UPDATE BEWARE!!! Trojans on some Sony BMG music CDs

[Sam]

SHEESH!!! I dunno but I thnk an easy work around, is copy it to cassette. Then upload the cassette to the computer and rip the disc. Maybe not. That was my first thought. If nothing else you should be able to burn all the cassettes you would ever want, after all the cd doesn't know it is being recorded to tape.

Note last part of the article where Sony BMG are coming up witha workaround for it....
Rootkits EVADE ANTIVIRALS and are known to contain malware or spyware...

They want to protect their copyright but this is REEEEEEE-F'N-DICULOUS!!!
Note what it says in rare cases will not play on and what it names. Rare cases on all those devices???

I dunno about you but I certainly am staying away from any and all possible Sony BMG products that I possibly can and not just their cds. They have no right to install malware/spyware/ or anything else onto my computer without my knowledge.
*************************************************************

http://blogs.zdnet.com/BTL/?p=2092&tag=nl.e589

November 1, 2005

Sony Music CDs surreptitiously install DRM Trojan horses on PCs Posted by David Berlind @ 8:56 am

Reports are beginning to turn up around the Web that discuss how certain CDs from Sony Music come with a Trojan horse-based digital restrictions management (DRM) technology that surreptitiously installs itself as a rootkit on Windows PCs. When software surreptitiously installs a rootkit, it's usually doing so to cover its tracks — a technique commonly associated with malware such as viruses and Trojan horses. Rootkits generally latch themselves onto the foundation or "roots" of an operating system in a variety of ways that not only prevent their detection, but also their extraction. According to the Wikipedia's definition," a rootkit is often used to hide utilities used to abuse a compromised system."

In a scary entry on his Sysinternals Blog posted yesterday (Halloween), Mark Russinovich provides an incredibly detailed account (many screen shots) of how his testing of the latest version of RootKitRevealer (a utility for exposing any installed rootkits) led to his own shocking discovery — that a rootkit had been surreptitiously installed on his own system. Wrote Russinovich of his surprise, "Given the fact that I’m careful in my surfing habits and only install software from reputable sources I had no idea how I’d picked up a real rootkit, and if it were not for the suspicious names of the listed files I would have suspected RKR to have a bug."

Upon further investigation Russinovich traced the installation to his usage of a Sony BMG music CD (Vant Zant Bros. Get Right with the Man) that he purchased through Amazon.com. The CD's listing page on Amazon.com says the CD is copy protected, but makes no mention that the copy protection is enforced by way of surreptitiously installed software. According to some additional information regarding copy protection on Amazon's site:

This product limits your ability to make multiple digital copies of its content, and you will not be able to play this disc or make copies onto devices not listed as compatible. Content/ copy protected CDs should allow limited burning, as well as ripping into secure Windows Media Audio formats for playback with most compatible media players and portable devices. In rare cases, these CDs may not be compatible with computer CD-ROM players, DVD players, game consoles, or car CD stereos, and often are not transferable to other formats like MP3.

In rare cases? DVD players? Car CD stereos? Is Sony BMG nuts? This is another DRM trainwreck just waiting to happen. In the Berlind household for example, CDs are played exclusively through the central 6-disc DVD player that's a part of our whole-home theatre system. I can't imagine buying a CD only to learn it doesn't work. By the way, have you ever tried to return a CD after you open it? (maybe the "R" in DRM should be for "Ripoff"?).

According to Russinovich, when played on a computer, the music can only be played using playback software that comes packaged with the CD (the implication is that usage of the media player is what resulted in the surrepititious installation of the rootkit). Near the end of his thorough investigation Russinovich identifies at least one major problem that could result from Sony's employment of DRM in this fashion:

The entire experience was frustrating and irritating. Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files.

Another question that comes to my mind is, given the way rootkits intercept certain system level functions, what will happen when some other music label uses a rootkit that's different from the one used by Sony BMG. For example, if I already have one rootkit on my system that's intercepting specific system level functions and another CD installs a different rootkit that attempts to intercept the same system level functions (essentially overwriting the first rootkit), will that interfere with my ability to listen any of my DRM-protected CDs?

