Home News Reviews Forums Shop


Sony may take over your PC

General discussion. Come introduce yourself. Talk about whataver you want!

Sony may take over your PC

Postby MediumRare on Thu Nov 03, 2005 3:16 pm

DRM seems to be running wild. :o This is a couple of days old, but I just read about it at heise (here and here).

Apparently some Sony CD's with DRM protection install a root kit on your computer and monitor file activity!

Mark Russinovich at Sysinternals found this while testing his Rootkit Revealer. See his report: Sony, Rootkits and Digital Rights Management Gone Too Far

G
User avatar
MediumRare
CD-RW Translator
 
Posts: 1768
Joined: Sun Jan 19, 2003 3:08 pm
Location: ffm

Postby dodecahedron on Thu Nov 03, 2005 4:46 pm

:evil: :x
One Ring to rule them all, One Ring to find them,
One Ring to bring them all and in the darkness bind them
In the land of Mordor, where the Shadows lie
-- JRRT
M.C. Escher - Reptilien
User avatar
dodecahedron
DVD Polygon
 
Posts: 6865
Joined: Sat Mar 09, 2002 12:04 am
Location: Israel

Postby eric93se on Thu Nov 03, 2005 4:57 pm

Great find! I hope someone can write a kill program. Activity like that should be illegal, our right to privacy has been long lost.
Benq DW-1640
ASUS 1608P2 >> Crossflashed to Pioneer 110 -> RAM+Bitsetting+removed riplock+RPC1 :D

Boost Mobile stole my minutes, then would rather loose me as a customer than give back my minutes (thieves).
User avatar
eric93se
CD-RW Player
 
Posts: 235
Joined: Tue Dec 23, 2003 9:22 pm

Postby dodecahedron on Thu Nov 03, 2005 5:21 pm

posted on the Register.
http://www.theregister.co.uk/2005/11/01 ... otkit_drm/

never been a great fan of Sony, though i do like some of their stuff and do own some.
will never again purchase any sony product.
One Ring to rule them all, One Ring to find them,
One Ring to bring them all and in the darkness bind them
In the land of Mordor, where the Shadows lie
-- JRRT
M.C. Escher - Reptilien
User avatar
dodecahedron
DVD Polygon
 
Posts: 6865
Joined: Sat Mar 09, 2002 12:04 am
Location: Israel

Postby Ian on Fri Nov 04, 2005 12:04 am

eric93se wrote:Great find! I hope someone can write a kill program.


Here's one:

http://updates.xcp-aurora.com/

I was watching that stupid "Attack of the Show" on G4 tonite. The chick on their was taking credit for Sony backpedaling on all this. Uh yeah.. whatever.
"Blu-ray is just a bag of hurt." - Steve Jobs
User avatar
Ian
Grand Poobah
 
Posts: 15130
Joined: Sun Apr 08, 2001 2:34 pm
Location: Madison, WI

Postby aviationwiz on Fri Nov 04, 2005 8:51 am

I thought activity like that *WAS* illegal. But does it secretly upload the information? Or does it just sit there monitoring your usage?
User avatar
aviationwiz
Plextor Fan(atic)
 
Posts: 4069
Joined: Tue Jul 16, 2002 2:55 am
Location: Home of the Red Tail

Postby dolphinius_rex on Fri Nov 04, 2005 10:45 am

Sony's released a removal tool now:
http://cp.sonybmg.com/xcp/english/updates.html
Punch Cards -> Paper Tape -> Tape Drive -> 8" Floppy Diskette -> 5 1/4" Floppy Diskette -> 3 1/2" "Flippy" Diskette -> CD-R -> DVD±R -> BD-R

The Progression of Computer Media
User avatar
dolphinius_rex
CD-RW Player
 
Posts: 6923
Joined: Fri Jan 31, 2003 6:14 pm
Location: Vancouver B.C. Canada

Postby MediumRare on Fri Nov 04, 2005 5:57 pm

dolphinius_rex wrote:Sony's released a removal tool now:
http://cp.sonybmg.com/xcp/english/updates.html

It doesn't remove the root kit- it just deactivates the cloaking, so you can see that it's there. See The Register: http://www.theregister.co.uk/2005/11/03/sony_rootkit_drm/

There are also exploits piggybacking on this: a World of Warcraft cheat: http://www.theregister.co.uk/2005/11/04/secfocus_wow_bot/

I think Sony has to a lot more backpedaling! :evil:

G
User avatar
MediumRare
CD-RW Translator
 
Posts: 1768
Joined: Sun Jan 19, 2003 3:08 pm
Location: ffm

Postby algrinch on Tue Nov 08, 2005 3:50 am

Here is an interesting read from Security Now.

http://www.grc.com/sn/SN-012.pdf

or you can listen at http://www.grc.com/sn/SN-012.mp3

They are talking about this Sony Rootkit problem.

