Sony Rootkit Phones Home 494
strider44 writes "Mark from Sysinternals has digged a little deeper into the Sony DRM and discovered it Phones Home with an ID for the CD being listened to. XCP Support claims that "The player has a standard rotating banner that connects the user to additional content (e.g. provides a link to the artist web site). The player simply looks online to see if another banner is available for rotation. The communication is one-way in that a banner is simply retrieved from the server if available. No information is ever fed back or collected about the consumer or their activities." Also on this topic, Matt Nikki in the comments section discovered that the DRM can be bypassed simply by renaming your favourite ripping program with "$sys$" at the start of the filename and ripping the CD using this file, which is now undetectable even by the Sony DRM. You can use the Sony rootkit itself to bypass their own DRM!" Update: 11/07 14:21 GMT by H : Attentive reader Matteo G.P. Flora also notes that an Italian lawyer has filed suit against Sony on behalf of the Italian equivalent of the EFF. Translation availabe through the hive mind. Update: 11/07 15:18 GMT by H : It does appear that in fact Sony does see through the $sys$ - see Muzzy's comment for more details.
Comment removed (Score:4, Insightful)
The market provides! (Score:1, Insightful)
Instead of rushing in and demanding a law to battle this "problem," just leave it alone. The market continues to provide exactly what people want.
Most ony customers care little for this Sony solution. My 12 year old sister doesn't seem to care one bit. Sony has the "right" to provide this feature as you're not being forced to buy it.
You're responsible for checking out a product before buying it. I won't buy any music ROM disc that doesn't have the "CD" certification logo, unless it is from an indie band. I still rip eve y CD from a CD player with an optical out into my PC. Safety first.
If Sony doesn't get a lot of backlash over this system, others will adapt it. I am not buying any more Sony CDs, but I'll buy other products from other divisions.
I see no reason to cry wolf here. You are buying their product. If you find something you don't like, someone will adapt it for your uses.
For those wanting a la , remember you likely supported the same political parties that enacted the DMCA, copyright extensions, and other tyrannical laws. Stop voting in the booth, vote in the checkout aisle.
No information (Score:5, Insightful)
Other then your IP address, date and time it's connected to the net, the CD you're listening to, how often you listen to it...
Why is this posted in games? (Score:5, Insightful)
Re:The market provides! (Score:5, Insightful)
You're responsible for checking out a product before buying it. I won't buy any music ROM disc that doesn't have the "CD" certification logo, unless it is from an indie band. I still rip eve y CD from a CD player with an optical out into my PC. Safety first.
You obviously never read the original article. Sony didn't advertise in any way shape or form that this was on the CD, so even you wouldn't have been able to "check out" the product before buying it!
Re:The market provides! (Score:5, Insightful)
Re:The market provides! (Score:5, Insightful)
You know as well as I do that if you don't do the bidding of the right people, you won't find yourself with any "shelf space". Its white bread or wheat bread, anything else is illegal. Feel free to vote in the checkout aisle, just don't complain to anyone when your rye bread is nowhere to be found.
Utterly Laughable (Score:5, Insightful)
why are sony SO unbeleivably stupid as to think otherwise. They must be wasting hundreds of thousands of pounds on this utterly useless rubbish, that even the least technical of people can bypass.
These things are so childish no hacker would even bother with them, as stated this one even defeats itself!
It only takes one breach to distribute a copy, why piss off thousands of genuine paying clients?
The mind boggles, the only people winning are the copy protection companies living happy lives doing nothing but ripping Sony off.
aren't they supposed to do maketing studdies on things before release?
maybe employ a 16 year old to independantly test the schemes for them rather than taking the word of the people selling them this rubbish
(I'd have said 10 year old but it wouldn't be legal)
revenue lost to purchasing clients who will have to return product as it wont run. $X,0000
revenue lost to potential clients who will be scared off buying in the first place. $Y,0000
estimated reputation damage to company. priceless.
estimate of no. of pirated copies prevented. ZERO.
great... (Score:5, Insightful)
I hope Microsoft is paying attention here, because this could set an EXTREMELY bad trend here. Why do we have these "certified" drivers? Because a lot of them were crap. Now we have software injecting stuff directly into the OS. I can't say this is going to help MS in the security and stability department.