Russinovich isn't the only one who discovered the problem. ZDNet reader Barry Ritholtz pointed me to his own account (see DRM crippled CD: A bizarre tale in 4 parts) of an encounter with a DRM protected CD (also from Sony): Morning Jacket's Z. In his tale of DRM woe, Ritholtz points out another restriction that turned up in with the CD's Digital Restrictions Management technology. In what I'll refer to as the third trainwreck of DRM, he can't transfer the music to his iPod (I suspect that the same barrier to transferring music to the iPod will also prevent transfer to a Microsoft PlaysForSure-compliant device, but am not sure). Ritholtz then discovers that the artists (Morning Jacket) aren't exactly on-board with this idea and points to their official statement regarding the application of DRM technology to their music:

We at ATO Records are aware of the problems being experienced by certain fans due to the copy-protection of our distributor. Neither we nor our artists ever gave permission for the use of this technology, nor is it our distributor's opinion that they need our permission. Wherever it is our decision, we will forego use of copy-protection, just as we have in the past.

Z isn't the only band that's upset with the latest DRM developments. Last month, CNN.com reported how a member of the band Switchfoot whose DRM-protected CD debuted at No. 3 on The Billboard 200 was equally disappointed. Said Switchfoot guitarist Tim Foreman, "We were horrified when we first heard about the new copy-protection policy…. It is heartbreaking to see our blood, sweat and tears over the past two years blurred by the confusion and frustration surrounding new technology."

Even more demonstrative of the control points afforded to any market leading or dominating solution, the CNN story goes onto describe how Sony BMG is aware of the problems when it comes to transferring music from its DRM-protected CDs to iPods and is "urging people who buy copy-protected titles to write to Apple and demand that the company license its FairPlay DRM for use with secure CDs." Even though Apple's Fairplay may not have a monopoly yet, the company is behaving very monopolistically, an issue I discuss in another blog entry that I posted today.

What's even more ironic about the application of copy protection to music CDs is how the record label is now providing a workaround to defeat it. In Part IV of his personal saga, Ritholtz provides the text of a workaround that was sent to him via email. Of course, workarounds from the same people who applied the copy protection in the first place beg the question, why bother?

In response, Ritholtz is apparently doing more than declaring inDRMpendence as I have been urging ZDNet's readers to do. He taking the economic punishment I'm suggesting one step further by refusing to buy some of Sony's other products: namely a notebook and a big screen. Now if only the rest of us could follow suit….

[AlbatrossFlyer]

aren't Macs great

[12vmanRick]

aren't Macs great

Mac yes Macs no

[land_shark3]

Many WMV files have those already and have had them for a couple years.

Thank goodness for Zone Alarm and CounterSpy because they tell me every time something tries to change my ROOT directory, start up programs, or anything else involving the operating system.

[Sam]

Related article:

*************************************************************
http://computerworld.co.nz/news.nsf/new ... AD0009362A

Sony ships sneaky DRM software
News
Digital rights management is one thing but rootkits are something else. Robert McMillan reports
By Robert McMillan, San Francisco | Thursday, 3 November, 2005

Mark Russinovich couldn’t understand how the rootkit had sneaked onto his system. An expert on the internals of the Windows operating system, he was careful when it came to computer security and generally had a pretty good idea of what was running on his PC at any given time. And yet the security tool he was using to check his PC was pretty clear: it had found the “rootkit” cloaking software typically used by virus and spyware writers.

After a bit of detective work, Russinovich eventually tracked down the source: a Sony BMG Music Entertainment CD, entitled Get Right with the Man, performed by country music duo Donnie and Johnny Van Zant.

It turns out that Sony is using techniques normally only seen in spyware and computer viruses in order to restrict the unauthorised copying of some of its music CDs. Sony’s software, licensed by Sony from a UK company called First 4 Internet, has become the basis of a dispute that once again pits computer advocates against an entertainment company experimenting with new ways to prevent unauthorised copying of its products.

Sony has been using First 4’s XCP (Extended Copy Protection) software since early 2005 as a copy protection mechanism for some of its music CDs, according to Sony spokesman John McKay. He could not say how many of Sony’s CDs currently use the XCP software but says it is one of two digital rights management products used by the company. The other is SunnComm’s MediaMax software, he says.

The XCP software prevents users from making more than three backup copies of any CD and Sony puts an XCP notification on the back of CDs that use the mechanism, according to Mathew Gilliat-Smith, First 4’s chief executive officer.

Although the Van Zant CD software came with an end user licence agreement (EULA) informing him that he would be installing software that would reside on his PC until removed, Russinovich, who works as chief software architect with systems software company Winternals Software, says he never expected to be installing a product that would then prove to be virtually undetectable and extremely difficult to remove.

