Security Vendors Clueless Over Rootkit Invasion, By Ryan Naraine, eWeek, November 16, 2005 gives a brief and fairly non-tech description of what was required to find the Sony rootkit and identify Sony as the creator.

A disturbing finding is that the Sony rootkit had been found on numerous machines for several months prior to recent announcements, but AS people were unable to figure out where it was coming from. This shows how "deeply" it was hidden, and perhaps indicates that Sony has used it prior to the CD releases to which they have admitted.

"Dan Kaminsky, a security engineer for DoxPara Research, has already seen evidence of the Sony DRM rootkit installed in places it should not be.

"There are networks that Sony got into that nobody should get into. I can't say where. But there's evidence that it [the Sony rootkit] got into some places where it doesn't belong. Now you have a real question of the collateral damage it can cause," Kaminsky said in an interview just moments after releasing statistics to show that at least 568,200 nameservers were collecting DNS queries related to the calling-home feature on the Sony."

Either Sony is engaged in extensive SPYING to which they have not admitted, or others have already made extensive use to the "rootkit" that they foisted on people.

Sony says "We just bought it from a supplier. We didn't know what it did."

Why not, and where's this bridge located?

John