CDRLabs.com

Your source for storage related news and reviews.
http://www.cdrlabs.com/forums/

Sony may take over your PC

http://www.cdrlabs.com/forums/sony-may-take-over-your-t20714.html

Page 1 of 1

Sony may take over your PC

PostPosted: Thu Nov 03, 2005 3:16 pm
by MediumRare
DRM seems to be running wild. :o This is a couple of days old, but I just read about it at heise (here and here).

Apparently some Sony CD's with DRM protection install a root kit on your computer and monitor file activity!

Mark Russinovich at Sysinternals found this while testing his Rootkit Revealer. See his report: Sony, Rootkits and Digital Rights Management Gone Too Far

G

PostPosted: Thu Nov 03, 2005 4:46 pm
by dodecahedron
:evil: :x

PostPosted: Thu Nov 03, 2005 4:57 pm
by eric93se
Great find! I hope someone can write a kill program. Activity like that should be illegal, our right to privacy has been long lost.

PostPosted: Thu Nov 03, 2005 5:21 pm
by dodecahedron
posted on the Register.
http://www.theregister.co.uk/2005/11/01 ... otkit_drm/

never been a great fan of Sony, though i do like some of their stuff and do own some.
will never again purchase any sony product.

PostPosted: Fri Nov 04, 2005 12:04 am
by Ian
eric93se wrote:Great find! I hope someone can write a kill program.


Here's one:

http://updates.xcp-aurora.com/

I was watching that stupid "Attack of the Show" on G4 tonite. The chick on their was taking credit for Sony backpedaling on all this. Uh yeah.. whatever.

PostPosted: Fri Nov 04, 2005 8:51 am
by aviationwiz
I thought activity like that *WAS* illegal. But does it secretly upload the information? Or does it just sit there monitoring your usage?

PostPosted: Fri Nov 04, 2005 10:45 am
by dolphinius_rex
Sony's released a removal tool now:
http://cp.sonybmg.com/xcp/english/updates.html

PostPosted: Fri Nov 04, 2005 5:57 pm
by MediumRare
dolphinius_rex wrote:Sony's released a removal tool now:
http://cp.sonybmg.com/xcp/english/updates.html

It doesn't remove the root kit- it just deactivates the cloaking, so you can see that it's there. See The Register: http://www.theregister.co.uk/2005/11/03/sony_rootkit_drm/

There are also exploits piggybacking on this: a World of Warcraft cheat: http://www.theregister.co.uk/2005/11/04/secfocus_wow_bot/

I think Sony has to a lot more backpedaling! :evil:

G

PostPosted: Tue Nov 08, 2005 3:50 am
by algrinch
Here is an interesting read from Security Now.

http://www.grc.com/sn/SN-012.pdf

or you can listen at http://www.grc.com/sn/SN-012.mp3

They are talking about this Sony Rootkit problem.

Here are a few quotes from the show...

" in trying to remove it, they damaged Windows and lost their CD-ROM drive completely, just disappeared."

"anything that begins with $sys$ gets hidden by this tool,"

"if this software became prevalent, that junior hackers who don't have the ability to create a rootkit themselves could simply name their files $sys$, and they'd all be - they would all disappear, courtesy of Sony's copy protection."


Nothing but the best from Sony...

PostPosted: Fri Nov 11, 2005 12:36 pm
by algrinch
More on the Sony Rootkit

Class action lawsuit filed in California....

"In other Sony BMG news, a slew of security firms warned Thursday of the first appearance of malware that uses Sony's rootkit to hide from anti-virus programs. "


http://www.informationweek.com/story/sh ... =173601761

PostPosted: Sat Nov 12, 2005 3:40 am
by dolphinius_rex
According to my sources, BMG has become rather pissed with Sony, and is now doing their replication elsewhere (not a Sony replication plant!) :o

One interesting thing about Sony replication plants, is that they are NOT IRMA compliant. Which means they do not require licensing documentation before replicating discs. This is VERY rare among plants registered as proper replicating facilities. Many shady companies I know of prefer to use Sony's replicating facilities for their jobs because they know that they don't have to worry about the content at all.

You THINK that Sony, as a representative of so many musicians, would be more interested in protecting their intellectual property!! But on the other hand, they put out these messed up copy protections.... it seems like they can't make up their minds on how they want to handle things! :o

PostPosted: Sat Nov 12, 2005 2:42 pm
by Dartman
They have no supposedly pulled the offending DRM crap off the market, Too bad they tried this at all and all ready 3 trojans were made to use the cloaking part.....

PostPosted: Sat Nov 12, 2005 3:48 pm
by dolphinius_rex
Dartman wrote:They have no supposedly pulled the offending DRM crap off the market, Too bad they tried this at all and all ready 3 trojans were made to use the cloaking part.....


It makes me glad I don't listen to new music at all! :wink:

PostPosted: Sat Nov 12, 2005 6:17 pm
by LoneWolf
Ian wrote:
eric93se wrote:Great find! I hope someone can write a kill program.


Here's one:

http://updates.xcp-aurora.com/

I was watching that stupid "Attack of the Show" on G4 tonite. The chick on their was taking credit for Sony backpedaling on all this. Uh yeah.. whatever.
G4 sucks. It's a real pity they bought TechTV, then tossed out the best it had to offer. When Comcast added several channels to my basic package, the two "notable" ones were ESPN2 (The Ocho! as we continue to call it) and G4. I still can't believe this channel hasn't died yet. So much of it is console, and too much of it is gaming.

As for the Sony bit, I'll be boycotting their products for some time to come. They haven't backpedalled enough yet as far as I'm concerneed, and their execs are obviously unrepentant (google for their comments, but it's essentially "Hardly anyone knows what a rootkit is, so why should they care?"), so even as far as they have retreated, you can bet they'll just try and come back with another stealthier method.

PostPosted: Sat Nov 12, 2005 7:05 pm
by Ian
The only show I still watch on G4 is X-Play. Even then, the games they're reviewing have been out for weeks or months. When they were on TechTV, they seemed to be a little more up to date.

PostPosted: Mon Nov 14, 2005 2:33 am
by Spazmogen
SONY's stopping its use for now.

Seems they're more worried about hackers cloaking programs with SONY's technology, than they are of disgruntled consumers.

As usual, I'm sure its a decision the legal dept made for them: how do we defend ourselves in court when a hacker uses this against a government or big busines (perhaps a SONY rival) ? SONY can't defend itself that easily.

PostPosted: Tue Nov 22, 2005 4:59 pm
by algrinch
Here is a list of the albums that contain the infamous sony rootkit

http://cp.sonybmg.com/xcp/english/titles.html

This topic has been covered in a number computer and security newletters that I read and it sure sounds like a miserable thing to have on your computer.

The latest rumour is that if you have autorun enabled when you insert the cd, the program installs itself and then displays the End User Licence Agreement for the software player. If you don't agree, the software remains present, but isn't active.

I disabled autorun a while back, I don't like it. Here is a nice guide for this task: http://www.annoyances.org/exec/show/article03-018

They also mention that holding down the shift key when inserting a CD will prevent the cd from autorunning a program.

In one article
http://channels.netscape.com/news/story ... tm&sc=1333
it was said that "Sony BMG initially rejected the uproar over XCP as technobabble." I like that word "Technobabble". Kind of has the ring of what you don't know won't hurt you.

Sony can kiss my rootkit... hows that for Technobabble

Al

Here is more fun...
http://www.vnunet.com/vnunet/news/21463 ... y-root-kit
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/