Avoiding Sony’s DRM Rootkit

It may not have escaped your attention that Sony has been featured in
the news a lot recently, concerning proven allegations about Sony BMG
installing DRM root kits on Windows computers, belonging to consumers:

http://news.bbc.co.uk/2/hi/technology/4400148.stm

Essentially, root kits are malicious pieces of software that are
installed in the lower-levels of the Windows operating system, which
can hide from anti-spy ware and anti-virus checkers.  Sony
claim that they employed the use of root kits to install digital rights management
software on Windows PCs to limit the damage to the corporation as a
result of piracy.  Consumers believe that Sony has gone too far in
their efforts.  The root kit was originally discovered by Mark
Russinovich
after running “root kit revealer” – an application,
engineered by Sysinternals, to find root kits on a Windows platform –
on his computer.

So, how do you avoid Sony’s root kit, and any other root kit that might be lurking in software?

Operate your PC under LUA.  Root kit installers need access to low-level OS functions, drivers, and possibly the kernel to operate – non of these areas are available when running as LUA

LUA will not protect you from root kits hidden in software that you
actively install as an administrator, but will prevent passive
installers from burying root kits in your Windows operating system
without your knowledge.  So, you will still need to be diligent
when installing software (know where the software came from, is it
reputable?, is there any known press about the use of root kits
associated with the software vendor?), but will not have to worry so
much about hidden software being installed when you plop an audio CD or DVD in your
computer.