Sony’s DRM song sounding worse by the day



Well, let’s see…. I didn’t cover the original story since I was covered up with other work, but let me take a stab at starting from the beginning before I tell you how it’s gotten worse. It seems that SONY is concerned about piracy and computers being the tools of pirates (of course, everyone that uses a computer to listen to music is a pirate right?…) they came up with a clever way to put a stop to the piracy of their music. There would be a piece of software on every sony music cd that would install and run quietly in the background invisible EVEN TO WINDOWS that would prevent the inevitable. It would prevent the user from copying the disc and sending it out en masse.


The first chapter in this story can be found at the security fix. It looks as though the rootkit that sony had so cleverly designed hid any file starting with $sys$ in it’s name, which meant that anyone knowing that could hide ANY file from the operating system by having the first 5 characters be $sys$. I can hear the script kiddies re-writing virus files now. What’s worse is there was no way to uninstall it. The BEST I read was that removing the files in question rendered the cd drive unusable, but I also heard reports of a completely wrecked windows install. What’s even more fun is that installing it on Vista caused the OS to break miserably.

Interesting to find out that one researcher was still able to rip the cd audio in spite of this rootkit (by trying to rip before the rootkit installed)

It seems the only way to get it off was to call sony, explain why you want to get rid of the thing… be directed to a website with an activex control that identified the rootkit, be directed to a download link to get an uninstaller. Since then sony has released an uninstaller to get rid of the rootkit.

That pretty much brings us to today.

Now, it turns out the uninstaller is buggy and doesn’t work correctly. According to sysinternals the uninstaller can lead to a crashed system and data loss. Also from the Security Fix “The folks at Computer Associates also looked into the patch, and found that “it has a broken uninstall that removes the rootkit in a way that can cause Windows to crash.”” And it appears that the software sends IP address and cd listening information back to sony (without permission from the user). (In all of this do I hear class-action?)

I wouldn’t be surprised if it gets worse before it gets better. The Security Fix was also reporting on someone researching whether the rootkit had any remotely exploitable “features”. It may be that this trojan will continue to be a big headache for some time to come.

Update 7:15PM EST….
It appears that SONY DOES have a lawsuit on their hands over the issue. Thanks to the Sunbeltblog. Correction 11/8/05 – there is NO lawsuit yet, the sunbeltblog has issued a correction, an Italian group merely filed a complaint over Sony’s practices.

Update 11/8…

There is more coverage at Spyware Confidential.

Update again 11/8…

There now IS a lawsuit filed in California court it is a class action, another suit expected to be filed Wednesday in New York. The securityfix has the details. It’s alleged that the software violates 3 California statutes. It’s funny, I wonder given that you can’t put a real figure on what piracy of these albums would cost Sony (I know they estimate, but how accurate can that be?), will it really have been worth it to implement this draconian type of DRM?

   Send article as PDF   

Similar Posts