Computer Tips -Tech Info

Once more in the continuing story…. According to freedom-to-tinker, the “fix” released today for the SunnComm/Mediamax DRM software (the “other” DRM software on sony/bmg discs). Is fatally flawed. The problem the software initially poses is much worse than the company lets on in their release and their advise is…. 1) don’t play a mediamax protected disc in your pc. 2)don’t use the fix, 3) don’t use the old uninstaller.

So, this was out, what…. 3, 4 hours before it was announced there were serious flaws with it? Ouch.

Here’s some of their analysis of the press release…

Alex Halderman has discovered that the problem is worse than the press release indicates:

You are vulnerable even if you decline the MediaMax license agreement. Simply inserting a MediaMax-bearing CD into your PC paves the way for an attacker to come along and set a booby-trap. The trap will be sprung the next time you insert such a disc.
SonyBMG has released a patch that purports to fix the problem. However, our tests show that the patch is insecure. It turns out that there is a way an adversary can booby-trap the MediaMax files so that hostile software is run automatically when you install and run the MediaMax patch.
The previously released MediaMax uninstaller is also insecure in the same way, allowing an adversary to booby-trap files so that hostile software is run automatically when you try to use the uninstaller.

(These attacks are similar to the exploit described in iSEC’s report, but they involve a different modification to the MediaMax files.)

And their summary of the flaw…

As we’ve written before, the first time you insert a MediaMax-bearing CD into your Windows computer (assuming you have Windows autorun enabled, as most people do), MediaMax installs some software on your computer. Once this initial software is on your computer, you are vulnerable to the new attack. The gist of the problem is that MediaMax installs itself in a directory that anyone is allowed to modify, even users who otherwise run with heavily restricted security permissions. Any program that comes along can modify your MediaMax files, booby-trapping the files by inserting hostile software that will be run automatically the next time you insert a MediaMax-bearing CD into your computer. And because MediaMax is run with full administrator privileges, the hostile program gets to run with full privileges, allowing it to inflict any mischief it likes on your PC.

Further they point out that the problems with MediaMax are JUST as bad as those with XCP and MediaMax protected discs should be recalled as well.

–update 12/8/05 1:57PM EST–

freedom-to-tinker talks today on this issue again. The problems with the DRM software is really from design straight through to implementation. Sony needs to recall their MediaMax discs too. The software installs whether or not you accept the terms and conditions.

Popularity: 1% [?]

   Send article as PDF   

• Remove SaveDefender | SaveDefender Removal SaveDefender is somewhat related to SafetyKeeper in look and feel which mimics the look and feel of the Windows Security Center (which is legitimate.) Safetykeeper creates multiple files on your machine that it later scans and claims are infected with viruses, trojans or other malware. It then scans and claims......
• How effective is the MediaMax copy protection? One of the sub-stories in all the Sony DRM mess of the last month with the XCP copy protection was that it was really an ineffective way of preventing copying of music anyway. In other words, you could press shift while inserting the cd to avoid the installer, then other......
• How to Remove SoftCop | SoftCop Removal Guide SoftCop seems to be another rogue antivirus entry in the quite prolific Wini family which includes such rogues as the recent Softsoldier (How to remove SoftSoldier), ( TrustFighter TrustFighter Removal Guide, TrustSoldier removal guide and the following others... SafeFighter (Safefighter Removal), TrustCop (TrustCop Removal Guide), SecureWarrior (SecureWarrior Removal), SecurityFighter (SecurityFighter......

• Creating a Blog Video Online About two years ago, blogging hit a surge that allowed its way into the mainstream, and now everybody is blogging for a wide variety of different reasons. Blogs resemble web-based public diaries of sorts, where the creator can record their thoughts, their opinions, questions and answers and essentially anything else......
• The Problems with Working Longer and Retiring Later Some Social Security reformers want to increase the retirement age from age 66, perhaps even to age 70. I don't think this would work for many, if not most American workers. This cost saving strategy is based on the assumption that increasing the retirement age would cause folks to work......
• Low Cost Computing for a Baby Boomer Lifestyle I rely heavily on personal computers for work and home activities. So do you. One of my objectives over the past couple of years has been to reduce the cost of computing in the one area where cost-control is easiest: software. I have found many free software applications that work......

Similar Posts

• Sunncomm/MediaMax software fix released
• Sony’s OTHER DRM software uninstaller will be pulled
• More on the MediaMax DRM software
• How effective is the MediaMax copy protection?
• OTHER Sony DRM software has security flaws too.

This entry was posted on Wednesday, December 7th, 2005 at 2:01 pm and is filed under Computers, Security. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.