Log in

No account? Create an account
04 November 2005 @ 08:25 am
Sony enters the realm of malicious hackers and steps way over the line  

Sorry, bit behind on the news. Thanks, indiefic!

My father worked at Hallmark his entire life. To this day, when I receive a greeting card, I flip it over to see who made it. It's a family habit.

Everytime you buy a 2005+ music CD from now on, FLIP IT OVER. If it says Sony Music, Sony BMG Music, Sony Music Entertainment, Epic Records, Columbia Records, Loud Records, Inc., RCA, RED Distribution, Zomba Label Group (all subsidiaries/affiliated of Sony BMG) - your computer is at risk if you simply play the CD on your computer.

What I don't understand from this article is - the DRM isn't a new format. Is the root kit what's new to enforce the DRM, or is the DRM itself a problem? I know from QAing the DRM that it's a pain in the ass, and not supported by all MP3 players out there, but I don't think it's related to the root kit problem itself? Someone care to educate me?
Tags: ,
Current Music: "We're Not Gonna Take It" - Twisted Sister
King Ratgkr on November 4th, 2005 04:44 pm (UTC)
It's not an integrated DRM that goes to an MP3 player. It's DRM that tries to interfere with non-approved programs that read from the CD's data, essentially.

But the real uproar about it is the rootkit nature of it. It's hidden. And on top of that, very difficult to uninstall. To see what's necessary to uninstall it, take a look at the original post from sysinternals from the guy who discovered the rootkit. http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html

Sony is now offering an uninstaller, but you have to go to their web site to get it, and some researchers question the validity of that uninstall package.
Artemis Jones: Robotrimrunner on November 4th, 2005 04:47 pm (UTC)
One of the articles I read on this (might have been that sysinternals article, even) basically claimed that the reasoning was that by "hiding" itself, this DRM would make itself more difficult to subvert or work around.

I rarely use my computer to play CDs and can't remember the last time I bought a Sony record, but it's the principle of the thing.
Tracy Lauricellatmib on November 4th, 2005 04:51 pm (UTC)

I highly recommend the use of ProcessGuard:


indie: OCC Paul Sr.indiefic on November 4th, 2005 05:24 pm (UTC)
Sony has released a "fix" that will uninstall their little root kit, along with a note about how it's not malicious yada yada.

What they HAVEN'T said is that they'll stop putting this on their CDs.
Kburgunder on November 4th, 2005 06:04 pm (UTC)
FUCKERS! Growl. It's like a very dangerous technology tax on technophobes everywhere... Grandma Bettie shouldn't have to download anything from Sony's website in order to listen to music on her computer and be protected from exploiters.
Pegaxpegax on November 4th, 2005 06:15 pm (UTC)
There has been a lot of discussion about copy protection mechanisms in Finland as of late due the new copyright law that was set in Finland. All the technically knowledgeable people were against it as well as the foundations that are to watch customer rights, but the law was still set. Now it is illegal to go past or create tool that can remove the security methods that are creates to protect copyright. In a sense it is illegal to make mp3's from a copyprotected cd. (This is interesting since there is also a law that states about a fare use of such products). Anyway, there was a one researcher who created a virus based DRM system to protect his own bands cd. The virus itself was harmless but the point was to show that, with new law, the antivirus companies may provide illegal tools. The next version the researcher created was a rootkit type of DRM system. Funnily enough, just week after that the news about Sony BMg using such a system popped up. Thus it can be said that those who create rootkit removal tools are in fact providing illegal software according to new finnish law. Sounds ridicilous? Well it sure is that.

Virus drm and the DRM problems

F-secure blog has some sony drm stories
Kburgunder on November 5th, 2005 06:00 pm (UTC)
Oh man, it's bad when Finland starts instantiating these laws. We're screwed if they start cracking down on the guys in the former Yugoslavia and the various hack-friendly countries of Africa...

Thank you for the links!!!

What's Finland's int'l phone code?
Pegaxpegax on November 5th, 2005 08:40 pm (UTC)
The good thing about this is, that there was lot of citizen activity and talk about the law. There was even thousands of names gathered in an adress to president to not ratify the law. Active citizens are essential for democracy and I am sure Finland is going to have a totally redesigned copyright laws in few years that allows artist to get their money from their products but also lets customers actually use the prducts they pay for. I am pretty sure there is going to be a drop on music sales in Finland at least for few months.

On the other note, the international phone code of Finland is 358
floiterfloiter on November 5th, 2005 10:04 pm (UTC)
The other scarey thing about this piece of software is that once it has installed itself, it makes it trivially easy for other malicious software to take advantage of the situation. Apparently any file with $sys$ in its filename will be completely hidden by Sonys rootkit ...

So, all those technically illiterate people who play Sony copy-protected CDs on their PC suddenly become significantly more vulnerable to other malicious software. Not funny. Not funny at all.

I guess the key thing is to understand how the Sony rootkit actually gets installed ... I have autorun disabled on all my drives; so without me taking some specific action, how does the software actually get executed, and so install itself?
Vulturevulture23 on November 6th, 2005 07:04 am (UTC)
As I understand it, Sony CDs will not play on a computer except through the special player that is inluded on the CD. That player installs the rootkit as it runs. So you *do* have to take a specific action... but that action is hitting "play".

Darkmanedarkmane on November 10th, 2005 09:08 am (UTC)
Actually putting in the CD with the shift key down will bypass the DRM... assuming you haven't installed the DRM already.

It's mostly the bad state it leaves your system in if you uninstall it without thier tool. Which is also poorly written, not to mention gets your email address in thier DB and is specifically tied to a computer. Yes, you have to request the de-install software from each computer, you can't just download it and run it again and again.