Here are a few quotes from the show...

" in trying to remove it, they damaged Windows and lost their CD-ROM drive completely, just disappeared."

"anything that begins with $sys$ gets hidden by this tool,"

"if this software became prevalent, that junior hackers who don't have the ability to create a rootkit themselves could simply name their files $sys$, and they'd all be - they would all disappear, courtesy of Sony's copy protection."


Nothing but the best from Sony...
"All Bibles are man made" - Thomas Edison
User avatar
algrinch
CD-RW Player
 
Posts: 133
Joined: Fri Sep 05, 2003 2:15 pm
Location: London, ON Canada

Postby algrinch on Fri Nov 11, 2005 12:36 pm

More on the Sony Rootkit

Class action lawsuit filed in California....

"In other Sony BMG news, a slew of security firms warned Thursday of the first appearance of malware that uses Sony's rootkit to hide from anti-virus programs. "


http://www.informationweek.com/story/sh ... =173601761
"All Bibles are man made" - Thomas Edison
User avatar
algrinch
CD-RW Player
 
Posts: 133
Joined: Fri Sep 05, 2003 2:15 pm
Location: London, ON Canada

Postby dolphinius_rex on Sat Nov 12, 2005 3:40 am

According to my sources, BMG has become rather pissed with Sony, and is now doing their replication elsewhere (not a Sony replication plant!) :o

One interesting thing about Sony replication plants, is that they are NOT IRMA compliant. Which means they do not require licensing documentation before replicating discs. This is VERY rare among plants registered as proper replicating facilities. Many shady companies I know of prefer to use Sony's replicating facilities for their jobs because they know that they don't have to worry about the content at all.

You THINK that Sony, as a representative of so many musicians, would be more interested in protecting their intellectual property!! But on the other hand, they put out these messed up copy protections.... it seems like they can't make up their minds on how they want to handle things! :o
Punch Cards -> Paper Tape -> Tape Drive -> 8" Floppy Diskette -> 5 1/4" Floppy Diskette -> 3 1/2" "Flippy" Diskette -> CD-R -> DVD±R -> BD-R

The Progression of Computer Media
User avatar
dolphinius_rex
CD-RW Player
 
Posts: 6923
Joined: Fri Jan 31, 2003 6:14 pm
Location: Vancouver B.C. Canada

Postby Dartman on Sat Nov 12, 2005 2:42 pm

They have no supposedly pulled the offending DRM crap off the market, Too bad they tried this at all and all ready 3 trojans were made to use the cloaking part.....
User avatar
Dartman
CD-RW Player
 
Posts: 1605
Joined: Sun May 26, 2002 2:13 pm
Location: USA

Postby dolphinius_rex on Sat Nov 12, 2005 3:48 pm

Dartman wrote:They have no supposedly pulled the offending DRM crap off the market, Too bad they tried this at all and all ready 3 trojans were made to use the cloaking part.....


It makes me glad I don't listen to new music at all! :wink:
Punch Cards -> Paper Tape -> Tape Drive -> 8" Floppy Diskette -> 5 1/4" Floppy Diskette -> 3 1/2" "Flippy" Diskette -> CD-R -> DVD±R -> BD-R

The Progression of Computer Media
User avatar
dolphinius_rex
CD-RW Player
 
Posts: 6923
Joined: Fri Jan 31, 2003 6:14 pm
Location: Vancouver B.C. Canada

Postby LoneWolf on Sat Nov 12, 2005 6:17 pm

Ian wrote:
eric93se wrote:Great find! I hope someone can write a kill program.


