Next Generation Emulation banner

Sony, Rootkits and Digital Rights Management Gone Too Far

5046 Views 118 Replies 21 Participants Last post by  __Xzyx987X
Story can be found here.

This really makes me feel glad I don't listen to any music being published by Sony, seeing it installs stuff worse than spyware on my computer.

There's a few interesting posts underneath the blog, I'll quote a few.

INAL, but this appears to be illegal in the State of California, punishable by a $1000 fine per computer affected.

California Business & Protections Code Section 22947.3, Paragraph C:

A person or entity that is not an authorized user, as defined in Section 22947.1, shall not, with actual knowledge, with conscious avoidance of actual knowledge, or willfully, cause computer software to be copied onto the computer of a consumer in this state and use the software to do any of the following:
(c) Prevent, without the authorization of an authorized user, an authorized user's reasonable efforts to block the installation of, or to disable, software, by doing any of the following:
(1) Presenting the authorized user with an option to decline
installation of software with knowledge that, when the option is
selected by the authorized user, the installation nevertheless proceeds.
(2) Falsely representing that software has been disabled.

This is some horribly written legislation (difficult to parse), but it appears that you must be able to specifically decline to install software (regardless of EULA conditions).

If this is a British company, or one which operates from the UK then they may have fallen foul of UK law, specifically the Computer Misuse Act 1990 as follows:

"3.-(1) A person is guilty of an offence if-
he does any act which causes an unauthorised modification of the contents of any computer; and
at the time when he does the act he has the requisite intent and the requisite knowledge.

(2) For the purposes of subsection (1)(b) above the requisite intent is an intent to cause a modification of the contents of any computer and by so doing-
to impair the operation of any computer;
to prevent or hinder access to any program or data held in any computer; or
to impair the operation of any such program or the reliability of any such data.

(3) The intent need not be directed at-
any particular computer;
any particular program or data or a program or data of any particular kind; or
any particular modification or a modification of any particular kind.

(4) For the purposes of subsection (1)(b) above the requisite knowledge is knowledge that any modification he intends to cause is unauthorised.
(5) It is immaterial for the purposes of this section whether an unauthorised modification or any intended effect of it of a kind mentioned in subsection (2) above is, or is intended to be, permanent or merely temporary.

It would seems that this law would apply to any UK citizen who's PC was affected by this software. It would be interesting to see what the consiquences of this would be for the company in question.

Kind Regards

101 - 119 of 119 Posts
*nothing special here*
The Bluray Disc Association. I focused on Sony because they're the ones most commited to Bluray (obviously because of the Playstation 3). There's an interesting article here about the disc format and specs here:

"Once you can play it, you can copy it."
Too bad Sony's XCP rootkit installs before it plays.
The movie/content/gaming industry is more interested in 'protection'. NO, I'm not talking about ours as customers. :evil:

DRM'd discs with XCP from Sony are getting withdrawed from commerces (Amazon...).
This one ended a happy story. Sony is still facing lawsuits, but at least people who bought XCP DRM'd are eligible for uncrippled copies of the CDs they bought, even if these haven't been used on a computer yet.
Well, the "Install before play" is a byproduct of the Autorun meddling of the OS. Without it, it's still fair game.
Maybe we shoud all disable the autorum feature
Actually, I did that simply because I don't like to have things running before I get a chance to look at them. Never smart to execute unknown programs. Then again, I've also started running most of my games under linux now through a windows emulator - hard to infect that, I'd just wipe the game's partition out (each game has an isolated windows environment with its own registry - they can't see each other).
Neat. I'll try that for my games.
Autorun is evil in Windows mostly, since it allows arbitrary code (software) to run or install with full administrator privileges and *without* user knowledge or consent. I believe this is not the default behaviour for GNU/Linux systems. Giving up a little convenience for more security is never a bad deal.

There's even more about Sony BMG. The full article can be read here
Player-X said:
Maybe we shoud all disable the autorum feature
How about holding SHIFT while inserting a "suspicious" CD?
That works as long as you remember to do so. Personally, I wouldn't trust myself well enough to remember to do that for every single new disc I put into my machine.
F-3582 said:
How about holding SHIFT while inserting a "suspicious" CD?
Disabling Autorun for CD/DVD drives entirely would be better I believe. :innocent:
That would work but I assume that I eventuaily will forget to press shift, besides you can still use the autorun app in the my computer if you want to
Well Sony seem to love making a challenge for themselve when it comes to DRM. Looks like they had a new patch, but even that had its own problems.

Oops -- New Sony DRM Patch Insecure
By Nate Mook, BetaNews
December 8, 2005, 11:40 AM

Just one day after jointly announcing a patch to correct a security flaw in the SunnComm MediaMax copy protection included on 27 CDs, Sony BMG and the Electronic Frontier Foundation are urging users not to install it. The update includes a vulnerability similar to the one it attempted to fix.

SunnComm's MediaMax version 5 software does not properly protect a directory it installs, opening the door for a privilege escalation attack. Thus, a restricted user account could replace the executables within the MediaMax directory with malicious code, which would then be executed by an administrator upon inserting a CD.

Sony said it would notify customers of the SunnComm problem through an advertising banner within the MediaMax software, and via an online ad campaign. It also began distributing an update on the Sony BMG Web site and to security vendors.

But despite claims that "independent software security firm NGS Software have determined that the security vulnerability is fully addressed by the update," Princeton researcher Alex Halderman has found otherwise.

"It turns out that there is a way an adversary can booby-trap the MediaMax files so that hostile software is run automatically when you install and run the MediaMax patch," Princeton professor Edward Felten explained. "The previously released MediaMax uninstaller is also insecure in the same way."

Halderman and Felten also discovered that even if a user declines the MediaMax license agreement, the vulnerable software is still installed on their computer. However, those users will not see the advertising banner Sony is using to notify customers.

"The consequences of this problem are just as bad as those of the XCP rootkit whose discovery by Mark Russinovich started SonyBMG's woes," added Felten. "This problem, like the rootkit, allows any program on the system to launch a serious security attack that would normally be available only to fully trusted programs."

This isn't the first time Sony's fix for vulnerable DRM has done more harm than good. Last month, Felten reported that the Web based uninstaller for the XCP copy protection contained a security flaw that could enable malicious software to be automatically installed on a PC.

Sony has recalled all CDs with XCP due to the furor surrounding the software's rootkit, but much to the chagrin of security experts, it is not following suit with SunnComm.

"Every disc sitting on somebody’s shelf, or in a record-store bin, is just waiting to install the vulnerable software on the next PC it is inserted into. The only sure way to address this risk is take the discs out of circulation," warns Felten. "The time has come for SonyBMG to recall all MediaMax CDs."

Well I wonder how long Sony will drag its name in the mud.
And I wonder when will they realise that the real pirates can will and probaly have already cracked it making the pirated version superior
Huh? What's with the *poofing* of posts, D.D? Afraid of Big Brother? :)
Player-X said:
And I wonder when will they realise that the real pirates can will and probaly have already cracked it making the pirated version superior
You can find facts and slam them in their face and they still do not want to see it... Just like how every downloaded album was not going to be sold in the first place.
Kraelis said:
Huh? What's with the *poofing* of posts, D.D? Afraid of Big Brother? :)
It was to remove some way offtopic posts regarding the Blueray format. I just deleted mine personally...
101 - 119 of 119 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.