Sony’s McKay believes that the disclosures in the licence agreement are adequate. “I think the EULA’s pretty clear about what it is,” he says. “The reason why consumers have really high acceptance levels of these content-protected disks is because they have the functionality that people want.”



The First 4 software does nothing malicious and can be uninstalled, should the user want to remove it, McKay says.

That uninstall process is not exactly straightforward, however, and cannot be done through the Windows “Add or Remove Programs” utility in the Windows control panel.

When asked for instructions on how to uninstall the software, McKay directed Computerworld to a section of the Sonybmg.com website where users could ask Sony customer support for uninstall directions.

Although many computer users may not care much about the finer points of EULAs, people like Russinovich say Sony’s software calls a more important issue into question: who gets to have control over your computer?

“When something like this installs and doesn’t advertise itself, you’ve lost control of your own computer,” he says. “And the EULA description that they’ve presented doesn’t let you make an educated decision about whether you’d want this installed or not.”

Ironically, the invasiveness of the XCP software punishes users who pay for their music, says Fred von Lohmann, staff attorney with the Electronic Frontier Foundation, a digital rights advocacy organisation based in San Francisco. “They are installing software in a way that makes it very difficult for you to know what was installed and makes it very difficult to uninstall it. And, worst of all, the software is not very well written,” he says. “I think most computer users will find that to be very outrageous.”

Lawyers might also be interested in the software, von Lohmann says. The EFF attorney says a lawsuit is conceivable. “Sony is using a piece of your computer in a way that you didn’t expect or authorise,” he says. “Depending on how clearly this was disclosed some consumers may be able to make an argument that this is actually an unauthorised intrusion,” he says. “It’s not beyond the realm of possibility that Sony BMG could be liable for this.”

In 2001 the other provider of Sony copy protection software, SunnComm, was involved in a lawsuit that alleged the company’s software, which was then being used by Music City Records, did not adequately notify consumers of its capabilities.

In the long term, Sony appears to be moving away from the techniques that have incensed Russinovich.

First 4’s Gilliat-Smith says his company has spent the last month developing a new version of the XCP software that does not use the controversial rootkit techniques.

“We won’t use the same methodology that makes the software hidden in the way that people are concerned about,” he says.

Neither Gilliat-Smith nor Sony’s McKay could say when this new software would be appearing in Sony’s products or how many existing titles were shipping with the XCP software.

“This is a legitimate technology that we’ve been charged to produce,” Gilliat-Smith says.

“People who aren’t comfortable with the technology can apply to have the software removed.”

[Sam]

This is a blog from the guy that found it. He explains in detail how he found it and has screen shots of what he found. Definitely worth reading for the techies and at least a go through for everyone else.

There are many links in the article for various other information.

http://www.sysinternals.com/blog/2005/1 ... ights.html

[Sam]

More info:


*************************************************************


http://www.globetechnology.com/servlet/ ... echnology/

Sony takes heat over rootkits

By JACK KAPICA

Wednesday, November 2, 2005 Posted at 2:57 PM EST

The on-line community is buzzing about a cloaking device favoured by hackers being put to use by a company everyone knows: Sony-BMG Corp.

The Japanese giant is being accused of surreptitiously planting "rootkits" on people's computers to enforce digital rights management policies on music CDs.

According to Mark Russinovich, a Windows expert at a U.S. company called Sysinternals, which does deep-level software analysis, some of Sony-BMG's music CDs install antipiracy software that uses methods typically used by hackers and virus writers to hide malicious programs and prevent users from uninstalling them.

These tools are called by the generic name of "rootkits,' which hackers commonly use to cover their tracks after breaking into someone' computer. Typically, they are designed to make sure common PC tools cannot see whatever has been planted on the victim's machine. Properly written rootkits can be extremely difficult to remove, and it is often easier to erase and reformat an entire drive than to attempt to remove one.

When Mr. Russinovich ran a new Sysinternal diagnostic program called RootKitRevealer, he discovered one on his own system, which he had believed to be a clean system. And when he tried to remove the rootkit, he also inadvertently erased the system files that run his CD-ROM drive.

The Sony program drivers load in Safe Mode, which makes fixing the system extremely difficult. It's possible that the simple act of removing the rootkit would sabotage the entire operating system.

