Sony’s DRM song sounding worse by the day



Well, let’s see…. I didn’t cover the original story since I was covered up with other work, but let me take a stab at starting from the beginning before I tell you how it’s gotten worse. It seems that SONY is concerned about piracy and computers being the tools of pirates (of course, everyone that uses a computer to listen to music is a pirate right?…) they came up with a clever way to put a stop to the piracy of their music. There would be a piece of software on every sony music cd that would install and run quietly in the background invisible EVEN TO WINDOWS that would prevent the inevitable. It would prevent the user from copying the disc and sending it out en masse.


The first chapter in this story can be found at the security fix. It looks as though the rootkit that sony had so cleverly designed hid any file starting with $sys$ in it’s name, which meant that anyone knowing that could hide ANY file from the operating system by having the first 5 characters be $sys$. I can hear the script kiddies re-writing virus files now. What’s worse is there was no way to uninstall it. The BEST I read was that removing the files in question rendered the cd drive unusable, but I also heard reports of a completely wrecked windows install. What’s even more fun is that installing it on Vista caused the OS to break miserably.

Interesting to find out that one researcher was still able to rip the cd audio in spite of this rootkit (by trying to rip before the rootkit installed)

It seems the only way to get it off was to call sony, explain why you want to get rid of the thing… be directed to a website with an activex control that identified the rootkit, be directed to a download link to get an uninstaller. Since then sony has released an uninstaller to get rid of the rootkit.

That pretty much brings us to today.

Now, it turns out the uninstaller is buggy and doesn’t work correctly. According to sysinternals the uninstaller can lead to a crashed system and data loss. Also from the Security Fix “The folks at Computer Associates also looked into the patch, and found that “it has a broken uninstall that removes the rootkit in a way that can cause Windows to crash.”" And it appears that the software sends IP address and cd listening information back to sony (without permission from the user). (In all of this do I hear class-action?)

I wouldn’t be surprised if it gets worse before it gets better. The Security Fix was also reporting on someone researching whether the rootkit had any remotely exploitable “features”. It may be that this trojan will continue to be a big headache for some time to come.

Update 7:15PM EST….
It appears that SONY DOES have a lawsuit on their hands over the issue. Thanks to the Sunbeltblog. Correction 11/8/05 – there is NO lawsuit yet, the sunbeltblog has issued a correction, an Italian group merely filed a complaint over Sony’s practices.

Update 11/8…

There is more coverage at Spyware Confidential.

Update again 11/8…

There now IS a lawsuit filed in California court it is a class action, another suit expected to be filed Wednesday in New York. The securityfix has the details. It’s alleged that the software violates 3 California statutes. It’s funny, I wonder given that you can’t put a real figure on what piracy of these albums would cost Sony (I know they estimate, but how accurate can that be?), will it really have been worth it to implement this draconian type of DRM?

Related Posts

Blog Traffic Exchange Related Posts
  • Sony rootkit settlement Here's a followup to one of the first big stories that I posted on... the Sony rootkit - there has been a settlement with the FTC (Federal Trade Commision). It has yet to be approved but, affected customers could see up to $150 to cover cost of repair (rootkit removal/etc.)......
  • EFF gives up on DMCA exemption process There's a story over at PC Pro, that says the EFF (Electronic Frontier Foundation) has given up on the process for obtaining exemptions from the DMCA (Digital Millennium Copyright Act). They claim that the three year exemption period is meaningless. All of their requests for exemptions have been declined. Including......
  • The CD is dead.... I'm tempted to say "long live the cd...", but... EMI's CEO has declared that the CD is dead. He does point out that you're not likely to give your Aunt an iTunes download, so "dead" just means "in decline" in this parlance. However, I can't help but laugh to myself......
Blog Traffic Exchange Related Websites
  • How to File Your Taxes for a Recent Graduate This post is part of a three post series which walks a recent graduate through filling out their W-4 and filing their taxes. After these three posts, recent grads should be squared away with Uncle Sam come April. Post 1: How To Fill Out A W-4 For A Recent Graduate......
  • Review of Windows Live Writer When you find a tool that makes life easier, there is nothing more exciting. The need for corporations to simplify and systematize their processes has to do with working smart and taking advantage of things that allow workers to reach their goals without having to work quite as hard. One......
  • 1 Month Late or Worse Curves by Credit Grade (August 1, 07 Update) This is an update to my original 1 month late or worse curves. I believe we are starting to see the continued flattening of the curves.  Time will tell. I have pulled the public data on the performance tab by hand in order to produce a spreadsheet of loan performance.......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site