US-CERT recommends the following ways to help prevent the installation of this type of rootkit:Gotta love it. CERT recommends you don't install anti-piracy software. An understandable paradox. The bigger problem is how do I know if my Audio CD has this type of stuff. Read the EULA, right. Anyone got a degree in obfuscation? That's just too much for most folks - we're now trained to click right past those.
- Do not run your system with administrative privileges. Without administrative privileges, the XCP DRM software will not install.
- Use caution when installing software. Do not install software from sources that you do not expect to contain software, such as an audio CD. [emphasis added]
- Read the EULA (End User License Agreement) if you do decide to install software. This document can contain information about what the software may do.
How about a simple up-front list of what gets installed and what it will be doing on my system?