Sony DRM Installs Rootkit

21 comments

It seems Sony has taken the inevitable next step in their war against piracy; installing "Rootkits" into their victim^Hcustomers computers.

From Marks Sysinternals Blog

Quote:
Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit.
Quote:
Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files.

Comments

I was just showing that to

I was just showing that to someone here --nasty, isn't it?

Yup Nasty

And only likely to get nastier, eh? :OS

IMO, Sony has opened itself

IMO, Sony has opened itself to a huge liability issue. Grab a bag of popcorn and wait for the class action movie on this one.

Heh

Let Lawyer Army Battle Royale commence! ;O)

tip: keep an old system for

tip: keep an old system for a ripper.

More on Sony's "DRM Rootkit"

Slashdot had been buzzing about this.

"A couple of days ago we posted a story about Sony DRM installing a rootkit. Since then we have seen many more stories on the subject that I thought were worth sharing. manno gave us a link to the inquirer and salemnic sent us a page from the washington post. smallfries gave us one from PC Pro. It's nice to see this story not getting lost in the cracks since the implications are gigantic."
http://yro.slashdot.org/article.pl?sid=05/11/02/1421250&tid=233&tid=17

I haven't bought a major label CD in 5+ years

And while some of my money regrettably still ends up in the hands of the clueless jerky recording industry folks due to my online music subscriptions, at least I'm not supporting *covert* DRM crap :)

"Infected with DRM"

Loving it :O) Ordinary Joe on the street will understand that. Good call Slashdotters.

I was reading about this on

I was reading about this on F-Secure's blog. Nice to know Sony make software that AntiVirus programmes find..... heh.

It's ok to install software without the person knowing, and in doing that, opening them up to a greater risk of virus infections, buy copying CD's, nooooooo, you can't do that!

Infected implies the right

Infected implies the right invective, but DRM? I could mention that to half the people I know (the non tech-savvy half) and they wouldn't know what I meant until I explained it stopped them playing CDs. Its just another meaningless acronym.

Actually scratch that, it makes DRM sound like the new SARS. Awesome.

Yup

The only bit they need to remember is the "infected" bit, plus that what infected them was a sony published CD.

Sony are fixing it

Not really

Quote:
However, the patch that Sony will offer doesn't remove the 'rootkit' DRM: it only makes the hidden files visible.
Quote:
However, Sony's decision to offer a 'patch' that fails to remove the DRM code suggests it isn't too concerned by the howls of outrage heard this week from sophisticated PC users.

And with this level of apathy, the music giants will be emboldened to try these techniques again. And again. And again

Ah, and F-Secure are now

Ah, and F-Secure are now reporting that Sony have updated the DRM software, no longer trying to hide, and the update removes the old version as well.

Still a pain, and still difficult to remove, but a bit of an improvement....
F-Secure were in discussions with Sony about it anyway, and I'm sure the /. effect prompted them to do something about it.

The BBC picks up on it, thus

The BBC picks up on it, thus adding a bit of mainstream pressure.

made Google News

it's hitting the fan now

Quote:
Sony DRM is worse than you might think
Inquirer - 4 hours ago
SONY SCREWED UP WITH its rights removal to protect its profit margins philosophy and there is no way the use of rootkits can be justified. Caught with its pants down, what did it do? Make things right? Heck ...
Sony attacked over anti-piracy CD BBC News
Study of Sony Anti-Piracy Software Triggers Uproar Washington Post

business 2.0

However, Sony's decision to offer a 'patch' that fails to remove the DRM code suggests it isn't too concerned by the howls of outrage heard this week from sophisticated PC users.

Witless managers are never too concerned until they are made part of the exodus during a bankruptcy. Even then, they are too clueless to recognise their contribution to the failure.

>Let Lawyer Army Battle

>Let Lawyer Army Battle Royale commence!

Bigtime! It appears that Sony has messed with Texas.

Quote:
The Texas spyware law allows the state to recover damages of up to $100,000 in damages for each violation. Abbott said there were thousands of violations, and that any money would go to the state.

Sony sez: We share the

Sony sez:

Quote:
We share the concerns of consumers regarding these discs, and we are instituting a mail-in program that will allow consumers to exchange any CD with XCP software for the same CD without copy protection and receive MP3 files of the same title...

Translation:
Please God, just let this go away without it ripping the company a new one.

Yet more

Please form an orderly queue. A post from the UK Guardian newspaper technology blog entitled 'Sony lawsuits, boycotts' contains the following:

I don't think Sony has quite woken up to how bad the "rootkit" episode could get. The Electronic Frontier Foundation "along with two leading national class action law firms, today filed a lawsuit against Sony BMG, demanding that the company repair the damage ...

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.