Don't Buy Sony Music CDs -- Installs rootkits

[LindaHewitt]

Sony takes a page from spyware scum?

I first read about this at http://blogs.chron.com/techblog/ Here is an excerpt from that site.

If this analysis by Mark Russinovich at software developer Sysinternals is correct, it's not just scummy spyware pushers and worm writers who install rootkits on Windows PCs.

At least one record label, Sony BMG, does it, too.

Russinovich discovered that a copy-protected CD he owns, Van Zant's Get Right with the Man, dropped a rootkit onto his system as part of its Digital Rights Management scheme. The CD comes with its own medai player, and can only be played on a PC with that software.

In his detailed, technical report, Russinovich outlines the steps he took to track down the rootkit and figure out that it came from this Sony CD.

What he also discovers is that the technique used by the rootkit to cloak itself could be taken advantage of by other forms of malware. In other words, the installation of the Sony software left his machine vulnerable to attacks.

It also proved difficult to remove -- I doubt the average PC-owning Van Zant lover would be able to do what Russinovich had to do. There's no uninstall utility for it, and he had to yank it by hand.

And when he did, it disabled his CD drive -- the icon was missing from Windows Explorer as a result.

Music labels, in a desperate attempt to save the dying CD format, are doing ugly things in the name of protecting their content. Of course, consumers can respond with their own ugliness -- don't buy CDs with this type of DRM. There are other ways to acquire these CDs, including downloading them from a source such as Napster or iTunes.

Yes, those files are copy-protected, but not in a malicious way, and if you burn a CD using them, you can rip them back to standard MP3 format.

(Spotted on Slashdot.)

Update: Reader Howard Hoy has posted several excellent updates in the comments. He's contacted Sony, asking for a way to remove the software. Sony sent him to a Web site that required the installation of an ActiveX control developed by the same company that created the rootkit. There's some indication the ActiveX control can perform a remote reboot of his system.

The attitude of Sony as reported is really unbelievable.

For anyone that doesn't know, Mark Russinovich's company is winternals.com and sysinternals.com, which is the top software development company for system utilities.

Linda

[fink]

thanks for the warning. That's reprehensible and will surely backfire on them.

[liam858]

Nick just posted the same warning: http://discussions.virtualdr.com/sho...d.php?t=196667 ....it's a bad'n


Liam

[Rainbow32]

I like the T.V.'s Sony makes but will never buy a Cd from them again until they come "clean" about this and give an uninstall option. And yes the big companies review forums like these and I hope Sony now knows they've been found out!

[lgbpop]

it's not just scummy spyware pushers and worm writers who install rootkits on Windows PCs.

At least one record label, Sony BMG, does it, too.

There's a difference?

[shiva_42]

There's a difference?

EXACTLY!!! In the absence of corporate "sponsorship" of such activities, they would quickly die on the vine.

Boycott, boycott, boycott these products. It is the ONLY way to make ANY impact on the issues whatsoever. But, don't do it silently. Inform companies that you are not only going to boycott their products, but WHY.

[SuperSparks]

This is beta software, but it will apparently detect this and other rootkits:

http://www.f-secure.com/blacklight/try.shtml

[Ridgerunr]

I've boycotted Sony for several years now regarding the lousy service I received(none)with some home electronics that went south on me from the start. I contacted them until I got fed-up with the no-answer/stupid answer syndrome of their so-called tech support. You have to realize however that this company is spread over most of the earth when it comes to where their products are actually Manufactured. And imho, the words 'quality control' are mostly non-existent with these goons. To put it more simply, as long as the bucks roll in,,they care squat about anything else.
Do yourself a favor and go elsewhere. 'caveot emptor' my friends...

[falcon2000]

It's stupid how the music industry spends all this money and effort into preventing people from "stealing" their profits ... I'll tell them how to get people buying CD's again: Stop producing $16 albums that have only 1 or 2 good songs in each ... then, I'll buy your Cd's again, you thief! (Not that I condone anyone copying and/or downloading music illegally.)

[LindaHewitt]

Here is information here on Microsoft's response.

http://www.eweek.com/article2/0,1895,1838294,00.asp

According to this article they are going to be adding technology to combat this to both their MS Anti-spyware (beta) as well as to their Microsoft Malicious Software Removal Tool.

Cheers,

Linda

[Syzich]

I've looked down on Sony for a while now, but this only makes it worse.

Anyone else own a Playstation or PS2? Anyone here never have a problem with either of them?

The answer to the second question is most likely "no".

The problem with DREs(Disc Read Errors)(due to the somewhat shoddy quality of Sony's hardware) got so bad that some third party took up a law suit against Sony. Instead of getting sued, they agreed to fix all PS2 units for free. Though, when you call in about this, they simply say they will wave the repair fee.

EDIT: Oh, wow! As soon as I finished posting this, they had a short news story on this topic on G4 TV!

[usil]

This is unbelievable, where did Sony find the nerve to do this?!

Here is an in-depth article on this subject. What really pi**ed me off was this:

It is not clear whether users with the existing DRM technology will be able to upgrade to the new features. However, Sony BMG offers a removal program for the copy protection software, which can be downloaded from the company's Web site, according to a spokesperson.

If you follow that link for the "removal program", you get to this page. Then you have to look for an uninstall program, which is not all that clear, unless you read through the FAQ. But here's the deal... you don't get to download the uninstall program. Noooooooooooooo. It takes you to an Uninstall Request form, where you have to give away some details like where you bought it, artist name, title etc.!!!What?! Come again? This pi**es me off double as much! Firstly, Sony does this cr*p, then the make you fill in a request to uninstall a program on my own computer!!! Does this seem absolutely ridiculous to anyone else!? Not only that, but apparently, eweek, who wrote the article, didn't even bother checking the link Sony provided them, trusting their word that it takes you to an uninstall program. Read the quote from the article above again. If they would have followed the link, they would surely have commented that it is a request form not a removal program!

I don't buy cd's radio is good enough for me. Never bought a Sony CD (I think) and now, never will. I'll consider whether I'm gonna buy any Sony in the future

[lgbpop]

In case anyone's missed this thread, check out the link to the .dll; one entry in the list reads:

Akbar: All this is belonging to a copy protection (sony software driven copy protection). See also: Link

Sony's sure doing their best to be loveable lately...

[Syzich]

Hmm, I was just thinking to myself...

Do you think that new Sony DVDs do this as well?

[LindaHewitt]

I would bet that Sony has this software on all of the CDs or DVDs, where they are trying to protect their intellectual property supposedly. As Mark with Sysinternals said "Not only does this stealth rootkit leave the PC vullnerable to other hackers, but he said the code is very sloppily written.

Linda