evance

Leading anti-viral software manufacturers are taking Sony to task for using an invisible directory on its MicroVault USB memory stick to bury user data. The MicroVault has a built-in fingerprint reader for user authentication. Researchers from F-Secure and later McAfee, confirmed that the MicroVault contains an invisible directory, presumably to store the user's fingerprint information.

The security firms expressed concerns that malefactors could use the invisible directory to house a root-kit, which could compromise any computer that is used with the memory stick. Both F-Secure and McAfee publicly criticized Sony's approach to safeguarding the user's authentication data because it opens broader security implications for Micro vault users.

Sony, which had no initial comment on the issue, is now talking directly to F-Secure regarding the directory.