Slashdot Mirror

← Back to Stories (view on slashdot.org)

Crackers Tune In to Windows Media Player

Posted by CmdrTaco on from the hate-when-that-happens dept.

jamshedji writes "Crackers are using the newest DRM technology in Microsoft's Windows Media Player to install spyware, adware, dialers and computer viruses on unsuspecting PC users."

18 of 367 comments (clear)

  1. Crackers like... by NetNifty · · Score: 5, Interesting

    Crackers like the RIAA/MPAA contractor Overpeer?

    --
    Linux Wireless Hardware in the UK
  2. This is why I use Linux.. by Dana+P'Simer · · Score: 3, Interesting
    very little danger of getting infected in this way. And we don't have any DRM mechanisms to get in our way.

    But really, Windows XP does provide a way to keep users from installing just any software, that is by having a seperate administrator user and do you surfing and P2P downloading using a "limited" user account.

    I went to visit some relatives a couple of weeks ago and I found 250 dialers, spyware and malware programs on thier computer using Spybot. It was unbelievable!

  3. Not only hackers! by EvilCowzGoMoo · · Score: 5, Interesting
    Its not only hackers taking advantage of DRM vulnerabilities. This article at virus.org reports that the RIAA is also exploiting DRM!

    "The contractor Overpeer who works solely for the MPAA and RIAA to polute Peer-to-Peer networks with corrupt and useless files has moved to a new low by using a loop hole within Windows Media DRM to launch popup adds and infect users PCs with Spyware, Viruses and Adware.

    In what could be considered a quite blatent breach of computer crime laws the world over, Overpeer a company owned by Loudeye is making a lot of money seeding Peer-to-Peer networks with thousands of fake files. It's one of the entertainment industry's favourite, and most obnoxious, anti-p2p contractors.

    The loophole in the Windows Media DRM process allows companies to create media files and link them to adware. When you normally download a protected Windows Media file, you also receive a license that lets you play it. If however Windows Media Player cannot find a valid license on your PC, it checks in with a remote system running Microsoft's Windows Media DRM Server.

    You should rarely see that happen. Some files, however are set up to ask you for information before playing. They do this by displaying a URL in a dialog box labeled License Acquisition. Normally that dialog box is used to check for a user name or offer a chance to purchase the file that's being played. In a legitimate DRM-encrypted file the author may let you play it a few times, then bring up a window asking if you want to buy it.

    Since the license dialog box is in essense an Internet Explorer window, it will display whatever is on the page it points to, in the cases that have been seen of this these trojaned Windows Media files, they all point to servers that load up unwanted ads, including windows that attempt install adware onto your PC surreptitiously, including adding items to your browser's Favorites list, attempting to change your home page and installing viral adware such as the 180search Assistant. "

    Acording to the above article's date (December 31, 2004) Is it possible the RIAA inspired the hacker comunity?
  4. Winamp TV had this problem too by British · · Score: 4, Interesting

    On the Beta Winamp TV stations, adult site operators quickly figured how to launch URLs on video streams. Needless to say, the support forums showed you how to turn off this feature about a day after the discovery.

    Please, not every app in the known world needs to launch a freakin' web page, etc.

  5. Please clear this up for me... by go$$amer · · Score: 3, Interesting

    What is the difference between DRM and spyware?

    How could DRM work without inherently 'spying' on the user/victim?

    --
    STOP. You're being farmed.
  6. Re:Unsuspecting??? by Joe+Tie. · · Score: 2, Interesting

    Now maybe if you had suggested some little known media player that didn't automatically install codecs after you clicked "don't ask me again, just install" then maybe your post would have been worth something.

    I'll go for one, mplayer. There's been beta builds on mplayers site for a while now, but I don't usually hear about anyone using it. While a lot of the port isn't as nice as in linux, and it seems to choke on most real player content even with the codec pack, it's still fairly nice. I keep it on a usb drive and it really comes in handy every now and again.

    --
    Everything will be taken away from you.
  7. Re:No logic by Smidge204 · · Score: 1, Interesting

    Unfortunately, in order to display the data correctly you need to know how to read it, and that typically requires codecs and plugins... unless you want to recompile/redownload the program each and every time a new format for video/audio/features (subtitles, etc) comes out. (And sometimes it seems everyone and their grandmother has their own codec...)

    Is that a good enough explaination?

    As for what they were thinking, probably something along the lines of: "Our target user has little or no in-depth knowledge of computers, so we will automate everything as much as possible with default settings that will work 99% of the time." Considering the market share Windows has, that's obviously pretty sound logic.

    Unfortunately it backfires a lot, because this makes the users trust the computer to make the right decisions for them, and trust that the default settings are an adequate balance of function and security. The only fault I can find in MS on this one is doing too good a job at making it easy for Joe Public.
    =Smidge=

  8. Re:No logic by nine-times · · Score: 3, Interesting
    Why do web pages need the ability to launch programs and install things? It's long been Microsoft's design philosophy to hook every one of their apps to the OS and to each other, and give each the ability to do as much as possible. The idea is that this makes productive computer use easier and more transparent.

    And it does. Unfortunately, it also makes malicious computer use easier and more transparent. Microsoft has ignored that aspect to their design philosophy, and it's become the source of many highly-publicized security issues.

  9. Re:Unsuspecting??? by DrXym · · Score: 2, Interesting
    Firefox is a browser not a media player.


    If you want a decent open source media player, choose VLC. It works great on Win32, Linux & OS X. Works well supporting CDs, DVDs, AVI, DiVX, MP3, Ogg and just about every other media format known to man - except protected WMA.


    So if the exploit relies on dangling a "carrot" in the shape of some free pr0n if you download some licence into WMP, VLC won't protect you from yourself and doesn't offer comparable functionality.

