Next Generation Emulation banner

Sony, Rootkits and Digital Rights Management Gone Too Far

5057 Views 118 Replies 21 Participants Last post by  __Xzyx987X
Story can be found here.

This really makes me feel glad I don't listen to any music being published by Sony, seeing it installs stuff worse than spyware on my computer.

There's a few interesting posts underneath the blog, I'll quote a few.

INAL, but this appears to be illegal in the State of California, punishable by a $1000 fine per computer affected.

California Business & Protections Code Section 22947.3, Paragraph C:

A person or entity that is not an authorized user, as defined in Section 22947.1, shall not, with actual knowledge, with conscious avoidance of actual knowledge, or willfully, cause computer software to be copied onto the computer of a consumer in this state and use the software to do any of the following:
(c) Prevent, without the authorization of an authorized user, an authorized user's reasonable efforts to block the installation of, or to disable, software, by doing any of the following:
(1) Presenting the authorized user with an option to decline
installation of software with knowledge that, when the option is
selected by the authorized user, the installation nevertheless proceeds.
(2) Falsely representing that software has been disabled.

This is some horribly written legislation (difficult to parse), but it appears that you must be able to specifically decline to install software (regardless of EULA conditions).

If this is a British company, or one which operates from the UK then they may have fallen foul of UK law, specifically the Computer Misuse Act 1990 as follows:

"3.-(1) A person is guilty of an offence if-
he does any act which causes an unauthorised modification of the contents of any computer; and
at the time when he does the act he has the requisite intent and the requisite knowledge.

(2) For the purposes of subsection (1)(b) above the requisite intent is an intent to cause a modification of the contents of any computer and by so doing-
to impair the operation of any computer;
to prevent or hinder access to any program or data held in any computer; or
to impair the operation of any such program or the reliability of any such data.

(3) The intent need not be directed at-
any particular computer;
any particular program or data or a program or data of any particular kind; or
any particular modification or a modification of any particular kind.

(4) For the purposes of subsection (1)(b) above the requisite knowledge is knowledge that any modification he intends to cause is unauthorised.
(5) It is immaterial for the purposes of this section whether an unauthorised modification or any intended effect of it of a kind mentioned in subsection (2) above is, or is intended to be, permanent or merely temporary.

It would seems that this law would apply to any UK citizen who's PC was affected by this software. It would be interesting to see what the consiquences of this would be for the company in question.

Kind Regards

61 - 80 of 119 Posts
Hmph... if you're worried about stuff being installed without your consent, re-configure your box so nothing can be installed without a password. It's difficult (but not impossible) to do with Windows, but *nix does it by default.

*It wants me to install some unnamed program to listen to my CD... what should I do?

>No f'in way, throw that thing in the garbage and never buy anything from anybody involved with that CD again (At least, that's MY response - maybe people / corporations will learn the hard way)

Honestly, I've stopped caring what happens with Windows users and their programs. Either Microsoft will take a hard stance against this, or they will openly embrace it (though at the moment, it appears they are openly embracing it). If such should happen to me, I look at the offending source code and re-write it (up to and including my CD-ROM driver in my kernel). GPL/BSD software is capable of many things atm, and certainly more than covers multimedia (including making legal backups of copy-protected discs).
See less See more
Honestly, I've stopped caring what happens with Windows users and their programs. Either Microsoft will take a hard stance against this, or they will openly embrace it (though at the moment, it appears they are openly embracing it).
As far as I know Microsoft ahs announced to make a windows update against it, somehow I don't see that as embracing it
Have they? Yet they still support DRM and such - that's what I'd call embracing it.
Microsoft has strict DRM schemes that cannot stand competition. Of course Microsoft doesn't want this to succeed. Ever heard of TC, Trusted Computing? It will include hardware lockins featured in Intel and AMDs chips (and windows ONLY runs on Intel-compatible chips). It can make computers safer, linux users would benefit from it, but in the hands of microsoft it becomes a lethal weapon, coupled with its DRM universe and software lockins.

there are some nice articles here and here for more .not over yet: this is a must

software lockins are much more effective when backed by hardware locks. people need to m0dchip their computers in the near future. sigh... reaction of the world after the uncovering of Lagrande by Intel.

windows users, don't even think about fleeing to the Mac universe, these will use Intel chips from now on, and IBM is working on a TC enabled Linux.

