Sony to Help Remove its DRM Rootkit


Blog For Free!

Archives
Home
2008 July
2008 June
2008 May
2008 April
2008 March
2008 February
2008 January
2007 December
2007 November
2007 October
2007 September
2007 July
2007 June
2007 May
2007 April
2007 March
2007 February
2007 January
2006 December
2006 November
2006 October
2006 September
2006 August
2006 July
2006 June
2006 May
2006 April
2006 March
2006 February
2006 January
2005 December
2005 November
2005 October
2005 August
2005 July
2005 June
2005 May
2005 April
2005 March
2005 January
2004 December
2004 November
2004 October
2004 September
2004 August
2004 July

My Links
Global Warming: A Chilling Perspective
Watts Up With That?
Internet Haganah
Jihad Watch
Ponder the Maunder
The Dissident Frogman
Barking-Moonbat EWS
Just Barking Mad!
The Malaria Clock
Project Valour-IT
Islam: Turning everything it touches to Shi'ite since 632 AD...
10 Myths of Islam

tBlog
My Profile
Send tMail
My tFriends
My Images


Sponsored
Blog



Get Firefox!

Tell me when this blog is updated

what is this?


Click to Read


hacker emblem






Sony to Help Remove its DRM Rootkit
11.03.05 (6:05 am)   [edit]
By Nate Mook, BetaNews
November 2, 2005, 4:04 PM

When Mark Russinovich was testing his company's security software last week, he came across a disturbing find: a Sony BMG CD he purchased from Amazon had secretly installed DRM software on his PC and used "rootkit" cloaking methods to hide it. With the story sweeping across the Net, Sony is attempting to clean up its mess.

DRM, or digital rights management, is nothing new to CDs. Record companies began employing software to prevent users from easily transferring tracks to a PC after the explosion of file sharing activity that followed Napster's debut in 1999. But for the most part, the DRM was quite rudimentary and only required the pressing of the "shift" key to bypass.

Not so with Sony's latest batch of CDs from Switchfoot, Van Zant and others. Using technology developed by British software company First 4 Internet, the CDs limit the number of copy-protected backups that can be made. To enforce the restriction, software and drivers are installed without a user's knowledge when the CD is accessed.

Russinovich first discovered a hidden directory and several hidden device drivers -- none of which would show up in Windows Explorer. He soon found the driver responsible for the cloaking, which was designed to hide every file and location that begins with: $sys$.

After tracing the rouge software back to his recently purchased Van Zant CD, Russinovich attempted to uninstall the DRM, but to no avail.

"I didn't find any reference to it in the Control Panel's Add or Remove Programs list, nor did I find any uninstall utility or directions on the CD or on First 4 Internet's site. I checked the EULA and saw no mention of the fact that I was agreeing to have software put on my system that I couldn't uninstall," he wrote on his company's blog. "Now I was mad."

When he forcibly removed the software and registry entries by hand, Russinovich found his CD player was no longer functional. Further advanced registry hacking fixed the problem, but he noted that the vast majority of computer users would simply "cripple their computer" if they tried to delete the First 4 Internet DRM.

Although cloaking files and not providing a method of removal is not dangerous in and of itself, the case sparked a flurry of discussion online. Most users agreed that the actions of Sony and First 4 Internet questionable at best, and security experts warned of potential threats. For example, a virus writer could simply hide files by naming them using the $sys$ prefix.

For its part, First 4 Internet claimed the technology was only found on CDs from earlier this year and said it had created new methods to hide the DRM. Nonetheless, the company has decided to issue a patch to eliminate the cloaking and "allay any unnecessary concerns."

The patch will be made available for download from Sony BMG's Web site, with another offered directly to antivirus vendors. The DRM software will not be removed, however, only uncovered; that means users will still be unable to delete it without risk of rendering their CD drive inoperable.

Customers must contact Sony BMG support for removal instructions.

"While I believe in the media industry's right to use copy protection mechanisms to prevent illegal copying, I don't think that we've found the right balance of fair use and copy protection, yet," said Russinovich. "This is a clear case of Sony taking DRM too far."


Via BetaNews
0 Comments
 
Your Name:


Your Comment:


Locations of visitors to this page





Use OpenOffice.org

My computer geek score is greater than 100% of all people in the world! How do you compare? Click here to find out!




Get this widget!