Sony is not installing these rootkits secretly; its anti-piracy program installer pops up if you try to play one of their content-protected CDs. Users must agree to install it, or it won't allow the CD to be played; and once it is installed, users find there is no "uninstall" feature.

There is a tortuous way to uninstall the software, Mr. Russinovich said, but it involves contacting Sony-BMG directly via a Web form to request it be removed. Sony-BMG then interviews the user about the reasons for wanting the software removed, and, if Sony is satisfied with the answer, the user is directed to a website that installs an ActiveX program into Microsoft's Internet Explorer, which in turn reports the version of the installed rootkit back to First4Internet. Then First4Internet sends an e-mail containing a link to another site, which installs something else yet again on the user's computer that uninstalls the Sony program.

Sony's use of the rootkit technology came to light recently when the Finnish anti-virus company F-Secure examined suspicious files a customer found on his computer when using F-Secure's Blacklight anti-rootkit software.

F-Secure found text strings buried in the hidden files that pointed to a company called First4Internet, a company that makes software used to protect Sony's CDs and is controlled by former Sony executives.

F-Secure director of antivirus research Mikko Hypponen hit the alarm switch when he said that hackers could take advantage of Sony's software to hide their own files, even from antivirus software.

"While I believe in the media industry's right to use copy protection mechanisms to prevent illegal copying, I don't think that we've found the right balance of fair use and copy protection yet," Mr. Russinovich said in his website reporting on his attempts to rid a machine of the rootkit. "This is a clear case of Sony taking [digital rights management] too far."

No sooner had the news of Sony's use of rootkits to protect its digital rights hit, when on-line news site Computerworld reported that links leading to a worm that eventually implants a "nasty" rootkit on a user's computer are popping up on America On-line Inc.'s Instant Messenger network, passed through instant messages on a person's Buddy List and in AOL chat rooms.

Clicking on the link starts a worm called Sdbot-ADD, which then installs the rootkit. The code allows an attacker to monitor the computer and upload or download files, and attempts to shut down antivirus programs. The rootkit connects to an Internet relay chat server and waits for remote commands.

But there is nothing malicious about the Sony cloaking software, First4Internet told a reporter at CNET News. The rootkit is not a risk, the company said, adding that it had worked closely with Symantec and other antivirus companies to ensure it was not malicious. First4Internet admitted the cloaking function was designed to be difficult to hack the rights protection.

The company dismissed the prospect of hackers exploiting its rootkits for their own purposes as an "academic" concern.

But F-Secure's Mikko Hypponen is doubtful. "Right now if you have this on your system, there is no real-world risk just because of this," he said, "but it would not be too far-fetched that some virus writer would try to take advantage of this."

It is not yet known how First4Internet's rootkit will respond to a newer generation of anti-spyware products designed to root out rootkits. One of these will be released soon by Microsoft Corp., which announced less than a month ago that its new enterprise-class anti-spyware product not only evicts viruses and worms, but also rootkits.

The new offering, dubbed Microsoft Client Protection, will go into limited beta before year end with a full rollout expected in 2006.

The Microsoft anti-rootkit initiative was made a centrepiece of the company's Strider project, part of its response to vociferous criticism of being vulnerable to hacker attacks. The company's emphasis on destroying rootkits is a measure of how seriously Microsoft takes the threat.

[Ilph]

Well, I think I'll be holding off on buying any more CDs from Sony/BMG

[Jahfin]

I didn't see this mentioned in the articles but I only quickly glanced through them. Are Sony/BMG CDs only available through a club or are they out on the market as a whole now?

[Cousin Baxter]

Yes! Fight on Trojans. Another National Championship!!! Oh, wait are we talking about something else?

[flyboy55]

n n

[Ilph]

Hey! I thought this was gonna be a thread about rubbers/raincoats!

Oh well. BTW, keep up the good work Sam!

Cheers.

Oh, NOW I get it!

[Sam]

Yes! Fight on Trojans. Another National Championship!!! Oh, wait are we talking about something else?

Oh most definitely yeas talking of something else. This trojan will not keep you safe and has the potential to cause you and your computer's data harm. Simple enought to protect you and your computer from.....
BOYCOTT SONY BMG!!!! Do not buy any of their cds or dvds or other products!!! Your choice.Your risks. You decide!!!

[Sam]

What dogs think of Sony BMG......

[Sam]

Too litle too late. Who knows what they have in that patch?? it only tells you how to find it is all. It does not tell you or nor does it remove the bug Sony BMG installed WITHOUT telling you/us.



