Now this is incredible - Sony BMG copy-protected audio-CDs installing rootkits in your system…
I wonder if people who belong to the BMG Music Service are automatically fed this trash when they sign up for the service???
This has got to be at best a breach of privacy and at worst computer misuse. They probably have something buried in their T&C/EULA.
Yes they have a right to try to prevent piracy but this is ridiculous.
Yes they have a right to try to prevent piracy but this is ridiculous.Actually, This is RIAA ;D
Except from the EULA
(d) You may not decompile, reverse engineer or disassemble any of the LICENSED MATERIALS, in whole or in part.
Thats the rootkit they are referring to. >:(
does this explain why trials can be used once and only once?
because i was wondering there had to be something…
plus hp offered in their brochure to put some “hidden” software into the laptop for an extra fee and if someone stole your laptop, you can call to hp and they have a center that will track it down…
but gee…do you guys think some spyware use this too?
tim
Yes it is true,
Sony DMR installs a rootkit: Just a summary for the quick readers- the investigation was done by Mark Russinovich. The rootkit is installed with a DRM-encumbered music CD, Van Zant’s “Get Right with the Man” (how ironical). The rootkit introduces various security holes into the system to be exploited by others, such as hiding any executable with “SsysS”. Programming bugs in the hook system calls method make it develish to “exorcise thisdaeom” from your system.
We know that the music industry and Big Media scan computers for illegal content all the time (browser like bots), but that they reach for these means to make their statement is a bit over the top. And here a link for a further exposé:
http://www.f-secure.com/weblog/#00000675
Important to know is, do not try to get it from your system yourself, this could result in trouble with your CD drive recognition, go contact Sony and ask them for removal instructions or at the maker of the software: http://www.first4internet.com/
greets,
polonus
there can be only one response ;D ;D ;D
Does avast! detect this rootkit ?
Sony to offer patch for ‘rootkit’ DRM
Fix removes cloaking, but not the ‘rootkit’
http://www.theregister.com/2005/11/03/sony_rootkit_drm/
It’s in the mainstream news now.
Simple solution to all these problems = Disable Autorun in Windows!
It seems that even Mark Russinovich didn’t do that. For research purpose, presumably? ???
Is there possibility that Sony “bundles” the rootkit in their product such as VAIO and other apps?
He probably didn’t disable it like most Windows users including myself who would not expect getting infected with a Rootkit from a retail music CD. It is disabled on my PC now and I will be making immediate changes to all my policies. Disabling Autorun in Windows effectively blocks this from happening. You can still listen to music you just have to manually open the CD in Windows Media player or Winamp ect…
Not to mention it stops alot of DVD software installs when watching movies.
Thanx for the explanation, mastertech. Although I am much less knowledgeable of computer than many users here not to mention Russinovich, I disabled autorun long time ago. It is my habit to rip CDs first before listening it on my PC.
I lost my trust on Sony long time ago and wasn’t surprised by this incident, though.
It’s on secunia report now.
First4Internet XCP Content Management (SECUNIA ADVISORY ID: SA17408)
This whole issue sucks and I hope that now it has started to be aired in the public domain that those contemplating purchase of any Sony products don’t purchase it. Not just Sony music products, but all Sony products. Show your distaste at this very underhand (pun intended) tactic by voting with their wallet and don’t buy it. This is the only language these huge companies understand, the bottom line.
As an ex musician I don’t “steal” music; I buy it, but this latest trick from Sony is way OTT. Even tho’ I’ve never stolen music they assume I will. I don’t like that attitude.
ROOTKITS!!! A low blow to users. Did they really think we wouldn’t notice? Care?
That’s done it for me. No more Sony discs or for that matter Sony- anythings.
As DavidR says, if we all boycott Sony they may re-think their strategies, but too late for me. Sony’s become a dirty word here. I’ll never be able to trust them again.
Walks away muttering “ROOTKITS! Invasion of privacy! Dirrrrrty business…grrrrr” and playing older music again…
But Happy Days to y’all and thanks for the heads-up!
David
The boycott suggestion is a great idea. I shall pass it on.
The more places are made aware of this, the better and the greater the effect will be.
Will Avast detect this now or in the future? I didn’t see the answer.
SonWon