Re:Rip It....Rip It Good (Score:5, Insightful)
AFAIK, the rootkit is the only protection on this CD. As they admit, it looks like a normal CD to an Apple computer - and, of course, to a Linux computer. And, for that matter, to a Windows computer with Autorun disabled... I do enjoy a truly pathetic copyrestriction system, don't you?
Re:Utterly Laughable (Score:3, Insightful)
Actually, that's probably in the negative. How many are going to pirate that weren't simply because they aren't going to trust Sony CDs not to do anything to their computer from now on?
I need to thank Sony (Score:2, Insightful)
I got a bad feeling about this... (Score:2, Insightful)
Why would you do this? This is stupid. (Score:5, Insightful)
All I've seen from people on this issue are ways to get around the DRM. Yes, there are MANY ways to get around it, audio line-out to a DAT or an iPod, using linux, a mac, CDex, Audiograbber, Audiohijack-pro...
But that is all just retarded, if you're buying this CD and you use it as Sony want you to use it, it is NO different than if you buy the CD and rip it with some workaround. Sony don't SEE a difference. The MP3s will be on DC++ anyway, it's not like they will lose sales to people ripping it for their iPods or whatever.
And if you do buy the CD, (regardless of wheter you rip it or not) you have just voted. Corporations are the Governments of today and with your purchase you vote. And buying any content protected CD regardless of what you do with it is a VOTE to Sony that DRM is acceptable to you. And that means next time it won't be some crappy nobody C&W CD that is taking over your PC, it'll be the big Sony acts. And then the big EMI acts and WB acts and so on.
Vote with your cash, buy non-DRM encumbered CDs or else just steal it. I'd prefer to take the moral issues and risk of stealing rather than just be Sony's bitch and install their shitty rootkit on my computer.
Re:Rip It....Rip It Good (Score:5, Insightful)
Very backward thinking on Sony's part (Score:5, Insightful)
What's the goal here? To stop the people who buy CDs and rip copies for a few friends... by driving everybody to rely on safer online distribution exclusively?
Re:NO you are WRONG (Score:5, Insightful)
Ah, but you didn't say illegal, you said wrong. The equation of the two is perhaps the greatest threat to liberty in the modern world.
One and only one thing to fix the problem (Score:5, Insightful)
If you care about this, then don't buy Sony games, music or movies. If you don't care about DRM and spyware issues then by all means go out and buy more product from them.
Is sending a clear message that you will not tolerate corporate abuses worth going a few months without shelling out $18 for a CD that has two decent tracks on it?
Accept nothing less - the public firing of the VP who oversaw the department that gave the green light to this - or no purchase of any Sony game, music or movie.
Personally I don't think enough people value unhacked systems enough to make the sacrifice. My prediction is that Sony will essentially get away with it, may have their insurance company pay a few settlement checks, and make a better attempt next time around. Or simply write enough checks to MS to ensure that the DRM is included in the Colonel (weak joke about a police state... sorry). And write enough checks to Motorola and Intel to make sure that DRM is included at the chip level. And write enough checks to US Senators to make sure that the law will back them up next time.
Again, the only recourse is to refuse to buy Sony products until a VP is fired. Nothing else will work.
Re:The market provides! (Score:5, Insightful)
Re:The market provides! (Score:2, Insightful)
Most ony customers care little for this Sony solution. My 12 year old sister doesn't seem to care one bit. Sony has the "right" to provide this feature as you're not being forced to buy it.
And that's exactly why we have the responsibility to make a big fuss about it.
When someone does something bad, we, as responsible citizens, have to educate others about it. We have to make a big fuss so that people realise why they shouldn't want CDs infected with DRM. To remain silent would be to give consent for Sony and pals to keep right on shafting us.
Voting with your wallet is a good start. But we need soapboxes too. There's no point voting with your wallet if nobody knows what you're doing or why.
Don't buy Sony products? (Score:4, Insightful)
Re:Rip It....Rip It Good (Score:5, Insightful)
After finding more information about it, it sounds as if it blocks programs from accessing the CD drive that are in sony's list.