Sony BMG


*************************************************************

http://www.forbes.com/business/services ... 15206.html

Update 2: Sony Unit to Distribute Software Patch
11.02.2005, 11:23 PM

After a chorus of criticism, Sony Corp.'s music division said Wednesday it is distributing a free software patch to reveal hidden files that automatically installed to hard drives when some of its music CDs were played on personal computers.

The offending technology was designed to thwart music piracy.

Sony BMG Music Entertainment and its partner, UK-based First 4 Internet, said they decided to offer the patch as a precaution, not because of any security vulnerability, which some critics had alleged.

"What we decided to do is take extra precautionary steps to allay any fears," said Mathew Gilliat-Smith, First 4 Internet's CEO. "There should be no concern here."

The controversy started Monday after Windows expert Mark Russinovich posted a Web log report on how he found hidden files on his PC after playing a Van Zant CD. He also said it disabled his CD drive after he tried to manually remove it.

Russinovich made the discovery while running a program he had written for uncovering file-cloaking "RootKits." In this case, the Sony program hid the antipiracy software from view. Similar technology also has been used by virus and worm writers to conceal their code.

A firestorm quickly erupted over what appeared to be an attempt by the music company to retain control over its intellectual property by secretly installing hidden software on the PCs of unsuspecting customers.

Making matters worse, Sony did not disclose exactly what it was doing in its license agreement, Russinovich said. It only mentions that proprietary software to enable copy protection would be installed. The software affects only PCs running the Windows operating system.

"The (license) makes no mention that it's going to install something that's going to be hidden from view, that will constantly consume CPU resources even if I'm not listening to music and it will have no uninstall capability," he said.

Because the technology looks for a specific prefix in the filename, it also could be used by malware authors to mask their programs, Russinovich said. There's also the question of how a PC user is supposed to maintain a system that runs hidden programs.

"If you've got software on your computer that you can't see, there's no way for you to manage it from a security point of view," he said. "You don't know if you need updates for it. You don't know if you should uninstall it because you don't know it's even there."

Though there are no known problems with software, that could change and leave millions of unsuspecting PC users at risk of having their machines taken over by malware, said Ero Carrera, a researcher at F-Secure, a computer security firm.

"The code of the application is not exactly well done," he said. "I would tend to believe there are people already working on finding exploits."

The copy protection technology, which limits how many times a CD can be copied, was included on about 20 titles, including discs from The Bad Plus and Vivian Green, among others.

Gilliat-Smith and Sony BMG spokesman John McKay said the technology had been on the market for about eight months and there had been no major complaints prior to Russinovich's blog post. Still, a newer, similar technology was in the process of rolling out before the latest controversy erupted.

The patches that reveal the hidden files are being made available to antivirus companies as well as customers who visit the Sony BMG site. They do not remove the copy protection software, however.



In a test of the form late Wednesday, an e-mail confirming receipt was quickly returned by Sony BMG customer service, but it included no instructions on how to remove the software. The message promised another reply "shortly."

The process is unlike the vast majority of Windows software, which can be easily uninstalled - by the user, without permission - through the "Add or Remove Programs" tool in the operating system's control panel.

The controversy highlights the need for rules as to what content providers can and can't install on PCs to protect their property, said Russinovich, who is co-founder and chief software architect at Winternals Software, which specializes in advanced systems software for Microsoft Windows.

"We need to get some formality about what's legal, what's ethical and what's fair - and what level of disclosure there needs to be," he said. "It's fine for Sony to say we're not going to do that now. What kind of guarantee do we have they're not going to do it at a future date or that other companies are not going to do this?"

[Sam]

Keeps getting WORSE and WORSE for Sony BMG.



*************************************************************
http://www.theinquirer.net/?article=27426

Sony DRM is worse than you might think

Comment Active exploits and no help from Sony


By Charlie Demerjian: Thursday 03 November 2005, 09:40

SONY SCREWED UP WITH its rights removal to protect its profit margins philosophy and there is no way the use of rootkits can be justified.
Caught with its pants down, what did it do? Make things right? Heck no, it blamed the user, and doesn't do anything more than window dressing to deflect what are valid criticisms.

If you read the Sony PR spin masquerading as a FAQ here, the tepid responses it give are laughable. Number one states that the technology is used to prevent copying, but that is true for only Windows boxes, so why the discrimination? It only affects legitimate users. If you want to copy the music, all you need to do is hold down the shift key when inserting it and you are free to copy. That or have a non-Windows computer.

