Sony "rootkits" your computer
Warrigal
03-11-2005, 18:37
How's this for charming? Sony's latest DRM copy protection scheme for their music CDs installs what amounts to a "rootkit", a hacking tool designed to hide (usually malicious) code on computers by intercepting low-level system calls to the operating system. Even better, once their poorly-written 'copy protection' is on your computer, anyone can hide any file, program, or registry key on your computer simply by prepending '$sys$' to the file name.
If you do manage to detect this software on your computer... guess what? It doesn't have an uninstall program. There's no entry for it in Add/Remove Programs. Removing it by other means will also remove access to your CDROM drives. Sony, responding to pressure from upset customers and security groups, is going to provide a tool to un-hide their DRM software... but not remove it. Nice to know they feel they own your computer, huh?
http://www.theregister.co.uk/2005/11/03/secfocus_drm/
http://www.theregister.co.uk/2005/11/03/sony_rootkit_drm/
Pure Metal
03-11-2005, 18:39
boo capitalism ;)
*lol*
Sony really is 'the evil empire' it seems.. :D
Drunk commies deleted
03-11-2005, 19:02
It's hard to feel sympathy for record companies who may or may not be losing money to file sharing when they are more than willing to sabotage your computer.
Heron-Marked Warriors
03-11-2005, 19:09
Didn't we already have a thread on this subject?:confused:
Warrigal
03-11-2005, 19:23
Did we? I looked and didn't find it (and of course, Search is busted). Sorry, if this is a repeat! It just pisses me off so. Especially that, even when called on it, they still won't provide a means of getting rid of this... malware.
And no, PM, not 'boo, capitalism'. Capitalism actually kinda works, as long as one puts some limits on it. :)
Gauthier
03-11-2005, 19:44
Is the rootkit preceded by any notifications or End User Licence agreement? I'm in the mind that if it's not, then technically Sony could be liable for spreading malicious software.
Heron-Marked Warriors
03-11-2005, 19:48
Did we? I looked and didn't find it (and of course, Search is busted). Sorry, if this is a repeat!
Don't think it really matters. Actually, I wasn't sure if the other one was Sony, or if it was someone else and this shit is spreading across the world
Lazy Otakus
03-11-2005, 19:49
*lol*
Sony really is 'the evil empire' it seems.. :D
Nah, that's Electronic Arts. And Microsoft.
Pure Metal
03-11-2005, 19:50
And no, PM, not 'boo, capitalism'. Capitalism actually kinda works, as long as one puts some limits on it. :)
heh just feeling a tad facetious tonight :D
Didn't we already have a thread on this subject?:confused:
http://forums.jolt.co.uk/showthread.php?t=452145
Sony have also issued a removal tool (http://cp.sonybmg.com/xcp/english/updates.html) for those affected that want to rid themselves of this.
Pure Metal
03-11-2005, 19:53
Nah, that's Electronic Arts. And Microsoft.
http://forums.jolt.co.uk/showpost.php?p=9870888&postcount=7
i like having pre-baked replies :P
The South Islands
03-11-2005, 20:05
http://forums.jolt.co.uk/showthread.php?t=452145
Sony have also issued a removal tool (http://cp.sonybmg.com/xcp/english/updates.html) for those affected that want to rid themselves of this.
Can we really trust Sony to clean up it's mess here? I'd much rather have a 3rd party removal tool.
Warrigal
03-11-2005, 20:21
http://forums.jolt.co.uk/showthread.php?t=452145
Sony have also issued a removal tool (http://cp.sonybmg.com/xcp/english/updates.html) for those affected that want to rid themselves of this.
Yes, but it's not a removal tool. It's a de-cloaking tool. It does not remove the offending software, just un-hides it. If you delete the subsequently un-hidden files off of your hard drive, you still nuke your CDROM drive.
The EULA when you insert the CD initially does reference a software install, but says nothing about it being hidden, tying itself into the low-level Windows APIs, and certainly nothing about it not being able to be removed.
OceanDrive2
03-11-2005, 20:29
Yes, but it's not a removal tool. It's a de-cloaking tool. It does not remove the offending software, just un-hides it. If you delete the subsequently un-hidden files off of your hard drive, you still nuke your CDROM drive.lets do it...man...lets do it...
I am willing to nuke the innocent Civilean CDdrives...as longs is It bust the hiddent terrists ...
I mean CDdrives are just colateral ... :D :D :p :D
Iztatepopotla
03-11-2005, 20:39
Googling around for this topic I found this: http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
It describes a way to deactivate the rootkit, although it's convoluted and certainly beyond the means of most users. But it makes for a very good read.
