Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sony DRM Installs a Rootkit?

Posted by ScuttleMonkey on from the slice-of-privacy-pie dept.

An anonymous read writes "SysInternals.com guru Mark Russinovich has a detailed investigation of a rootkit from Sony Music. It's installed with a DRM-encumbered music CD, Van Zant's "Get Right with the Man". (Mmmm, delicious irony!) The rootkit introduces several security holes into the system that could be exploited by others, such as hiding any executable file that starts with '$sys$'. Russinovich also identifies several programming bugs in the method it uses to hook system calls, and chronicles the painful steps he had to take to 'exorcise the daemon' from his system." This house is clear.

23 of 801 comments (clear)

  1. Didn't Notice? by KidHash · · Score: 4, Funny

    Not that this makes it better in any way, but I liked how he said

    I hadn't noticed when I purchased the CD from Amazon.com that it's protected with DRM software, but if I had looked more closely at the text on the Amazon.com web page I would have known

    followed by a picture of the amazon web page in question with [CONTENT/COPY-PROTECTED CD] clearly visible in massive letters.

  2. Like unto a virus by Shadow+Wrought · · Score: 2, Funny

    Man, Sony'll do anything to make sure your system has their Cell in it.

    --
    If brevity is the soul of wit, then how does one explain Twitter?
  3. Re:In democratic america... by nmb3000 · · Score: 4, Funny

    i don my tinfoil hat and robe...

    Wow, a tinfoil hat and robe! When do the pants and underwear come in? :)

    However when you said "hat and robe", my first thought was of Bloodninja's cyber adventures.

    --
    "What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
    /)
  4. This is as good as... by elgee · · Score: 3, Funny

    Getting a cockroach with my just purchased pizza.

  5. *phew* by Alan · · Score: 5, Funny

    I'm glad I get my music off of p2p networks and don't have to worry about trojans and rootkits and that evil hacker stuff!

  6. More evidence of rooting by ferretous · · Score: 1, Funny

    No no no no no - lets get this right - rootkits only permit you to root a *nix system. On Windoze systems, the System Administrator is already rooted.

  7. Re:My question: by Anonymous Coward · · Score: 5, Funny
    > It's beyond absurd that a company of Sony's size would allow a piece of software to appear on any of its products without Sony having tested the hell out of it first.

    You never played Star Wars Galaxies, did you?

  8. Re:OS's fault by sulli · · Score: 3, Funny

    Exactly. Also, never autorun CDs.

    --

    sulli
    RTFJ.
  9. Re:In democratic america... by Anonymous Coward · · Score: 1, Funny

    Excellent idea. I already submitted my email stating that I won't support the band (what's their name again?) anymore.

  10. Re:Sony is protected by the DMCA by br0ck · · Score: 4, Funny

    Suing them IS trying to remove it, so suing them invokes the DMCA.

  11. Re:In democratic america... by Anonymous Coward · · Score: 2, Funny

    congrats for catching the joke, you genius you!

  12. Legal Precedent in other forms by istartedi · · Score: 4, Funny

    If I kill you to prevent you from killing me, killing you is self defense and not a crime. Seems reasonable that if I kill Sony's process to prevent it from stealing my ID that it's self defense and not a crime. The DMCA is one of those laws that is so out of whack, nevermind the US Constitution. It probably violates Brittish common law, the Magna Carta, and if you look hard enough it probably violates the code of Hammurabai and the social order of primitive hunter-gatherer cultures too.

    --
    For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
  13. Wait wait WAIT by Pichu0102 · · Score: 2, Funny

    Norton actually REMOVES viruses?!
    The sounds like something the National Enquirer would do a story on. "Norton Actually Removes Viruses instead of just showing you you're infected!"

  14. Most likely... by CupBeEmpty · · Score: 2, Funny
    I think it's far more likely that Sony knew what this software did, and chose to distribute it anyway. This could have been a result of incompetent testers, poor communication between QA and management, overbearing management anxious to get a product out on a strict deadline, or any number of other things.

    It is most likely that this is actually an elaborate ploy to ruin the lives of Van Zant fans by die hard Lynrd Skynrd fans.

  15. Re:Sony is protected by the DMCA by bahgheera · · Score: 1, Funny

    I can disable a copy protection system on my own computer What makes you think its your computer?

