Sony BMG admits using rat DRM
p2p news / p2pnet: Organized Music member Sony BMG has now admitted using spyware-like rat code on its music CDs.
It’s rootkit-based DRM (Digital Rights Management) reported yesterday, first by Mark Russinovich at Sysinternals, and then by F-Secure.
"We’ve been getting lots of hate mail," posted F-Secure research director Mikko Hypponen. "People are accusing us for stealing the (quite excellent) research work done by Mark Russinovich.”
Hypponen published a technical description and blogged it, "several hours after Mark had broken the news in his site," he says. "So to some it looked like we were just recycling his work without credit.
"In reality we started working on this case on 30th of September when a user of our F-Secure BlackLight rootkit detector started discovering these files on his system and contacted us."
Hypponen says F-Secure didn’t immediately go public because the company was worried about the implications, "especially with the info on how virus writers can use this to hide files which have names starting with "$sys$"."
F-Secure was in the middle of discussions with Sony BMG and First 4 Internet when Russinovich broke the news on Monday and, "After this we decided to make our research on the topic public."
Hypponen told p2pnet if Sony BMG had, "thought this through, they would never have done this in the first place. Obviously techniques like this will cause a backslash from the users."
No kidding. But at least Sony BMG is pulling this piece of garbage …
… not.
All that’s hapening is its partner, Britain’s First 4 Internet, is offering a patch meant to make the files it had hoped would stay invisible, visible.
But what else can you expect from a company that’s part of a conspiracy to blackmail its customers in a bizarre marketing attempt to force them into buying product?
Sony BMG belongs to the Big Four Organized Music family, with Vivendi Universal, Warner Music and EMI Group as the other members.
They’re currently expressing bemusement because for some strange reason, the digital sales they’d been counting on to keep them riding high on the backs of music lovers, aren’t happening.
No doubt Sony BMG is resorting to this kind of DRM effort because the product it’s been using up until now has proved to be totally useless. And why not? Fake critics to hype its movies, bribery to keep its music releases playing on the radio, not mention a host of other dirty tricks, are all a part of its sales routines.
Meanwhile, you know what to do ………
Stay tuned.
Something you think we should know? tips[at]p2pnet.net
See:-
reported yesterday – New: Sony BMG rootkit DRM, November 2, 2005
totally useless – SunnComm vs First4Internet, May 30, 2005
expressing bemusement – The Big Music online music myth, Novembere 2, 2005
November 3rd, 2005 at 5:03 pm
Since RatDVD is one of the good guys
I know, it’s just a play on words, but we should always consider the needs of the least informed. For years it was commonly (if incorrectly) believed that “Kazaa-Lite” was a version with reduced features.
Now expect:
“Isn’t ratDVD that nasty stuff that puts a virus on your computer?”
November 3rd, 2005 at 5:26 pm
In the kind of huge corporation in which even the smallest decision requires multiple meetings, signatures in triplicate of everyone up the chain of command, consultations with the legal department, drawing up and negotiating contracts, etc, etc, etc — Sony BMG was able to not only go through the entire bureaucratic process, but to get their sub-contractor to create and issue a patch (coded and tested) within a day.
Sony BMG (as well as First 4 Internet) is either:
1. an incredibly efficient corporation
2. they already had this patch ready and waiting for the day when the news broke.
—– I know which version I believe
November 3rd, 2005 at 6:07 pm
It’s illegal to patch existing software components without informing the consumer.
November 3rd, 2005 at 6:56 pm
I’m surprised that Sony didn’t start stamping it’s feet, having a tantrum, and yelling ‘CIRCUMVENTION!!’
However, I believe the right to erase certain specific blocks of the hard disk that is your own privately owned property in the computer that is your own privately owned property trumps any claim of circumvention, especially when you are not fully informed what unexpected items are being written to your privately owned hard drive.
The judging panel has awarded 3 Bozo points to Sony for their efforts.
–TurboGeek
November 3rd, 2005 at 9:38 pm
Yeah….even Microsoft knows that. Speaking of Microsoft, I cant wait for the 360 now. I hope Sony is hit so hard by this they wont even have enough money to release that PS3. Idiots……
November 3rd, 2005 at 10:03 pm
I will never buy any Sony products and I hope others follow.