Unfortunately, if DRM and software lockins become the only way through content, music, movies and games are available, most people will just follow the trend.

Protesting isn't enough. People need to KNOW. But are they even caring?
See less See more
I'll just say one thing: Universal hard locking on consumer PCs would make my job nearly impossible. Therefore it won't happen. I'd say more, but I can't.
apart from what lockins can do to consumers (copy protect music, games, movies), Microsoft just wants to control what CAN be installed on its OSes. Since Vista doesnt include all the features it wanted, we'll probably see that starting with Blackcomb (successor of Vista).

Of course universal hard locking on consumers PCs wont happen. It will just force them to use a new generation of software. What people view as untolerable today, will be widely accepted tomorrow. As Sony, Microsoft wants to secure its customer base, by discouraging people to use competitiors' products. Oh, and microsoft wants to move from a licencing to a monthly-yearly subscription scheme, but perhaps this is out of topic...
Malicious Website: Sony Uninstaller Exploits

Malicious Website: Sony Uninstaller Exploits

[font=Arial, Helvetica]Websense® Security Labs™ has received reports of websites that are using the Sony DRM uninstaller as a means to perform malicious actions on end user machines.[/font]

[font=Arial, Helvetica]Security researchers discovered that the recently released Sony DRM uninstaller included a COM object that it dropped on the machine in order to uninstall the highly publicized rootkit that gets installed as part of some Sony Music DRM software. The COM objects are not removed after installation and leave the machine open to malicious websites using them as an attack vector.[/font]

[font=Arial, Helvetica]Websense Security Labs added detection mechanisms to its data classification and internet mining techniques soon after discovery of the possible vulnerability was reported. Although we have not seen many sites to date, the potential for sites using this to exploit end users is high.[/font]

[font=Arial, Helvetica]The included site example infects users when they visit the website. Any user who has downloaded and run the Sony uninstaller program is susceptible to this attack. In the example below, users' machine are restarted upon accessing the site. However, there is the potential for more nefarious actions to have been done.[/font]
Don't use thier uninstaller, it's easier and probaly less painful just to reinstall windows
Today I read an article in the "newspaper" (metro :p ) about sony taking back all those cd's with that protection. My mom has got one Celine Dion cd and I think it has been published by Sony, is their any easy way to see if that POS rootkit is running on our family pc? Maybe I can sue them ;)

Time to take revenge for what they did to Bleem :evil:
Cid Highwind said:
Today I read an article in the "newspaper" (metro :p ) about sony taking back all those cd's with that protection. My mom has got one Celine Dion cd and I think it has been published by Sony, is their any easy way to see if that POS rootkit is running on our family pc? Maybe I can sue them ;)

Time to take revenge for what they did to Bleem :evil:
Umm... wasn't that rootsh1t an America-only phenomenon? Do you really think that you might be affected, too?
I dunno, now that I was reading it again it wasn't exactly clear. It was talking about several million cds having the 'protection' on it. 5 Million cds were distributed of which 2 million ended up with consumer in the States. This kinda confused me, it could mean the rest ended up somewhere else in the world, or they are still in US waiting to be sold.
Whoops. I thought that lobby in Europe wasn't that strong to push things like that into legality...
Cid Highwind said:
Today I read an article in the "newspaper" (metro :p ) about sony taking back all those cd's with that protection. My mom has got one Celine Dion cd and I think it has been published by Sony, is their any easy way to see if that POS rootkit is running on our family pc? Maybe I can sue them ;)

Time to take revenge for what they did to Bleem :evil:
Get Rootkit Revealer from

That's where the report came from btw... the author was testing the revealer.

