Log In · Register

 
New Sony CD's install rootkit
*mipadi*
post Nov 1 2005, 12:00 PM
Post #1





Guest
Well, this isn't kosher:

Mark Russinovich, of SysInternals.com, has discovered a so-called "rootkit" which is installed by Sony's new digital rights management-protected music compact disks (CDs). A rootkit is a common name for malicious software that is used by hackers or criminals to gain access to a computer system and be able to clandestinely run other malicious code. Rootkits frequently contain hidden and hard to remove files and are designed to be difficult for the user to remove.

Russinovich classifies Son'y malware as a rootkit because it introduce several serious security holes, one of which is intended to be exploited to hide files and prevent the user from removing them. In particular, all executable files which begin with '$sys$' are hidden when the software is installed. He points out that these security holes could be exploited by hackers, or other malware producers besides Sony.

Russinovich explains that naively removing the files will result in a crippling of the operating system on the user's computer. He provides an explination of the difficult step required to remove Sony's malware.

Playing the same CDs under Linux or on a non-computer based CD player remains safe. As removing Sony's malware may violate the DMCA, ripping the CDs under Linux may be the best legal option for those who wish to listen to them under Windows.

The software is automatically installed when a Sony CD is played on a computer, and is not mentioned in their EULA. The rootkit appears to have been commercially developed by First 4 Internet and lisenced to Sony.

Read
 
 
 Start new topic
Replies
*mipadi*
post Nov 12 2005, 11:38 AM
Post #2





Guest
I guess a lawsuit has encouraged Sony to stop producing such CD's, but Sony still argues it has a right to protect its music. There are several quotes from these articles that bother me a bit:

"Sony said it had a right to stop people illegally copying music, but added that the halt was precautionary." [1]

I think Sony has some right to protect their music, but their rights end where mine begin; not only do I have certain fair use rights (which I won't even get into at this point, since those have all but disappeared a long time ago), but Sony doesn't have the right to break my machine in order to have their music protected. (I mention this only theoretically, of course; since I don't run Windows on my laptop or various desktops, Sony's CD's don't technically do anything to my computers--even play.)

"Mathew Gilliat-Smith, the CEO of First 4 Internet, the company that created the software, claims it is 'benign content.' Meanwhile, in an NPR interview, a spokesman for Sony said, 'users don't know what a rootkit is, and therefore, don't care.'"[2]

Firstly, the software clearly isn't "benign," as it can allow other viruses to piggy back on top of it; secondly, I find it arrogant and ignorant that Sony says it doesn't matter because people don't know what a rootkit is. Whether they know what it is or not is trivial--it can still do damage. (In fact, not knowing what it is probably leaves one open for more damage.) Most people also don't know what ebola is, but it will kill them just the same.

Actions like this make me think it's about time we, as consumers, stop purchasing DRM-protected music. If someone like Sony is going to trample on consumers' rights, I see nothing wrong with hitting back by pirating their music.
 

