What is Traitorware?
Commentary by Eva Galperin
This is traitorware: devices that act behind your back to betray your privacy.
Perhaps the most notable example of traitorware was the Sony rootkit. In 2005 Sony BMG produced CD's which clandestinely installed a rootkit onto PC's that provided administrative-level access to the users' computer. The copy-protected music CD’s would surreptitiously install itsDRM technology onto PC’s. Ostensibly, Sony was trying prevent consumers from making multiple copies of their CD’s, but the software also rendered the CD incompatible with many CD-ROM players in PC’s, CD players in cars, and DVD players. Additionally, the software left a back door open on all infected PC’s which would give Sony, or any hacker familiar with the rootkit, control over the PC. And if a consumer should have the temerity to find the rootkit and try to remove the offending drivers, the software would execute code designed to disable the CD drive and trash the PC.
Traitorware is sometimes included in products with less obviously malicious intent. Printer dots were added to certain color laser printers as a forensics tool for law enforcement, where it could help authenticate documents or identify forgeries. Apple’s scary-sounding patent for the iPhone is meant to help locate and disable the phone if it is lost of stolen. Don’t let these good intentions fool you—software that hides itself from you while it gives your personal data away to a third party is dangerous and dishonest. As the Sony BMG rootkit demonstrates, it may even leave your device wide open to attacks from third parties.
Traitorware is not some science-fiction vision of the future. It is the present. Indeed, the Sony rootkit dates back to 2005. Apple’s patent application indicates that we are likely to see more traitorware on the horizon. When that happens, EFF will be there to fight it. We believe that your software and devices should not be a tool for gathering your personal data without your explicit consent.
No comments:
Post a Comment