Step 1: Rename your Windows Server App to ITUNES3.EXE
Step 2: Put all the config files for that server app on a CD
Step 3: Insert Sony music CD into secondary drive
Step 4: The DRM that installed itself without your consent crashed your mission critical server. Sony is liable!
Step 5: ???
Step 6: Profit!
why is this even possible? (Score:3, Insightful)
This "rootkit" doesn't even have to be present now that the virus/trojan/spyware writers know it is possible. Re-implementing this feature would just be one of the first steps of installation. Shouldn't people be demanding a fix for this from Microsoft?
Re:The market provides! (Score:5, Insightful)
Re:One and only one thing to fix the problem (Score:3, Insightful)
Re:The market provides! (Score:4, Insightful)
That said, it is a damn sleazy thing to do - both in terms of screwing the people who buy the CD and in terms of the decision to purchase this (ultimately useless) DRM.
Apparantly a lot of the higher ups in this DRM company also have high level positions in Sony. Would anyone here be surprised if any of the execs at the DRM company received bonuses around the time period that Sony chose their DRM?
If this is given enough public attention, perhaps shareholders may get pissed.
Re:The $sys$ prefixing thing was apparently wrong (Score:5, Insightful)
So easy (Score:2, Insightful)
Re:NO you are WRONG (Score:5, Insightful)
No I didn't. I entered into a contract for sale of goods with the record store, the terms of which were that I handed over some cash and they handed over a CD. That contract was fulfilled to the satisfaction of both sides. I have no other contractual obligations of any kind.
Re:NO you are WRONG (Score:5, Insightful)
Re:I wonder...NOT (Score:3, Insightful)
This article is about Sony and their creation of ill-will and lack of trust, not Microsoft. Yes, yes. Sony's rootkit is designed for windows, autoplay, etc and so on, but you really can't blame Microsoft in this case. It is just as possible to create a rootkit for any Macintosh or Linux machine, they just haven't because most of their customers use windows.
As for autoplay being a bad idea, it is and it isn't. I remember back when autoplay was first introduced (I can't beleive it was 10 years ago) the whole idea was that you would buy a product from the store, insert it into your computer, and bam, you're off. I remember thinking it was a pretty cool idea at the time, although only one program actually did it as cool as the Microsoft commercials, SimCity 2000. (You would insert the CD-ROM, and then play the game, w/out installation). While in retrospect it wasn't the best idea security-wise (at least without some sort of warning), I would be sad to see autoplay completely dissapear, since I'm lazy and enjoy my computer anticipating what I want it to do.
Re:The solution: (Score:2, Insightful)
The only solution I see is to make a copy, then take the original disc(along with all packaging), along with the crufty old player that CAN'T read it back to the retailer and demand your money back as the disc won't function in your player. You'll likely have to demonstrate that. If the disc is so crippled, then it can't really meet the CDDA standard etc etc etc.
Oh, yeah. You'll want to throw away that copy you made earlier. ahem.
Why this doesn't matter in the big picture. . . (Score:4, Insightful)
Everybody in industrialized nations will always have access to more than enough medium for their brains to drown in. Money made directly from the sale of media, is in this case, a secondary concern.
The only things people might have a more difficult time gaining access to in our DRM future are positive, un-tainted messages. Though with choice and intent, people can find those easily enough as well.
So don't sweat the reverse psychology; we'll still all be able to listen to the next pop star with relatively little trouble. --In fact, as per usual, it will probably take a degree of concentrated effort to avoid whatever dark-side, soul-draining message of slavery is being broadcast.
"Hit me Baby, one more time."
Ugh. The stuff is like nuclear fall-out. Destructive and near impossible to avoid.
-FL
Re:I wonder...NOT (Score:3, Insightful)
But what I do object to in MS Windows is the concept that Microsoft has designed their "system" with the input from their 'strategic partners' like Sony, to allow these sorts of things which have happened, which is basically designing an OS to be primarily setup behind the scenes away from the user, such that the OS is at the beck and call of Microsoft and its partners. Microsoft is thus responsible for this mess, at the 'root' of the problem. They thus deserve my dissing and scorn. They have caused a LOT of wasted hours out of my life that should never have ocurred.