Warrigal
03-11-2005, 20:44
Yeah, Mark over at Sysinternals really knows his stuff. He was one of the first (if not the first) to discover this naughty creature.
Call to power
03-11-2005, 20:45
so Sony is protecting there software from copying by stopping the offenders using there comp it sounds like soft justice since all there doing is rendering the offenders copying machine useless
I would of made it send out a message to the police containing everything there doing and ever have done on the computer of course this will require a legal document along the lines of:
"if you use these games on your PC you formally surrender your all rights and freedoms to the Sony corporation"
UpwardThrust
03-11-2005, 20:45
Already a thread on this
but sony has submited a response
http://news.com.com/Sony+to+patch+copy-protected+CD/2100-7355_3-5928608.html?part=rss&tag=5928608&subj=news
UpwardThrust
03-11-2005, 20:47
so Sony is protecting there software from copying by stopping the offenders using there comp it sounds like soft justice since all there doing is rendering the offenders copying machine useless
I would of made it send out a message to the police containing everything there doing and ever have done on the computer of course this will require a legal document along the lines of:
"if you use these games on your PC you formally surrender your all rights and freedoms to the Sony corporation"
Problem being it was AUDIO cd's
and just the act of LISTENING to them installed the rootkit (which is illegal by the way as it modifies windows source)
Iztatepopotla
03-11-2005, 20:59
so Sony is protecting there software from copying by stopping the offenders using there comp it sounds like soft justice since all there doing is rendering the offenders copying machine useless
I would of made it send out a message to the police containing everything there doing and ever have done on the computer of course this will require a legal document along the lines of:
"if you use these games on your PC you formally surrender your all rights and freedoms to the Sony corporation"
Yeah, and if you install a cd made by a competing company, your computer would explode. :D
Of course, you wouldn't suspect Sony, but the crappy products of the competition.
The South Islands
03-11-2005, 21:06
Problem being it was AUDIO cd's
and just the act of LISTENING to them installed the rootkit (which is illegal by the way as it modifies windows source)
Could we se a Microsoft v. Sony lawsuit?
Oh my, that would be fun!
Gauthier
03-11-2005, 21:29
Could we se a Microsoft v. Sony lawsuit?
Oh my, that would be fun!
As if X-Box vs Playstation wasn't explosive enough :D
Teh_pantless_hero
03-11-2005, 21:35
Could we se a Microsoft v. Sony lawsuit?
Oh my, that would be fun!
You mean it isn't still running?
This kind of intrusive action could start something alot larger than Microsoft vs. Sony.
I like their patch to. It isn't a fix or an uninstall but a patch. It will unhide the software while still preventing it from being unharmfully removed.
Cogitation
03-11-2005, 21:46
Does this affect Macs?
...
Note to self: No Sony music.
--The Democratic States of Cogitation
The South Islands
03-11-2005, 21:52
You mean it isn't still running?
This kind of intrusive action could start something alot larger than Microsoft vs. Sony.
I like their patch to. It isn't a fix or an uninstall but a patch. It will unhide the software while still preventing it from being unharmfully removed.
In Corporate law, what could be bigger than Microsoft Corp, et al v. Sony Corp, et al?
Teh_pantless_hero
03-11-2005, 21:53
Does this affect Macs?
...
Note to self: No Sony music.
--The Democratic States of Cogitation
On the other thread with links to news articles about this patch, it notes that only Windows PCs are effected.
Agreed. Note to self: pirate Sony music, I mean, borrow friend's mixed discs of Sony music.
Does this affect Macs?
...
Note to self: No Sony music.
--The Democratic States of Cogitation
That's a good idea, but how do you know that another record label doesn't use Sony CD's?
Note to self: CD is shit. Continue not buying CD's.
Teh_pantless_hero
03-11-2005, 22:09
That's a good idea, but how do you know that another record label doesn't use Sony CD's?
Note to self: CD is shit. Continue not buying CD's.
Everyone should become music pirates; roaming the seven internets robbing pvp networks of their musical booty while getting into data-y skirmishes with those scurvy dogs the RIAA.
I have a 3rd party removal tool for this: it's an axe.
Dobbsworld
03-11-2005, 22:31
I have a 3rd party removal tool for this: it's an axe.
Hmm, sorta "blunt-force trauma"-as-system utility? Pricey.
Turquoise Days
03-11-2005, 22:37
Could we se a Microsoft v. Sony lawsuit?
Oh my, that would be fun!
I always wanted to see what happens when an irresistable force meets an immovable object...
I suspect implosions are involved.;)
Everyone should become music pirates; roaming the seven internets robbing pvp networks of their musical booty while getting into data-y skirmishes with those scurvy dogs the RIAA.
