Some time ago Sony's music divison found themselves in a nasty situation after implementing rootkit technologies in the copy protection schemes of audio CDs. Now Finnish security specialists of F-Secure are saying that Sony is doing the same on a series of MicroVault USB flash drives. According to the source, the technology used is again a serious security risk for the end user.

According to F-Secure Corp., the fingerprint-reader software included with the Sony MicroVault USM-F line of flash drives installs a driver that hides in a hidden directory under "c:\windows". That directory, and the files within it, are not visible through Windows' usual APIs (application programming interface), said F-Secure researcher Mika Tolvanen in a posting to the company's blog Monday.

"This isn't the same code, recycled," said Mikko Hypponen, F-Secure's chief research officer, in a telephone interview Monday. "Sony doesn't do any of its own development in this area; it looks like a Chinese company did it. But the similarities lie in the fact that, like the Sony BMG rootkit, this software uses a hidden folder and hides files in it."

Source: PC World