Posts in this topic
mipadi   New Sony CD's install rootkit   Nov 1 2005, 12:00 PM
kryogenix   It's a commercial rootkit too :( [edit] http...   Nov 1 2005, 06:09 PM
mipadi   This really bothers me. I'd like to say that I...   Nov 1 2005, 06:19 PM
uLoVeMikeRoch   I saw this somewhere too. Engadget or hackaday. I ...   Nov 2 2005, 03:53 PM
mipadi   I guess a lawsuit has encouraged Sony to stop prod...   Nov 12 2005, 11:38 AM
tweeak   http://www.msnbc.msn.com/id/10005667/ Haven't...   Nov 12 2005, 07:05 PM
mipadi   I guess, if you consider "temporarily suspend...   Nov 12 2005, 08:53 PM
sadolakced acid   and plus, those CDs are still out there. any form...   Nov 12 2005, 09:51 PM
tweeak   forget kazaa, redlightglow.com + elbo.ws = all my ...   Nov 12 2005, 09:55 PM
sadolakced acid   i'm piggy backing my sister's napster acco...   Nov 12 2005, 10:03 PM
tweeak   oh, yeah, i knew that, i just misinterpreted your ...   Nov 12 2005, 10:20 PM
mipadi   I used to fully support the legal purchase of musi...   Nov 12 2005, 11:37 PM
sadolakced acid   ^ se! and michael joins the fray. i have.....   Nov 13 2005, 12:57 PM
xnofearx   QUOTE(sadolakced acid @ Nov 13 2005, 12:57 PM...   Nov 21 2005, 10:12 AM
kryogenix   QUOTE(xnofearx @ Nov 21 2005, 10:12 AM)That...   Nov 21 2005, 02:42 PM
mipadi   QUOTE(kryogenix @ Nov 21 2005, 2:42 PM)Why do...   Nov 21 2005, 02:57 PM
xnofearx   QUOTE(kryogenix @ Nov 21 2005, 2:42 PM)Why do...   Nov 22 2005, 11:17 AM
tweeak   I have about 2 gbs of music I got off my cds...but...   Nov 13 2005, 02:41 PM
kryogenix   http://cp.sonybmg.com/xcp/ Sony apologizes   Nov 16 2005, 05:36 PM
mipadi   Bit too late for that, I think.   Nov 16 2005, 07:03 PM
kryogenix   QUOTE(mipadi @ Nov 16 2005, 7:03 PM)Bit too l...   Nov 16 2005, 07:45 PM
mipadi   That, and they dragged their feet. Their original ...   Nov 16 2005, 08:01 PM
kryogenix   Boycott the PS3!   Nov 16 2005, 08:14 PM
sadolakced acid   boycott sony records for one financial quarter. t...   Nov 16 2005, 09:02 PM
kryogenix   QUOTE(sadolakced acid @ Nov 16 2005, 9:02 PM)...   Nov 16 2005, 09:17 PM
sadolakced acid   but it has nothing to do with thier rootkit. if t...   Nov 16 2005, 11:28 PM
kryogenix   QUOTE(sadolakced acid @ Nov 16 2005, 11:28 PM...   Nov 17 2005, 02:54 PM
mipadi   Sony would just chalk the losses up to "incre...   Nov 16 2005, 11:40 PM
sadolakced acid   which is why such a boycott would have to be publi...   Nov 17 2005, 01:23 AM
tweeak   We took time out of history class to rant about So...   Nov 17 2005, 08:26 PM
kryogenix   http://today.reuters.com/investing/finance...-33_L...   Nov 20 2005, 09:15 PM
sadolakced acid   i think it would be better to boycott other music ...   Nov 20 2005, 09:24 PM
DaTru KataLYST   I dont think the Sony execs are getting enough air...   Nov 21 2005, 02:47 AM
tweeak   As who says?   Nov 21 2005, 04:40 PM
mipadi   Other C programmers, I guess.   Nov 21 2005, 04:44 PM
sadolakced acid   just to point out how stupid the RIAA is. notice ...   Nov 22 2005, 04:36 PM
tweeak   Barnes and Noble is perfectly fine with me sitting...   Nov 22 2005, 07:55 PM
xnofearx   ^ If the book is good buy it I guess....   Nov 22 2005, 09:05 PM
sadolakced acid   i think the only reason barnes and nobles can affo...   Nov 22 2005, 11:29 PM
xnofearx   ^ Some people (like me) actually buy books from Ba...   Nov 24 2005, 11:39 PM
sadolakced acid   ^ i find it much more comfortable to read at B and...   Nov 24 2005, 11:45 PM
xnofearx   ^ Oh, I like lying on my bed while reading, but th...   Nov 25 2005, 12:31 AM
mipadi   http://www.businessweek.com/technology/con...1129_...   Nov 29 2005, 03:28 PM

« Next Oldest · Technology · Next Newest »
 

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 

Display Mode: Switch to: Standard · Switch to: Linear+ · Outline

Track this topic · Email this topic · Print this topic