Here's one:

http://updates.xcp-aurora.com/

I was watching that stupid "Attack of the Show" on G4 tonite. The chick on their was taking credit for Sony backpedaling on all this. Uh yeah.. whatever.
G4 sucks. It's a real pity they bought TechTV, then tossed out the best it had to offer. When Comcast added several channels to my basic package, the two "notable" ones were ESPN2 (The Ocho! as we continue to call it) and G4. I still can't believe this channel hasn't died yet. So much of it is console, and too much of it is gaming.

As for the Sony bit, I'll be boycotting their products for some time to come. They haven't backpedalled enough yet as far as I'm concerneed, and their execs are obviously unrepentant (google for their comments, but it's essentially "Hardly anyone knows what a rootkit is, so why should they care?"), so even as far as they have retreated, you can bet they'll just try and come back with another stealthier method.
Intel Q9450 @3.2GHz, Gigabyte GA EP45-UD3P, 4 x 2GB G.Skill @4-4-4-12
Antec P160SW case (modded), Xigmatek 750w PSU
3x 500GB (RAID-5), , OptiArc 7200S, ASUS E818A3T
Creative X-Fi XtremeGamer, Hauppauge HVR-1800, Radeon 4890
Dell 2407WFP
User avatar
LoneWolf
CD-RW Player
 
Posts: 937
Joined: Thu Feb 06, 2003 4:41 pm
Location: Meecheegan

Postby Ian on Sat Nov 12, 2005 7:05 pm

The only show I still watch on G4 is X-Play. Even then, the games they're reviewing have been out for weeks or months. When they were on TechTV, they seemed to be a little more up to date.
"Blu-ray is just a bag of hurt." - Steve Jobs
User avatar
Ian
Grand Poobah
 
Posts: 15130
Joined: Sun Apr 08, 2001 2:34 pm
Location: Madison, WI

Postby Spazmogen on Mon Nov 14, 2005 2:33 am

SONY's stopping its use for now.

Seems they're more worried about hackers cloaking programs with SONY's technology, than they are of disgruntled consumers.

As usual, I'm sure its a decision the legal dept made for them: how do we defend ourselves in court when a hacker uses this against a government or big busines (perhaps a SONY rival) ? SONY can't defend itself that easily.
e6400 Core 2 Duo @ 2.13ghz
GeForce 7600GT 256mb PCI-e
2gb DDR2 667mhz Patriot ram 1.8v in d/c
Gigabyte GA-965P-DS3 F10 BIOS
WD Caviar SE16 250GB SATA300 7200RPM 16MB Buffer
Samsung SATA2 80gb 7200rpm
Samsung SH-S182D 18x DVD burner
User avatar
Spazmogen
CD-RW Player
 
Posts: 1472
Joined: Tue Oct 23, 2001 8:00 pm
Location: Woodstock, Ontario

Postby algrinch on Tue Nov 22, 2005 4:59 pm

Here is a list of the albums that contain the infamous sony rootkit

http://cp.sonybmg.com/xcp/english/titles.html

This topic has been covered in a number computer and security newletters that I read and it sure sounds like a miserable thing to have on your computer.

The latest rumour is that if you have autorun enabled when you insert the cd, the program installs itself and then displays the End User Licence Agreement for the software player. If you don't agree, the software remains present, but isn't active.

I disabled autorun a while back, I don't like it. Here is a nice guide for this task: http://www.annoyances.org/exec/show/article03-018

They also mention that holding down the shift key when inserting a CD will prevent the cd from autorunning a program.

In one article
http://channels.netscape.com/news/story ... tm&sc=1333
it was said that "Sony BMG initially rejected the uproar over XCP as technobabble." I like that word "Technobabble". Kind of has the ring of what you don't know won't hurt you.

Sony can kiss my rootkit... hows that for Technobabble

Al

Here is more fun...
http://www.vnunet.com/vnunet/news/21463 ... y-root-kit
"All Bibles are man made" - Thomas Edison
User avatar
algrinch
CD-RW Player
 
Posts: 133
Joined: Fri Sep 05, 2003 2:15 pm
Location: London, ON Canada


Return to The Beer Garden

Who is online

Users browsing this forum: No registered users and 1 guest

All Content is Copyright (c) 2001-2024 CDRLabs Inc.