To make matters worse, a cursory check of the file trading networks shows that the Van Zant album is available for download on a whim. The pirates who don't want to pay will have no trouble getting it, but those who abide by the law will get punished. Also, if you look at FAQ Number 4 under equipment compatibility, it cuts iPod users out of the mix. Hmm, Sony only sells Windows based computers, and sells a competitor to the iPod. Sense a conflict of interest there that you are paying for?

So to Number 2. "How do I know if a Sony/BMG disc is" DRM infected? It says it is clearly marked on the label, and yup, it's right, it is. I went over to Best Buy tonight and found it on the label plain and clear. There was also absolutely no listing of rootkits being forcibly installed on your PC, and not being uninstallable, however.

There was no warning that you had to play it through their player, or that it would spit out the disc if you had programs open that it did not like. If you don't like these terms and rights removals, and you try to return it, those few places that will take back open recordings tend to charge a restock fee. In the case of Best Buy tonight, it is 15%, I asked. I don't think Sony will refund you that money.

Number four tells you to consult the EULA when you want to copy the disc. Which madhouse did we step into that now means a CD needs a EULA? I stopped buying CDs so I wouldn't have to give money to rapacious weasels years ago, and none of the CDs I own have a EULA on them. It is madness. So, at Best Buy tonight, I tried to consult the EULA before I bought the Van Zant CD.

It wasn't on the CD package, not on the shelves near by, and the blue shirted aisle trolls had no idea what I was talking about. No, they could not provide me with one, I did ask though. So, if you are dumb enough to buy a Sony CD, and don't want to rootkit your machine, you can't find out beforehand, have to agree to a one sided contract that you can't read before you say yes, and can't get your money back. Wonderful, thank you Sony.

The last part of the FAQ is Number 6, which claims that its CDs are not spyware/malware infected. The prefix 'mal-' according to Merriam-Webster means 1) bad 2) abnormal 3) inadequate. -ware is short for software. This means malware is defined as bad software.

If you look at the Sony rootkit, it does several things. It strips you of your rights, it potentially causes your computer harm, it breaks your computer if you remove it, and eats your CPU time. All of these things are bad, no question there. It also does the end user no good in any way, shape or form, not even by the most demented stretch of the imagination. It only hurts those who spent money to buy it.

It does Sony no good either because the files are rippable on a whim by anything more intelligent than a half-drunk monkey. So, you have software that does you flat out harm, and no good for the producer. What isn't malware about this, and how can Sony claim this? This is the service pack from hell.

If you want to look at this another way, take a different example. Imagine that you walked up to a person that you know and said: "Hey friend, check out this new cool CD I made". He drops it in his computer, and without his permission, it installs a rootkit on his machine. Good joke, right?

Say you want to remove the Sony stuff. According to no less a source than The Washington Post, the bare minimum you have to do to remove the rootkitted DRM infection is give up your privacy. If you go to the Sony page, here, you have to give Sony your email at the very least, and according to the WP story, Sony then grills you about your reasons for not liking being rootkitted.

So, if you want to remove it, go here and click the link. Don't use Firefox though, it won't work, it's Internet Explorer only. If you are concerned enough about security, you probably know enough not to use IE. Once again, brilliant Sony, just brilliant.

The funniest part is that you don't actually remove the software with this tool, only make it visible, and you are still infected up and down with DRM. Should you be lucid enough to realise that you don't want this crap within a few miles of your system, you have to go through the grilling process above. Want to make it seem even more surreal? If you remove the malware and DRM infection, you can't play the CD anymore. Nope, the money you spent on Sony products is gone. Mal-way or the highway.

If you try to remove it yourself, you risk breaking your optical discs, or it kills them for you. Mark from Sysinternals is more than smart enough to figure out how to fix this, but are you? Off the top of your head, how do you do that again, no looking it up? To make matters worse, it installs itself so it runs in safe mode, and if it conflicts with something, you are really hosed. Sony's response? "This component is not malicious and does not compromise security.". There are already exploits out there that take advantage of this.

Sony compromised your system and will not directly allow you to remove it without compromising your privacy. It also will not replace your defective CDs with non-infected ones. If you hose your computer or network with this infection, and want to play your music, do not pass go, do not collect $200. Really, it won't help customers who simply don't want this, read #3 in the FAQ.

