Wired has an interesting article on the Sony/BMG Rotkit fiasco.
Among the many points the article explores is the reluctance of other companies to step in on this issue:
What do you think of your antivirus company, the one that didn’t notice Sony’s rootkit as it infected half a million computers?