Slashdot Mirror


Sony DRM Installs a Rootkit?

An anonymous read writes "SysInternals.com guru Mark Russinovich has a detailed investigation of a rootkit from Sony Music. It's installed with a DRM-encumbered music CD, Van Zant's "Get Right with the Man". (Mmmm, delicious irony!) The rootkit introduces several security holes into the system that could be exploited by others, such as hiding any executable file that starts with '$sys$'. Russinovich also identifies several programming bugs in the method it uses to hook system calls, and chronicles the painful steps he had to take to 'exorcise the daemon' from his system." This house is clear.

7 of 801 comments (clear)

  1. Didn't Notice? by KidHash · · Score: 4, Funny

    Not that this makes it better in any way, but I liked how he said

    I hadn't noticed when I purchased the CD from Amazon.com that it's protected with DRM software, but if I had looked more closely at the text on the Amazon.com web page I would have known

    followed by a picture of the amazon web page in question with [CONTENT/COPY-PROTECTED CD] clearly visible in massive letters.

  2. Re:In democratic america... by nmb3000 · · Score: 4, Funny

    i don my tinfoil hat and robe...

    Wow, a tinfoil hat and robe! When do the pants and underwear come in? :)

    However when you said "hat and robe", my first thought was of Bloodninja's cyber adventures.

    --
    "What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
    /)
  3. *phew* by Alan · · Score: 5, Funny

    I'm glad I get my music off of p2p networks and don't have to worry about trojans and rootkits and that evil hacker stuff!

  4. Re:My question: by Anonymous Coward · · Score: 5, Funny
    > It's beyond absurd that a company of Sony's size would allow a piece of software to appear on any of its products without Sony having tested the hell out of it first.

    You never played Star Wars Galaxies, did you?

  5. Re:Sony is protected by the DMCA by br0ck · · Score: 4, Funny

    Suing them IS trying to remove it, so suing them invokes the DMCA.

  6. Legal Precedent in other forms by istartedi · · Score: 4, Funny

    If I kill you to prevent you from killing me, killing you is self defense and not a crime. Seems reasonable that if I kill Sony's process to prevent it from stealing my ID that it's self defense and not a crime. The DMCA is one of those laws that is so out of whack, nevermind the US Constitution. It probably violates Brittish common law, the Magna Carta, and if you look hard enough it probably violates the code of Hammurabai and the social order of primitive hunter-gatherer cultures too.

    --
    For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
  7. This is GREAT! by thetaco82 · · Score: 4, Funny

    So you're telling me that if I prepend a file name with "$sys$" it will be nearly undetectable? Finally! An easy and effective way to hide my pr0n. I can't wait to buy this CD