More on the Sony XCP DRM (Rootkit)



Freedom-to-tinker.com has some good detailed analysis on Sony’s (mis) use of GPL software in their XCP DRM (Digital Rights Management) software that’s been at the center of somewhat of a firestorm the last couple months. DRMS was the source of the code that was allegedly misappropriated, but the puzzle was why a Digital Rights Management removal bit of software was used in Digital Rights Management software to begin with…


The answer is that XCP utilizes the DRMS code not to remove Apple DRM but to add it. I’ve discovered that XCP uses code from DRMS as part of a hidden XCP feature that provides iTunes and iPod compatibility. This functionality has shipped on nearly every XCP CD, but it has never been enabled or made visible in the XCP user interface. Despite being inactive, the code appears to be fully functional and was compatible with the current version of iTunes when the first XCP CDs were released. This strongly suggests that the infringing DRMS code was deliberately copied by XCP’s creator, First4Internet, rather than accidentally included as part of a more general purpose media library used for other functions in the copy protection system.

Technical details and more musings at the above link.

Related Posts

Blog Traffic Exchange Related Posts
  • Sunncomm/MediaMax software fix released What a long journey it's been and there is progress in the Sony DRM story. The main issue in the Sony controversy was the XCP DRM software (Digital Rights Management) which was made by first4internet. However, as the first rootkit was discovered, questions began about the MediaMax software (made by......
  • More Fake security sites More sites that claim to be windows security center or the like are popping up... a list: securitycaution(dot)com dnserror404(dot)com todaywarnings(dot)com updatesystempage(dot)com yoursecuritysystem(dot)com From sunbeltblog. There's a post at sysinternals about the bogus security software that's out there. Spyaxe, among others, pose as "antispyware software" and bring along more problems than......
  • Sun Java security updates/ Windows software update rant... Incidents.org has the story on Sun's release of new versions of the Java Runtime Environment and the Java SDK to fix some remote security vulnerabilities. These security vulnerabilities could allow malicious, untrusted code to compromise a user's computer. Sun recommends that users update to the newest version of the SDK......
Blog Traffic Exchange Related Websites
  • SANS Baltimore 2011, Baltimore, MD, Save $250 until September 7   This is your final reminder that SANS will be hosting hands-on security management, technical security, and computer forensics training at SANS Baltimore 2011 October 9-15! * Register & pay for any five- or six-day course by Wednesday, September 7, 2011, to receive up to a $250 discount and get......
  • Why I Don't Use Web or Mobile Personal Finance Software With the rise of web based and mobile financial tools, I've been something of a late adopter. Actually, I'm more of a "no" adopter. Sure, I trade a few stocks online or I'll purchase a few gifts using a one time use only credit card number, but other than that,......
  • Solidifying WP Security Designed with PHP, and powered by mySQL directories, WordPress is used by an amazing 8.5% of all websites. Web delivered spyware and web page hacking are becoming progressively more common. With such a lot of web content using WordPress as a CMS, any security weaknesses in the CMS structure or......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site