  10. Re:It's like sun on your wedding day? by UWC · · Score: 4, Interesting
    All WMP versions that I've encountered through the current one have given a choice on whether to enable DRM at install. I've never tried installing with DRM enabled, so I don't know if it would request DRM on all files, or just makes sure to verify DRM on protected files, but with DRM turned off, I've not had a problem with playback of other files or portability of WMP-created media (e.g. CDs I've ripped to WMA. Yeah, I know, I should have used MP3 or Ogg, but CDex wasn't working for me at the time, and I was lazy; I've since rectified the transgressions).

    I wonder how long until you're no longer given the choice to opt out of DRM at install, though.

    --
    Honor Among Slackers. A veri
  11. Glad to see DRM is protecting digital rights by RLiegh · · Score: 3, Interesting

    When I first saw the story, I was afraid that hackers were somehow exploiting program flaws in media player that would give them unauthorised access, allowing them to install spyware.

    Instead, it turns out that DRM is simply doing it's job - protecting the digital rights on content providers by punishing those people who attempt to gain access to unathorised media.

    Here's my take, I'm pretty sure that I'll be safe wether I run linux or windows (I run both) since I am not ...wait for it... trying to leech other people's copyrighted material off of dodgy peer to peer networks!

    If you engage in pirating, you deserve the cannonball to your vessel; I, for one, feel no pity.

  12. won't work by tetromino · · Score: 2, Interesting

    If AOL would open the WinAmp source

    The problem is that Winamp (IIRC) uses DirectShow and standard Windows codecs for playing movies; WMP is also essentially a gui front-end for DirectShow. (It's just like Linux where you have xine-lib with its plugins, and all sorts of guis for it - xine-ui, kaffeine, totem etc). My guess is that the Windows Media DRM is implemented at the codec level or in the DirectShow pipeline, and not in the media player - otherwise, the DRM would be trivial to circumvent. The only real solution is a usable windows port of xine-lib or mplayer (even helixplayer would work, as long as it implements its own video pipeline).

  13. Hastening The Death Of The PC by blueZhift · · Score: 3, Interesting

    It occurs to me that this sort of thing is just going to hasten the death of the home PC as a media device. We've already seen the decline in the PC as a gaming platform relative to dedicated consoles in part due to ease of use issues. If I'm Jane user and just watching downloaded videos opens the door to hundreds of spyware apps and other nonsense, I'm going to stop using the PC for stuff like that if there's an easier to use alternative.

    The next generation gaming consoles may be ready to become the easy to use box in the living room that is easy to use and never gets infected by viruses or spyware. If this happens, home PC sales will plummet! Couple these boxes with HDTV and high quality sound systems and it's game over for the PC. Slashdotters may be able to cope with the nonsense, but most people are going to take the easy way out, especially if the price of admission is low. As for me, I'd love to see a really good web browser on Sony's PSP, then I could do my mindless surfing in the living room on a reasonably good display.

    --
    To the making of books there is no end, so let's get started
  14. I guess that explains that by AssFace · · Score: 4, Interesting

    I was in NYC on business at the end of last week. The owner of our company had me swing by his apartment while I was in town and he wanted me to setup a wireless network there - which I did.
    As part of the process I was tasked with fixing the 3 XP laptops that were "not working" or "too slow".

    Sure enough, I found that they all had spyware - but one had 52 viruses on it.

    The best part was that his wife (it was her laptop) said to me "oh that is odd because my IT person from work JUST scanned that two days ago - so I hardly think that I got 52 viruses in two days."

    I tried to be polite but essentially told her that she might want to look into getting a better IT person.

    One of the viruses that she had kept spawning instances of the media player and I couldn't figure out why... now I see why I guess.

    (technically some of the viruses were trojans/worms/spyware, so I guess I should just say "malware")

    --

    There are some odd things afoot now, in the Villa Straylight.
  15. Re:WMP-out by Koyaanisqatsi · · Score: 2, Interesting

    Why? You already have VLC, it's open source, multi-platform and plays a gazillion file formats

  16. Re:It's a bit like IE and activeX except.. by Master+of+Transhuman · · Score: 3, Interesting

    "opens the web page specified by the file's creator. This page is intended to help a content providers promote its products"

    In other words adware!

    WMP IS ADWARE AND SPYWARE BY MS'S OWN DEFINITION AND DESIGN!

    How much more obvious does it get?

    One could argue for MS products opening their own Web page for some reason, but some other random company's Web page? I could see providing a URL maybe, but actually going to the site without your permission?

    Tell me again MS doesn't want to control your machine!

    --
    Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
  17. Re:Simple rule of thumb by Technician · · Score: 1, Interesting

    The Microsoft Optical Wheel Mouse is a great product. You can't fuck up a mouse, though.

    Wanna bet?

    In the first release of the MS optical mouse, I bought one. I was fed up with skipping mice.

    Things went fine on my new computer install until I installed the mouse driver software..

    It was a new homebuilt computer still on the coffee table in the living room..

    EULA??? for a mouse.. yea right!!

    My mouse can't find my modem or Internet connection? WTF???

    I gave the mouse away and bought a Logitech optical instead.

    I quit buying any hardware that MS made unless it didn't require software drivers.

    --
    The truth shall set you free!
  18. /. readers not necessarily swayed by source by Anonymous Coward · · Score: 1, Interesting

    If AOL would open the WinAmp source, after it was examined by a horde of cranky Slashdotters bent on porting it to Linux, it would be at least believed to be less buggy than WMP.

    I'm not so sure that belief would necessarily follow:

    Final versions are available of the 100% open source Helix Player & RealPlayer 10 for Linux, with RealAudio & RealVideo 10 and MP3 support.

    Admittedly, this might have more to do with the vocal contingent who hate Real than /.ers who can/do read source and be swayed by it...