    --
    Hands down the illest ventriloquist this side of the Mississippi River, Hah!
  16. Re:My question: by trime · · Score: 2, Funny

    Is that you Jack?

  17. this would be some great TV... by foQ · · Score: 3, Funny

    I wonder what would happen if somebody brought a small claims court case based on this...

    [waves fingers in front of face Wayne's World style]

    Judge Judy: So I understand that this man's company facak'ded up your computer? And it cost you 600 meshugena dollars to get it fixed?
    Random Dude: Yes, your honor. I bought some lame ass CD that Sony price gouged me for (they have DJs to pay off you know) and when I put it into the CD drive on my Sony laptop, the drive stopped working and the computer didn't function properly. I went to my local Sony authorized dealer to have my computer serviced, but they weren't able to fix it. Since they said it was a software issue and not covered under the warranty, they charged me $200 (they have call centers to outsource you know). So then I was going to reload Windows XP, but my Sony laptop didn't come with the original CD (they have Politicians to bribe you know). So that set me back $400 for a new copy.
    JJ: That is unconscionable. What is your side of the story?
    Howard Stringer (CEO of Sony): He forgot to mention that we sued his kid brother for having music on the computer.
    JJ: You, sir, are below slime. I find for the Plaintiff.

    Or if it was on Texas Justice:
    Larry Joe Doherty: Hey boy! I hear this guy cost you some mucho dinero 'cause of your computer or something?
    [same as above, but with a different end]
    LJD: Give that boy his $600! Now come sit in this chair and put this hat on!

    The same scenario on Judge Joe Brown:
    Joe Brown: I'm from the streets, but I've never heard of this scam. Tell me how it went down.
    [yadda yadda from above]
    [the judge sticks a shiv in the CEO and then hands the wallet to Random Dude]
    JB: Case dismissed.

    And on Night Court:
    Harold T. Stone: $50 and time served...and Dan will fuck your wife and sister while Bull pulls out your arms and beats you with them.
    [the judge disappears in a puff of smoke]

  18. Re:Sony is protected by the DMCA by arminw · · Score: 2, Funny

    ....When you put what you think is an audio CD in your CD ROM drive and click on the drive icon,....

    On a Mac, when you put an audio CD in the drive, iTunes opens and you get music. If there were some Mac version of a rootkit installer malware on a DRM-ed CD you would get a window asking for a password, but ONLY after clicking on the installer's icon. There is absolutely NO way to install such crap on a Mac by simply clicking on the CD disk icon or merely putting a CD in the drive. Only after giving the admin password would such garbage be able to install. Around here, none of the users know the admin password. I would fault the insecure Windows OS for a) autorunning the software on a CD and b) for allowing users write access to the deepest system internals without the slightest warning or notice. If Windows were more secure, such dastardly exploits would be a lot harder, although not impossible, since stupid users that know the admin password would likely type it in. Still for a commercial company to stoop to such tactics is abominable and probably skirts the edges of the law.

    --
    All theory is gray
  19. This is GREAT! by thetaco82 · · Score: 4, Funny

    So you're telling me that if I prepend a file name with "$sys$" it will be nearly undetectable? Finally! An easy and effective way to hide my pr0n. I can't wait to buy this CD

  20. Re:the big guys take punches like candy... by DigitalEntropy · · Score: 2, Funny

    Good point, and in that case I rescind my offer to copy and distribute. The thousand pieces thing is still happening.

    --

    Thank you for reading One Man's Opinion. No participation necessary. Offer void where deemed by law or PATRIOT Act.
  21. Re:My question: by idlake · · Score: 2, Funny

    And nobody at Sony bothered to vet a piece of software that was destined to be shipped with millions of CDs?

    They did--by putting it on one of their releases. Releasing a single CD just isn't a big deal to these people. And it's done by the music division, which probably has even less experience with software than the rest of the company.

    It's beyond absurd that a company of Sony's size would allow a piece of software to appear on any of its products without Sony having tested the hell out of it first.

    From your remark, we must conclude that you have never owned a Sony camera, laptop, or PDA.

  22. No, it's not DRM or a rootkit by GoatSucker · · Score: 2, Funny

    This is NGTCB. The submitted obviously hasn't been keeping up with Newspeak. Don't worry, I've already reported them to Minitrue.

  23. New from Sony... by Anonymous Coward · · Score: 1, Funny

    My First RootKit!