EDIT: And oh... don't forget CVGS. :evil:
Umm... wasn't that rootsh1t an America-only phenomenon? Do you really think that you might be affected, too?
Actuaily it's also here, at least like most Malaysiand I don't buy westen music so it's not really causing much trouble here
It seems my organization has taken note of the Sony rootkit. That's bad news for Sony. A bit more information about it for you to digest here and here. Read both links and you should be able to make an attempt at manually removing it without going to Sony's site. Also of interest is that this rootkit is not effective against 64-bit windows systems, and that the rootkit uninstaller both installs a new rootkit and phones home to Sony whenever you use it.
Gigs & Bytes:The Rootkit Of All Evil?

Gigs & Bytes:
The Rootkit Of All Evil?

A major label's latest attempt to protect its music from pirates has become a major problem for Sony BMG Music Entertainment – a problem that has sparked at least two class action suits, forced the label to recall CDs by as many as 50 artists, and may result in states bringing charges against the record label.
Sony's problems started October 31st when computer security researcher Mark Russinovich posted an item on his blog detailing how he had discovered a "rootkit" on his computer.
Rootkits are generally employed to hide files and programs, and are usually used in tandem with Internet worms and other nasty computer viruses. Furthermore, rootkits can enable someone to take control of a machine without the owner's permission. In short, a rootkit is malware.
And what's Sony BMG's connection to the rootkit Russinovich found on his computer? As Russinovich detailed on his blog, it turns out that the rootkit in question came from copy protection technology called XCP, which was created by United Kingdom company Van Zant's Get Right With The Man.
But XCP does more than prevent unauthorized copying. It also deposits hidden files on computers running Microsoft's Windows operating systems. The files are extremely difficult to find and even more difficult to remove, as Russinovich found out when he tried to manually remove them, only to discover his actions disabled his CD drive.
What's more, the XCP copy protection program does this covertly.
There's a word for programs placed on a computer without the owner's permission, programs that function in a way unbeknownst to the user: spyware. Furthermore, some states, such as California, have laws prohibiting spyware. It's conceivable that Sony could find itself in the legal cross-hairs of more than one state's attorney general.
But Sony's use of technology that placed rootkits on computers was only part of the problem. Rootkits are generally used to hide files that allow a third party to gain control of the machine. And, as news of Sony's blunder grew, so did the number of viruses suddenly appearing on the Net that took advantage of the XCP rootkit.
When news first surfaced, Sony BMG tried to minimize the damage by having its president of global digital business talk to the press. However, Thomas Hesse didn't inspire too much consumer confidence when he appeared on National Public Radio's "Morning Edition" and said, "Most people don't even know what a rootkit is, so why should they care about it?"
That was November 4th. Now it appears just about everyone who buys CDs cares about it, and Sony is just now discovering music consumers aren't all that crazy about virtually unremovable files on their computers.
As news of the rootkit spread, Sony issued a patch for removing the rootkit, but not the actual files placed on consumers' computers. However, some security experts are saying the patch only worsened the problem.
"This is a surprisingly bad design from a security standpoint," said Princeton University computer science professor Ed Felten, who, along with grad student J. Alex Halderman, explored the removal program issued by Sony. "It endangers users in several ways."
According to Felten, the program enabling the download does not confirm that the uninstall program should come from either Sony or First 4 Internet, thereby making the computer vulnerable to virus attacks.
"The consequences of the flaw are severe," Felten and Halderman posted on a blog on November 15th. "It allows any Web page you visit to download, install, and run any code it likes on your computer. Any Web page can seize control of your computer; then it can do anything it likes. That's about as serious as a security flaw can get."
Sony has recalled the CDs embedded with the XCP antipiracy technology, and has released a list identifying which discs are affected. Included on that list are CDs by Neil Diamond, Our Lady Peace, Celine Dion and, of course, Van Zant.
It should be noted that not all copy-protected CDs use First 4 Internet's technology, and consumers should not confuse First 4 Internet's XCP copy protection methods with those employed by other antipiracy companies such as digital rights management company Sunncomm. In other words, read the label before you buy.
Sony BMG really dug itself a deep one this time, and it may be months before the label can crawl out of the mess caused by First 4 Internet's XCP copy protection. Not only have two class action suits been filed, but there have been calls for a Sony boycott. Consumer trust in Sony has been almost completely eradicated and there are now reports that some companies are considering prohibiting their employees from playing CDs in the workplace.
Plus, when you consider that government employees, including members of the military, might play CDs on their computers, Sony's rootkit debacle is probably going to get a lot worse before it gets better. That is, if it gets better.
While not referring to Sony by name, Homeland Security assistant secretary for policy Stewart Baker did have some harsh words for labels that protect their music by installing hidden files on computers.
"It's very important to remember that it's your intellectual property, it's not your computer," Baker said during a conference on, ironically, intellectual property piracy. "And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days."
When you consider all the implications – making computers vulnerable to virus attacks, placing hidden files on consumers' machines and generating more bad press in two weeks than most companies accrue in a lifetime, what were the execs at Sony thinking when they greenlighted First 4 Internet's XCP copy protection technology?
That is, if they were thinking at all.
now even the department of homeland security is getting involved, (insert terrorism joke here)
2 lines:

