Security Vendors Clueless Over Rootkit Invasion? Policy makers are worse!

This eWeek security article by Ryan Naraine includes:

Dan Kaminsky, a security engineer for DoxPara Research, has already seen evidence of the Sony DRM rootkit installed in places it should not be.
Even more worrying, Kaminsky argued, is the fact that a legitimate company like Sony would attempt to legitimize the use of rootkits.

"It's no longer about detection and removal when the big companies with the big lawyers get involved. The difference between a good anti-spyware application and a bad one is whether your vendor will stand up to the lawyers. I don't know if we realistically can stand up to Sony's lawyers," Kaminsky said.

I believe that we need laws to simplify this situation. Owners of computers and other communications technologies have the right to be in control of them. Any attempt to gain access or control over a computer that is not authorized by the owner should be unlawful. It should not matter that copyright holders "want" this type of remote control to protect their business models any more than we would excuse any other harmful behaviour just because someone "wants" to do it for their own economic interests.

We need to create an exclusive right to be in control of ones own technology, with this law trumping any lesser intangible exclusive rights such as copyrights and patents. A US Department of Homeland Security official said to the industry, "It's very important to remember that it's your intellectual property -- it's not your computer."

Not only should we not offer legal protection for "technical measures" used by copyright holders which revoke the exclusive right to control ones own technology, but that it should be made extremely clear that such activities are unlawful.