This attitude has caused an incredible amount of harm on so many levels that I am surprised some enterprising attorney has not filed a suit against Microsoft and tried to get class action status to represent all individual Windows users.
Announcing: The Hider (Score:2, Insightful)
PRESS RELEASE: Announcing The Hider®
The Hider® is a run-time library that your program calls during initialization. It randomizes strings of your choosing, including window names, application names as they appear in the Task Manager, and other strings. It also comes with The Launcher® which will copy your program to a random file name, encode it and add a decoding module, and run it from there.
This program enables your program to hide from "detectors" such as the infamous Sony 2005 Rootkit.
The developers license prohibits the use of this The Hider® and related programs in DRM applications, viruses, and other malicious software. Violators will be prosecuted under the DMCA and other laws.
Re:I wonder... (Score:1, Insightful)
While this is very true, you have to understand that housing prices vary a great deal across the U.S. In Massachusetts, the housing prices are so high that it is sometimes very difficult for even a person with a six figure income to afford a house. We have the highest housing prices in the U.S. I live in a neighborhood which is about 40 minutes from Boston and about 10 minutes from Providence. It's also about 2 minutes from the armpit of Rhode Island - Pawtucket. You'd figure that the housing prices here should be dirt cheap, because of the location. They aren't. For instance, the other half of the duplex (i.e. two family home) that I live is being sold for almost $300,000. It has less than 1/10th of an acre and abuts a swamp. It has no garage and the driveway isn't big enough to accomodate two cars.
Now if you want to own a house with more than two bedrooms on a lot bigger than a postage stamp, you are going to have to spend more than half a million dollars. If you want to be close to Boston and not live in a slum, you are going to be spending over a million doillars.
So you have three choices, either purchase a house that you can afford in a bad neighborhood with a poor school system that will be devalued heavily when the bubble finally bursts, move, or rent an apartment to wait until housing prices come down.
Now do you see why so many middle class people are renting?
Re:Now I'd just love... (Score:3, Insightful)
Dear Symantec: To remove a rootkit does not mean to install an updated version of it. This piece of malware is no different than any other, I want it OFF MY SYSTEM.
Irony (Score:4, Insightful)
What sort of "legitimate application" needs to be hidden using a rootkit? What sort of definition of legitimate are they using, anyway?
Second favorite part:
prevention (Score:4, Insightful)
But creating an 0-byte Aries.sys stub, making it read-only, may prevent the installation of the real-deal.
Re:The $sys$ prefixing thing was apparently wrong (Score:2, Insightful)
Re:NO you are WRONG (Score:2, Insightful)
Re:The $sys$ prefixing thing was apparently wrong (Score:4, Insightful)
Too late. This is the kind of falsehood which will become true merely by repetition. It is too good a story not to tell. You will see it repeated over and over on site after site. Occasionally people will try to follow up with corrections but they will never get the attention that the original false report got.
"A lie can travel halfway around the world while the truth is still putting on its shoes." - Mark Twain
Re:NO you are WRONG (Score:3, Insightful)
First of all, IANAL. Now that this has been stated, although I disagree with the music industry, I am tired of crap like this being posted. Fair use is not a legal right, it's a set condition under which you can't be prosecuted. The Fair Use doctrine states that although illegal to make copies unless you are the copyright holder, you can get away with it if you qualify under X, Y, or Z.
In addition, the 'Fair Use' doctrine is U.S. Copyright Law. It is not international copyright law. This is why iTunes is technically illegal in Australia, because it can copy cd's. Although most countries have a similar exception to the copyright law, Fair Use is by no means International Law.
Other than that I must say, I hate how the entertainment industry is screwing with my rights. I think we all need to educate ourselves better with what is going on, so that we may better fight this bullshit. It's blatantly obvious that our Government does not have the best interests of it's citizens in mind while passing these laws. Hell we are still stuck in the middle ages of art because nothing ever goes back into the public domain anymore.