Fuck Sony Copy Protection

I can't believe they think they can get away with BS like this.

-----------------------------------------

http://www.theregister.co.uk/2005/11/01/sony_rootkit_drm/

Removing Sony's CD 'rootkit' kills Windows

By Andrew Orlowski in San Francisco
Published Tuesday 1st November 2005 10:25 GMT

Sysinternals' Mark Russinovich has performed an analysis of the copy restriction measures deployed by Sony Music on its latest CDs: which he bluntly calls a 'root kit'. Using conventional tools to remove Sony's digital media malware will leave ordinary users with Windows systems unable to play CDs.

While the Sony CDs play fine on Red Book audio devices such as standard consumer electronics CD players, when they're played on a Windows PC the software forces playback through a bundled media player, and restricts how many digital copies can be made from Windows.

A 'root kit' generally refers to the nefarious malware used by hackers to gain control of a system. A root kit has several characteristics: it finds its way onto systems uninvited; endeavors to remain undetected; and then may either intercept system library routines and reroute them to its own routines, or replace system executables with its own, or both - all with the intention of gaining system level ownership of the computer.

What makes Sony's CD digital media software particularly nasty is that using expert tools for removing the parasite risks leaving you with a Windows PC that's useless, and that requires a full reformat and reinstall.

So is Sony bundling a root kit, or is it the latest in a long line of clumsy, and sometimes laughably inept attempts to thwart the playback of digital media on PCs?

We were inclined to the latter - but in practical terms, for ordinary users, the consequences are so serious that semantic distinctions are secondary.

In actuality both, reckons Russinovich. It's a 'root kit' that arrived uninvited, but it's also "underhanded and sloppy software" , that once removed, prevented Windows from playing his CD again (Van Zant's 'Get With The Man') he notes in his analysis.

The Sony CD creates a hidden directory and installs several of its own device drivers, and then reroutes Windows systems calls to its own routines. It intercepts kernel-level APIs, but then attempts to disguise its presence, using a crude cloaking technique.

Disingenuously, the copy restriction binaries were labelled "Essential System Tools".

But the most disturbing part of the tale came when Russinovich ran his standard rootkit-removal tool on the post-Sony PC.

"Users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files," he writes.

Which puts it in an entirely different class of software to the copy restriction measures we've seen so far, which can be disabled by a Post-It note. Until specialist tools arrive to disinfect PCs of this particular measure.

 

i see some lawsuits coming to Sony. Thats really fucked up

 

I wonder how it works when you're not an administrator.

 

Sony back off on this pretty quick.

http://news.yahoo.com/s/nf/20051103...j8DW7oF;_ylu=X3oDMTBiMW04NW9mBHNlYwMlJVRPUCUl

After Criticism, Sony Issues Fix for Hidden Rootkits Walaika K. Haskins, newsfactor.com
Thu Nov 3, 4:04 PM ET



Sony (NYSE: SNE - news) has admitted that it included a stealth rootkit on some music CDs shipped in 2005 and has issued an update to remove the hidden software one day after it was discovered. The company had drawn criticism from security experts who warned that the technology could serve as a tool for hackers.

The nearly undetectable monitoring utility, part of the company's digital-rights management (DRM) technology, was aimed at preventing consumers from producing illegal copies of CDs. The software installed itself automatically in Windows systems whenever a CD was inserted. Any files contained in the rootkit are invisible and almost impossible to remove.

Security expert Mark Russinovich of Sysinternals discovered the hidden rootkit and posted his findings on the company blog on November 1st. Russinovich wrote that although he checked in his system's Add or Remove Programs list, as well as on the vendor's site and on the CD itself, he could not find uninstall instructions. Nor, he says, could he find any mention of it in the End User License Agreement (EULA).

Stealth Tactics

A rootkit is a set of tools commonly used by hackers to circumvent antivirus software and control a computer system. Most rootkits are engineered so that common PC monitoring mechanisms cannot detect them. The rootkits are designed to tuck themselves in to the most basic level of the operating system and remain hidden from users.

A Finnish antivirus company, F-Secure, reported that it had spent several weeks recently trying to find the cause of some unknown files reported by a user who suspected an audio CD as the cause.

Mikko Hyppnen, chief research officer at F-Secure, said hackers could use the rootkit to insert their own files by inserting a simple command at the beginning of the file name that would render them undetectable by most antivirus software. On the F-Secure blog, Hyppnen wrote that he heard rumors that Universal is using the same DRM system on its audio CDs.

Privacy? What Privacy?

Although industry analysts said they cannot fault Sony's motives, some saw the company's initial failure to disclose the hidden technology as a violation of U.S. copyright laws. According to Jared Carleton, an analyst at Frost & Sullivan, Sony is overstepping the fair-use clause that gives consumers the right to make backup copies.

"[Sony] is saying, 'No, we are not going to pay attention to U.S. copyright law that's been generally accepted for the past 30 years,' " he said.

Carleton likened the hidden DRM to malware, and said it was no different than adware and spyware. He said that if Sony was shipping DRM-protected CDs, the company needed to put a notice on its packaging. Consumers understand that artists should be paid for their music, he said, but he added that consumers don't like this type of secrecy.

Andrew Jaquith, senior security analyst at Yankee Group, said the company behaved badly and that there could be a backlash. He said that the desire to protect intellectual property is understandable, but that Sony should have been upfront about its DRM technology, and would have been better off using industry-standard software.

"I haven't seen a single positive comment about this and it makes them look at little slimy," Jaquith said. "They should have been above-board and should have used software that they hadn't cobbled together themselves."

On the Web page containing the update, which enables users to detect and remove the rootkit, Sony said its technology did not pose a security risk. "This component is not malicious and does not compromise security," the company's post said. "However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers."

The fix can be downloaded at http://cp.sonybmg.com/xcp/english/updates.html.

 

my sentiments exactly. But I would venture a guess that a good 75% of home users are not running 2000/XP Professional that would require this.

 

Agreed...