New Rootkit Hazard Taints European DVDs

At least two German-language DVDs have a DRM-related security flaw reminiscent of the XCP CD rootkits that have recently shaken U.S. consumers. According to Heise Security, Mr. and Mrs. Smith and Edison contain Alpha-DVD, developed by Settec, a Korean company spun off from LG. The rootkit program announces itself in a user agreement. When installed, it redirects DVD-burning functions to itself to prevent illegal copying. However, it also "manages to affect the operation of CD/DVD burning applications with some DVD writers, regardless of whether the copy-protected disc was present or not," says Heise. Settec now offers both an update and an uninstaller. Alpha-DVD is not quite as insidious as the infamous XCP rootkit—it hides from the Task Manager but not from the OS. Even so, it still poses a hazard to consumers. "Our message to software companies producing any software (not just copy protection products) is clear," says Finnish security firm F-Secure, whose rootkit sniffer is pic of the day. "You should always avoid hiding anything from the user, especially the administrator. It rarely serves the needs of the user, and in many cases it's very easy to create a security vulnerability this way."

X