Mark Russinovich of SysInternals fame, maintains a weblog where he discusses technical topics and posts generally useful information he finds while investigating the various technical topics he follows. He’s not given to flights of fancy or fallacy, which is why I’m posting this. In this entry he details a search he undertook on one of his own machines when he ran his Rootkit Revealer. It seems there were some hidden processes and device drivers that he didn’t remember ever installing! Turns out that the Digital Rights Management software on one of the music CDs he’d played, using the software that came on the CD, installed all this stuff. It’s a fascinating posting, from a technical detective standpoint as well as a DRM information perspective. Well worth reading, even if you can’t follow the technical details.
The upshot: Be very careful but especially when it comes to DRM.
Update, November 3, 2005: The San Jose Mercury News reports today that Sony has released a patch to address the hidden software. Registration may be required to read the story but I’m sure it will show up elsewhere, too.