Skip to comments.Sony, Rootkits and Digital Rights Management Gone Too Far
Posted on 10/31/2005 7:59:57 PM PST by zeugma
From slashdot.org article:
"SysInternals.com guru Mark Russinovich has a detailed investigation of a rootkit from Sony Music. It's installed with a DRM-encumbered music CD, Van Zant's "Get Right with the Man". (Mmmm, delicious irony!) The rootkit introduces several security holes into the system that could be exploited by others, such as hiding any executable file that starts with '$sys$'. Russinovich also identifies several programming bugs in the method it uses to hook system calls, and chronicles the painful steps he had to take to 'exorcise the daemon' from his system."
Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit. Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden (see my Unearthing Rootkits article from the June issue of Windows IT Pro Magazine for more information on rootkits). The RKR results window reported a hidden directory, several hidden device drivers, and a hidden application:
The bottom line on this: attempting to play some Sony BMG CDs (on windows) will result in a poorly written rootkit to be installed on your computer. Uninstalling it will be difficult for all but the most knowledgable users. (I certainly wouldn't qualify - on windows anyway).
Before you attempt to play any Sony/BMG CD, look =very= carefully at the CD, because there is a possibility that some nasty stuff will be installed on your computer without giving you any warning or notice, and it will be extraordinarily hard to get rid of.
Your link doesn't install a rootkit, does it?...
Time to call a lawyer.
I have no problem with Sony wanting to protect their legal rights on the music. But stealth installation of malware is beyond the pale.
Note to self, purchase no products of any kind from Sony.
They are forcing people to pirate songs with this DRM spyware crap.
Enough of a critical mass and you have a pretty nice class-action lawsuit.
Case in point, here's an article on "Internet is Killing the Newspaper" and some of the brilliant groupthink comments:
I'd say people end up being far more informed. Major newspapers will never present worthwhile news, because it is too costly for them. They most likely will not report on the misdeeds of major advertisers. Likewise, in America especially, if they question the administration they'll immediately lose their press access. Thus all they can do is put out bullshit, and hope that people continue to buy their papers. But it looks like people are catching on, and thus people aren't buying their papers.
Then again, many news websites are not as tied up. They can offer viewpoints that the major papers could never think of presenting. Even if their news is incorrect, it still may provoke thought in its readers, perhaps enough for them to investigate other news sources, and hence to make up their own mind based on the information they can obtain.
The last 5 years have seen all the media here become totally none critical of politicians. Prior to 9/11, the media would actually research and the print interesting news about the national and local politicians. Now, I have found that Al Jazeera/BBC does a better job of reporting on our national stuff than does Denver Post and Rocky mountain news (with Al Jazeera you have to treat it like Old Pravda/ Current fox news and be careful of propoganda). Sad state of affairs.
Granted, these are just two opinions, but it's the groupthink there. Try reading this article on Is the US Becoming Anti-Science? and try not to vomit with liberal BS.
For those that don't know, sysinternals.com is an awesome site.
I've exchanged a few emails with Russinovich. He is a very talented individual.
Can anyone explain to me why it is that punk kid programmers who write software like this face probable jail time, but when Sony corporation does exactly the same thing, they're just "protecting their copyright"?
How is a trojan horse opening up security holes from Sony any different from a trojan horse from the computer nerd down the street?
Why isn't Sony facing criminal prosecution under the various anti-digital terrorism acts?
No thanks. I know what is useful to read at /. and what is not. In this case the article itself is fairly insightful in itself. I suspect the details will be beyond most people, but as long as the message "beware Sony/BMG" gets out, that's all I want. I think this DRM stuff is evil, and is one of hte main reason I don't buy anything anymore except what I find at second-hand stores.
Dammned straight. I think he knows windows better than most folks at microsoft. When I used to use windows, I poked his site regularly for information.
> The bottom line on this: attempting to play some
> Sony BMG CDs (on windows) will result in a poorly
> written rootkit to be installed on your computer.
But presumably only if you still have Autoplay, aka
Auto Insert Notification, enabled for that optical
drive (which, unfortunately, it is by default, and
is often silently re-enabled after app installs and
AP/AIN is another of Mr.Bill's gifts to crackers, and
it appears that some of these crackers work for Sony.
About 4 years ago I concluded that I would never buy another CD from a major label because of their attempts to install software on my computer and because they were all caught price fixing
But I also won't use P2P programs to trade copyrighted content for various reasons...
I won't download from Itunes or any of the other major services because none of them sell MP3s - they are all crippled in some way.
So here I am, a guy who bought an album (and a later a CD) a week from the age of 13 to 38 and the industry gets not a penny from me and I am reduced to recording digitally off DirectTV music channels and capturing internet radio broadcasts.... very sad.
Wow. Great find zeugma...
To think that they used to consider windows root kit proof...
You're absolutely right. It's ridiculous what these MPAA and RIAA participants will do to protect their cartel. Suing their own customers, installing rootkits or spyware or whatever it is, it goes well beyond this. I have no love for these organizations and rarely, if ever, buy music CD's and movie DVDs for this reason (as well as not wanting my money to support people like Hanoi Jane and musical "talent" like Eminem).
Drat. Can't get that RKR thingie to run.
Downloaded and unzipped ok, but when I click it
it just asks me what application I want to open an
exe file with.
Do you spoze my Linux box has been rootkitted already?
Because some animals are more equal than others. RIAA and MPAA own several senators.
This rootkit is pretty darned sneaky. Very few will ever even know they have it. I hope sysinternals can come up with an automated check for it. Perhaps then a class-action might be possible. This is something I'd really like to see. These multinational megacorps need to understand the limits of our forbearance.
Probably the biggest reason this won't go anywhere is because no newspaper or network is going to take the advertizing hit that would come from pushing this story hard. Money is power.
Slashdot is a sick place, but Russinovich (sysinternals.com) is a genius and no open-source nutball.
You have to use their player to play it. At least on a computer.
So from the looks of it, that doesn't really matter.
Counting the minutes until Elliot Spitzer sues Sony/BMG....
Most interesting indeed. Thanks for posting.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.