More about this here
http://www.securitypronews.com/news/securitynews/spn-45-20051103SonySpywareUpdateOpeningYourPCForHackers.html
November 3rd, 2005 at 10:46 pm
Saw this post over at Afterdawn
ireland (DVDXCopy Chief Moderator) 3 November 2005 15:54
its started
World of Warcraft hackers using Sony BMG rootkit
Published: 2005-11-03
Want to cheat in your online game and not get caught? Just buy a Sony BMG copy protected CD.
World of Warcraft hackers have confirmed that the hiding capabilities of Sony BMG’s content protection software can make tools made for cheating in the online world impossible to detect. The software–deemed a “rootkit” by many security experts–is shipped with tens of thousands of the record company’s music titles.
Blizzard Entertainment, the maker of World of Warcraft, has created a controversial program that detects cheaters by scanning the processes that are running at the time the game is played. Called the Warden, the anti-cheating program cannot detect any files that are hidden with Sony BMG’s content protection, which only requires that the hacker add the prefix “$sys$” to file names.
Despite making a patch available on Wednesday to consumers to amend its copy protection software’s behavior, Sony BMG and First 4 Internet, the maker of the content protection technology, have both disputed claims that their system could harm the security of a Windows system. Yet, other software makers that rely on the integrity of the operating system are finding that hidden code makes security impossible.
http://www.securityfocus.com/brief/34
November 4th, 2005 at 7:44 am
Didn’t they violate the recent Federal anti-spyware laws?
Installing software on people’s computers without their
knowledge?
I think everyone who bought these INFECTED CD’s should
keep their copies and receipts for future settlements for
$$$
November 4th, 2005 at 7:45 am
I’m already there.
Sony sucks and obviously has nor moral values as a corporation.
What a bunch of loosers!
November 4th, 2005 at 7:49 am
Exclellent!
This is so funny that I almost fell off my chair!
Sony is scr*wing other companies too and not just
their own customers!
Toooo funnnny!!
This root kit gives me some ideas too. Very hand little
things. ……
tool for other
November 4th, 2005 at 8:27 am
I too have come to this conculsion. I will tell you why. Since Sony can’t be trusted in their product sales as far as consumers go, then what makes you think they can be trusted elsewhere?
I used to have a high opinion of Sony electronic equipment. I’ve had to rethink that with this rootkit thing. If they will do this with something that stands a chance of being able to be examined, what will they do with programming you can’t examine, like in electronics equipment? It may be that your cd player may be the very thing to testify against you if you get busted and suffer a home search. It is not out of the question that something like a player might will be keeping records and you can’t determine if this is the case or not. Since Sony has damaged their reputation so badly with this little episode, they have lost all creditablity for other stuff as far as I am concerned. When I see Sony from now on, I will also see a mental sign that says “Do Not Purchase Under Any Circumstances!”
Got something you want to hide? Say a virus or something? Just code it to save as $sys$ and Sony’s little baby will hide it for you. Expect to see it shortly in some spyware. Sony isn’t offering to remove the beast, they are only offering to make it visable. To do that you are going to have to jump through the hoops to get that. You will have to apply for it with electronic form, give up your reciept, your name, your email address and wait for Sony to contact you by email to reveal the web link location. If they were truely contrite about this, the weblink would be online for all to see. So you see, they are still gathering info with this little ploy and they are still playing dirty tricks instead of just offering to remove this creature. Also notice that no mention of recall has been made. Inotherwords, it is out there and you take your chances with anything from them. The nearest they have owned up to saying how to tell which cds have this is to look for copyprotection warnings on the case. Unforetunately there are about 6000 titles with that sort of warning on the case. This lack of coming clean tells me I want nothing to do with Sony from this day forward. Simply I can’t trust them to sell an honest product.
So I ask you, “What creditability is left with Sony” after this little stunt? None that I can see.
November 4th, 2005 at 8:48 am
It sounds like it actually alters windows components. I’m amazed they’d risk Steve “the chair” throwing a tanty (and a chair or 2) about it.
November 4th, 2005 at 9:51 am
It’d be kinda embarassing for sony/bmg if this “rootkit” violates Oz or any other country’s anti hacking laws wouldn’t it? Since each country has different laws, it might be useful to do a little research on the relevant laws and see how much trouble this kkkartel member may be in ;o)