That, and we could go back to records for home listening, and analogue-to-digital formats (OGG Vorbis, FLAC, WAV) for listening on the go. It'd be shitloads better than CD.
Analogue-to-digital is pretty simple. You just connect your record player to a preamp, and connect the preamp to the line-in (read: speaker port) jack on your computer. Open a wave editor/recording program, and record. It keeps a good deal of the record's sound quality, and even that quality is better than CD by leaps and bounds.
Of course, there's also pure digital music, that doesn't have to go through the CD bottleneck, which would be really simple.
Sdaeriji
04-11-2005, 01:03
Could we se a Microsoft v. Sony lawsuit?
Oh my, that would be fun!
With Microsoft as ultra-sensitive to anyone tampering in any way with Windows source as they are, it's not that far-fetched.
Teh_pantless_hero
04-11-2005, 01:12
That, and we could go back to records for home listening, and analogue-to-digital formats (OGG Vorbis, FLAC, WAV) for listening on the go. It'd be shitloads better than CD.
I'm sorry but WAV is a terrible format.
I'm sorry but WAV is a terrible format.
Actually, it isn't. It's pure, uncompressed digital audio. Sure, the file sizes are huge, but as far as digital goes, the quality can't be beaten.
LazyHippies
04-11-2005, 02:03
Sony does not "rootkit" your computer. First of all, "rootkit" is a noun, not a verb. So, no one can "rootkit" you. They can install a rootkit on your computer, but they cannot rootkit your computer. Second of all, what the CDs in question install (after asking you if you agree with the EULA) does not resemble in any way a rootkit. It has only one element of a rootkit which is the fact that it hides its self. But saying that because it hides its self it is a rootkit is like saying that because the jolt software allows you to format text before you post it, it is a word processor. A rootkit, by definition provides a backdoor for hackers to enter your system. Rootkits hide themselves in order to remain undetected longer, but their primary function is to provide a backdoor into your system with administrator priviledges. The primary function of Sony's DRM software is to make sure you do not access the protected CD with any software other than the one provided. Sony's DRM software does not provide a backdoor, does not allow any sort of remote access or remote control, it does not grant anyone administrator priviledges, and it doesn't even arrive in a trojan horse (one of the more common means of installing rootkits). Sony's DRM software, though very poorly designed, does not meet any of the criteria for being called a rootkit.
Rotovia-
04-11-2005, 02:11
You know if we returned the favour, we'd go to prison.
Teh_pantless_hero
04-11-2005, 02:38
the file sizes are huge,
Big size = bad.
H N Fiddlebottoms VIII
04-11-2005, 02:45
Big size = bad.
<Insert obvious penis joke here>
Big size = bad.
Oh, so you're okay with shitty audio quality?
Fine with me.
Teh_pantless_hero
04-11-2005, 03:03
Oh, so you're okay with shitty audio quality?
Fine with me.
I don't have the ear to sort it out unless there are obvious skips and blips.
I don't have the ear to sort it out unless there are obvious skips and blips.
Well, that explains it. For me, it's easy to tell the difference between a 128kbps MP3 and a 160kbps MP3. Very easy.
Teh_pantless_hero
04-11-2005, 03:07
Well, that explains it. For me, it's easy to tell the difference between a 128kbps MP3 and a 160kbps MP3. Very easy.
I can't tell the difference between 65kbs and 192kbs unless there is a blip caused by recording of it to that qualify.
I can't tell the difference between 65kbs and 192kbs unless there is a blip caused by recording of it to that qualify.
Your ears suck, dude.
Lazy Otakus
04-11-2005, 04:32
Now this is funny:
World of Warcraft hackers using Sony BMG rootkit
Published: 2005-11-03
Want to cheat in your online game and not get caught? Just buy a Sony BMG copy protected CD.
World of Warcraft hackers have confirmed that the hiding capabilities of Sony BMG's content protection software can make tools made for cheating in the online world impossible to detect. The software--deemed a "rootkit" by many security experts--is shipped with tens of thousands of the record company's music titles.
Blizzard Entertainment, the maker of World of Warcraft, has created a controversial program that detects cheaters by scanning the processes that are running at the time the game is played. Called the Warden, the anti-cheating program cannot detect any files that are hidden with Sony BMG's content protection, which only requires that the hacker add the prefix "$sys$" to file names.
Despite making a patch available on Wednesday to consumers to amend its copy protection software's behavior, Sony BMG and First 4 Internet, the maker of the content protection technology, have both disputed claims that their system could harm the security of a Windows system. Yet, other software makers that rely on the integrity of the operating system are finding that hidden code makes security impossible.
Source (http://www.securityfocus.com/brief/34)