- Stop buying DRM'd.

- Get down on yer knees and pray that your enemies will from Sony-BMG.
For ALL DUDES who bought XCP DRM'd SONY-BMG music from AMAZON

Amazon is offering refunds to customers who bought Sony BMG CDs that use the controversial XCP anti-copy system. The offer has been made in an e-mail sent to Amazon customers known to have bought a CD by one of the 52 Sony which contained the XCP software.

Customers can get the refund by sending back the CD, even if they have not used the disc in their computers. At the same time Sony BMG has released details of how customers can get XCP-free versions of CDs.

Let's hope those 'XCP-free' don't come with time limits or other tricks. At least people won't need to pay twice for the same stuff, as a 'privilege' from Sony.
Just a head's up:
DON'T try to uninstall the XCP using thier website, it just installa a new version of XCP and creates a few more security holes, don't even bother visiting thier website it may automaticly decide to install the XCP on your computer

Garnter: piece of tape defeats any CD DRM

The controversial XCP digital rights management technology that Sony BMG bundled on 52 of its audio CDs can easily be defeated by applying a small piece of tape to the discs, analyst firm Gartner claimed.

Applying a piece of opaque tape to the outer edge of the disk renders the data track of the CD unreadable. A computer trying to play the CD will then skip to the music session without accessing the bundled digital rights management technology.

"After more than five years of trying, the recording industry has not yet demonstrated a workable DRM scheme for music CDs," Gartner concluded in a newly published research note.

The tape methodology will help users defeat any future digital rights management system on audio CDs that are designed to be played on stand-alone CD player.

Gartner predicted that the music industry will start a lobby seeking legislation that requires computer makers to include digital rights management technology on their systems. But it advised that, instead of limiting what users can do with music they purchased, record labels should focus on tracking them. This would enable a "play-based" model where users are charge a fee based on how they consumer music.

Sony earlier this month abandoned the use of the XCP anti piracy technology after weeks of heavy criticism from security experts and consumer advocates. The technology sought to prevent users from making illegal copies of the music on Windows computers, but posed a major security risk and could break the computer of users trying to remove the software.

Gartner called the DRM scheme both a "public relations and technology failure ".
Or don't use Auto-run. The tape might be small, but it's enough to risk instability of the CD. Besides, it'll also cause wear and tear on the drive.
Sony has really outdone themselves in stupidity this time. I don't understand what they were thinking. Now they've lost a lot of popularity, they have to replace a lot of CD's, and they've got quite a few possible lawsuits to deal with!, and I don't think they stopped anyone from copying there music, instead I think people choose to copy it instead of buying the CD.
61 - 80 of 119 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.