his own system, which he had believed to be a clean system. And when he tried to remove the rootkit, he also inadvertently erased the system files that run his CD-ROM drive.

The Sony program drivers load in Safe Mode, which makes fixing the system extremely difficult. It's possible that the simple act of removing the rootkit would sabotage the entire operating system.

Sony is not installing these rootkits secretly; its anti-piracy program installer pops up if you try to play one of their content-protected CDs. Users must agree to install it, or it won't allow the CD to be played; and once it is installed, users find there is no "uninstall" feature." [More]