In what's set to be 2005's hottest story yet Sony have been found to install illegal Trojan horse-based digital restrictions management (DRM) technology that installs itself as a rootkit on Windows PCs.
Users who purchase certain Sony Music CDs from online stores like Amazon are subject to this rootkit being installed on their machines. According to Sysinternals' Mark Russinovich the kit installs itself in hidden directories and attempts to mask its existence as "Essential System Tools".
What's more fun is that attempting to remove the rootkit with common tools that perform a RKR scan will render a Windows XP machine useslesss. "Users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files," Mark wrote in an online blog entry yesterday.
So what exactly is Sony playing at? Installing rootkit software that's not identified in its EULA and rendering machines useless if users try to remove the software! This is taking the RIAA effort a little too far.
View: Mark - Sysinternals Blog Entry
View: Sony Music
View: The Devil aka RIAA
Users who purchase certain Sony Music CDs from online stores like Amazon are subject to this rootkit being installed on their machines. According to Sysinternals' Mark Russinovich the kit installs itself in hidden directories and attempts to mask its existence as "Essential System Tools".
What's more fun is that attempting to remove the rootkit with common tools that perform a RKR scan will render a Windows XP machine useslesss. "Users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files," Mark wrote in an online blog entry yesterday.
So what exactly is Sony playing at? Installing rootkit software that's not identified in its EULA and rendering machines useless if users try to remove the software! This is taking the RIAA effort a little too far.
View: Mark - Sysinternals Blog Entry View: Sony Music View: The Devil aka RIAA
What's new:
- new: Remove old BIOS information compatibility option
- new: Keyboard layout and Language group unattended options
- update: .NET Framework 2.0 compatibility
- update: Redesigned few pages, more readable
- update: Smaller final size by compressing more files
- update: KB891957-x64, KB906569, KB899589-v2, KB900725 integration
- update: RVM Pack 2.0+ support
- fix: Missing DATA folder error message
- fix: Driver integration from read-only media
General
- new: Keyboard layouts
- new: Acm Core Codecs
- new: Network Location Awareness (NLA)
- update: NetDDE (back)
- update: Printer Support (removes spooler service)
- update: BlueTooth not dependable on Modem Support
- update: WMP connectivity not dependant on ICW
- fix: SCSI drivers component detection
Components
I'll continue with my pirated copies.
edit: oh btw, LOL @ The Devil
blu-ray looked like a better technology... but, this bodes poorly.
This will be integrated right into the driver, with no possibility of removal.
You can no longer trust Sony, at all.
Mark R. you rule
I'll wait some serious time before I buy a ps3, not to mention that sony cds can be downloaded
is it still considered illegal even if they state they might install some kinda security thingy on your system thru Sony's EULA?
It's not in the EULA that that is being installed. Thereofre it is illegal~
And now I am NOT a Sony fan ... I won't buy from them ever agian.
OKAYYY
iTunes?
Yes, itunes does install bloat, but at least it's easy to see. Itunes-helper etc show up in the process list, and you can disable them in the services menu.
Not the greatest setup, but at least you have access!
A kit for maintaining root; an automated cracking tool. What script kiddies use. After a cracker has first broken in and gained root access, he or she will install modified binaries such as a modified version login with a backdoor, or a version of ps that will not report the cracker's processes. This is a rootkit.
It's one of the several "touted as best by popular opinion" companies that I'll never buy from again.
Sony, take your retarded music players, computers, laptops, cameras, and music store and shove it so far up your ass it knocks off your teeth.
It's one thing if they want to protect their media by DRM, but it's a WHOLE different story if they both try to hide it, and disguise their dirty secrets under different names... I never liked Sony, but this crap takes the prize.
We have to make the distinction there that Sony didn't write this software, it's licensed from a third-party DRM company. However, it's outstandingly poor judgement from Sony to employee this copy protection without knowing all that it does. Or, if they DO know... it's just plain wrong, and as was suggested, would probably go against the Computer Misuse Act.
I honestly wish them luck in the future because they are gonna need it.
do you oversee sonys final production of CDs? Wait and see, tiny grasshopper.
And, I agree with you completely. Include BMG & Arista as well, as they're part of the sony family.
Now, this rootkit installs itself into the actual drivers for your cd/dvd drives... Makes me wonder what they put into their actual computers and drives.
You cannot trust anything by sony anymore.
The worst of all is that this is included in CDs actually BOUGHT legally in Amazon at online stores. So sad.
And to anyone who says "use the shift key etc", who seriously wants to remember to do that everytime they insert a certain music CD? One fatal slip of the memory, and it's in and from the blog entry, a pain in the backside to remove.
Autorun is one of the first things that goes off when I re install Windows. Along with automatic updates, hiding of file extensions and files/folders.
Message to Sony: don't bite the hand that feeds you.
This only affects Windows users? Bummer.
Thanks for the heads up!
I say it is buggy or not 100% stable because as Mark shows, this app after run uses 1-2% cpu usage is not acceptable when the content to be protected is not even on/in the machine.
BTW, not to start a flame war.. Some peope here are poking at Windows users.. Apparently they though the rest of teh computer users in the world were to small of a percentage to care about now.. But keep saying those thing, and we will get CDs that soon require some sort of Windows DRM based machine to even read the file system of the disk..
"High quality parts" is a phrase I'm only able to use sarcastically.
PS2s had a lot of various issues. Hunt around about mods or copied games. They'll list a bunch of variations on the hardware, each of which was due to a certain fix for something or other.
I think I'll buy a Gamecube soon. If only for the new Zelda.
I think the only important thing about a game console, from the manufacturer's point of view, is that it works for slightly longer than the warranty is good for.
I think it's time for some kind of legislation to stop this kind of activity, these corporations are out of control, they think they can get away with anything.
Personally, I hope Microsoft opens up a can and hands their asses to 'em. No, this is not 'omg lol ur xbox fanboy' style, this goes WAY beyond any silly little gaming dispute, this is the big time. Although, considering Microsoft are taking care of Spyware, and Sony are making Spyware, could this be Sony Vs. Microsoft on a whole new level?
This has personally left a foul taste in my mouth, and I refuse to buy any type of Sony endorsed CD, purely because of this. I mean, whats next, the PSP Media Manager having the same thing? WATCH OUT FOR YOUR PSPs!
I know Sony are assholes tat dig pretty low, but this is gawd awful. I hope they get whats comin' to'em.
Now, if anyone steps up to the plate, we get to test whether making a rootkit or a virus as a form of copy protection protects it under the DMCA!
Does this mean that if I create an NT rootkit, or a self-replicating virus as a form of copy protection, that I could sue the AV companies for trying to remove it?
Before you dismiss this off-handedly; In the purely legal sense, this is perfectly solid grounds. It's only when you inject subjectivity that a judge would rule against it.
As far as most of us can tell, you're 100% right. This is something that needs to be put to the test in court to see if it survives.
By the book, that'd be legal. But it hasn't faced a court challenge yet.
1) The rootkit potentially opens up a security hole on your system, since it sets up a way to hide files from the OS and the user. Imagine a worm built to exploit that...
2) Anyone looked at the DMCA lately?
US Law Title 17 section 1201:
Circumvention of copyright protection systems
(a) Violations Regarding Circumvention of Technological Measures.--
(1) (A) No person shall circumvent a technological measure that effectively controls access to a work protected under this title.
IANAL, but that makes it illegal to remove the rootkit.