Sony is generously working with anti-virus companies on this. Now, this means to deal with the problem, you have to know it's there, and that's kind of hard because the malware rootkit that Sony infects you with is designed to prevent this.

Now, let's just pretend we don't realise that the the antivirus companies themselves are not complicit. If you want to mass-rootkit people, just ask Symantec beforehand. Look at what Cnet had to say about it. "The creator of the copy-protection software, a British company called First 4 Internet, said the cloaking mechanism was not a risk, and that its team worked closely with big antivirus companies such as Symantec to ensure that was the case." But there are active exploits already, as we pointed out earlier.

All this makes you wonder a lot about Microsoft's upcoming security software, doesn't it?

So, rather than come clean, Sony minimises the problem, blames the user, and refuses to help you out. If you have CDs infected with this rootkit and DRM, Sony has to replace them. They are, flat out, a danger to computing. Don't believe me? Look at that Washington Post article again. The head of F-Secure says that the Sony malware, when running on Windows Vista "breaks the operating system spectacularly". Nope, that can't be right, just ask Sony, because it said so in the FAQ. It won't fix the problem, they won't let you work around it legally and still listen to the music you paid for, and won't help you.

As of four hours ago, these things were still on the shelf at Best Buy.

To end on an up note, just think about these two things. What you are seeing is the light and happy side of rights removing DRM infections. There is a bill going through congress to remove more of your rights. Yes, they can't control the analogue hole, and can't legally force you to bow to them, so they are buying government to change the laws and accomplish both goals. No good will come to the end user because of this, but it sure will make a lot of people rich.

More happy news? These merchants are designing the next generation drives called Blu-Ray with much more DRM built into the hardware. It is bad enough to make me back the views of Bill Gates on the subject with absolute open arms. These are scary times people, and if we let Sony get away with this now, it will only get worse and harder to stop later.

on Sony BMG

[Ilph]

too.... many..... words.....

[Sam]

Here is a list of 19 of the affected CDS.


Note there are links within the article you may want to see. So visit the site, if you can

*************************************************************
http://news.zdnet.com/2100-1040_22-5944549.html?tag==nl
Are these the Sony rootkit CDs?By Graeme Wearden, ZDNet (UK)
Published on ZDNet News: November 10, 2005, 12:03 PM PT

The Electronic Frontier Foundation (EFF), a cyber-rights group, said on Wednesday that it identified 19 Sony CDs containing a rootkit application that disguises the company's invasive copy-restriction technology.

The software is hard to remove from a PC without causing damage and can be used to hide malicious code; antivirus vendors warned on Thursday afternoon the first malicious software to exploit it has been found.

The discovery of Sony's CD rootkit kicked off a furor, but the company has not said which CDs contain the DRM protection.

According to the EFF, the following CDs contain the DRM in question:

• Trey Anastasio, Shine (Columbia)
• Celine Dion, On ne Change Pas (Epic)
• Neil Diamond, 12 Songs (Columbia)
• Our Lady Peace, Healthy in Paranoid Times (Columbia)
• Chris Botti, To Love Again (Columbia)
• Van Zant, Get Right with the Man (Columbia)
• Switchfoot, Nothing is Sound (Columbia)
• The Coral, The Invisible Invasion (Columbia)
• Acceptance, Phantoms (Columbia)
• Susie Suh, Susie Suh (Epic)
• Amerie, Touch (Columbia)
• Life of Agony, Broken Valley (Epic)
• Horace Silver Quintet, Silver's Blue (Epic Legacy)
• Gerry Mulligan, Jeru (Columbia Legacy)
• Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
• The Bad Plus, Suspicious Activity (Columbia)
• The Dead 60s, The Dead 60s (Epic)
• Dion, The Essential Dion (Columbia Legacy)
• Natasha Bedingfield, Unwritten (Epic)


The EFF says it is likely that other CDs also contain the application, although Sony told ZDNet UK last week that discs containing this DRM software had not been distributed in the U.K.

The EFF took a dim view on Sony's actions. "Entertainment companies often complain that fans refuse to respect their intellectual property rights. Yet tools like this refuse to respect our own personal property rights," EFF staff attorney Jason Schultz said in a statement.

"Sony's tactics here are hypocritical, in addition to being a security threat," Schultz added.

[hawaiiboy]

Thanks for the info Sam

[ragtopW]

I thought I saw a news blurb on the Plane from ATL that Sony
has stopped this.