Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sony Rootkit Phones Home

Posted by Hemos on from the the-on-going-saga dept.

strider44 writes "Mark from Sysinternals has digged a little deeper into the Sony DRM and discovered it Phones Home with an ID for the CD being listened to. XCP Support claims that "The player has a standard rotating banner that connects the user to additional content (e.g. provides a link to the artist web site). The player simply looks online to see if another banner is available for rotation. The communication is one-way in that a banner is simply retrieved from the server if available. No information is ever fed back or collected about the consumer or their activities." Also on this topic, Matt Nikki in the comments section discovered that the DRM can be bypassed simply by renaming your favourite ripping program with "$sys$" at the start of the filename and ripping the CD using this file, which is now undetectable even by the Sony DRM. You can use the Sony rootkit itself to bypass their own DRM!" Update: 11/07 14:21 GMT by H : Attentive reader Matteo G.P. Flora also notes that an Italian lawyer has filed suit against Sony on behalf of the Italian equivalent of the EFF. Translation availabe through the hive mind. Update: 11/07 15:18 GMT by H : It does appear that in fact Sony does see through the $sys$ - see Muzzy's comment for more details.

21 of 494 comments (clear)

  1. Ha Ha! by turnipsatemybaby · · Score: 5, Funny

    Somewhere in the distance, I hear Nelson shouting, "Ha ha!"

  2. Uh Oh by Honig+the+Apothecary · · Score: 5, Funny

    I smell a DMCA violation on the /. front page! Cue the Sony lawyers in 4..3..2....

  3. Re:I wonder... by sammy+baby · · Score: 4, Funny

    Depends on whether it still has minutes left on its plan.

  4. In Sony's Japan... by w.timmeh · · Score: 5, Funny

    DRM software bypasses... itself?! Wait...

  5. Brilliant marketing by Slashdiddly · · Score: 5, Funny

    I have to hand it to Sony marketing execs. Ordinarily they would be hard-pressed to sell even a few dozen copies of that CD. Throw in some DRM and now you have millions of geeks buying the CD trying to break it (or verify somebody else's claims of having broken it). That stuff is so good you can't even torrent it.

  6. 30 comments and no "ET Phone Home" one yet by xmas2003 · · Score: 2, Funny

    here 'ya go ... which raises an interesting question - what if ET tries to play a Sony CD - what is the timeout option for the "phone home" packet if the ping times are overly long?

    --
    Hulk SMASH Celiac Disease
  7. Sony sues... Sony ! by timlewis_atlanta · · Score: 1, Funny

    >>You can use the Sony rootkit itself to bypass their own DRM!"

    Isn't that a DMCA violation ? Sony had better do something about this by suing ... uh ... Sony.

    Apparently their new business model is something like this : (Cue Underpant Gnomes)

    1. Release rootkit into the wild, including ability for it to bypass your own copy protection.
    2. ?
    3. Sue self into oblivion. Wait, shouldn't item 3 be "Profit" ?

    1. Re:Sony sues... Sony ! by whathappenedtomonday · · Score: 1, Funny
      3. Sue self into oblivion. Wait, shouldn't item 3 be "Profit" ?

      No, better make item 3

      3.) recursion: n., see recursion

      This will keep them busy for years!

      --
      I hope I didn't brain my damage.
  8. Re:No information by jcr · · Score: 4, Funny

    And anything else the botnet operator who uses Sony's holes to own your machine wants to know.

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
  9. Re:"digged"? by Anonymous Coward · · Score: 1, Funny

    It's a perfectly cromulent word.

  10. Re:The market provides! by saltydogdesign · · Score: 3, Funny

    Yeah, let's demolish the entire system of law while we're at it -- I'm sure the market will provide something better.

    --
    // This is not a sig.
  11. It's Matti Nikki, by usv · · Score: 1, Funny

    you insensitive clod!

  12. Re:"digged"? by Anonymous Coward · · Score: 0, Funny

    Is proper English that hard?

    You must be new hear.

  13. Re:Also, First 4 Internet's rebuttle by Anonymous Coward · · Score: 0, Funny

    pedent

  14. Re:Also, First 4 Internet's rebuttle by plover · · Score: 2, Funny
    I dunno, I thought "The Buttles" sounded like a good name for a tribute band; perhaps to the Beatles, perhaps to the Rutles, or maybe to the Butthole Surfers.

    Either that, or "buttle" is what the guy in the tuxedo is doing when he brings a tray of cocktails.

    --
    John
  15. Re:The market provides! by aug24 · · Score: 2, Funny
    ...they can have my breadmaker when they pry it from my cold, dead, hands?

    ;-)

    J.

    --
    You're only jealous cos the little penguins are talking to me.
  16. Now I'd just love... by Vo0k · · Score: 4, Funny

    to see the kit added to major antivirus detection list.

    Trojan detected: WIN32.DrmSony.SPY@mm - Threat: medium; class: Spyware, Rootkit, OS-damage.
    Known to cause CD drive malfunction, secretly uploads third party data, prevents certain userspace programs from running, hides from the OS, installs itself without user consent.
    OS infection prevented.
    Warning: E:\ Volume is Read-Only. The virus cannot be removed (cause: Data written to non-erasable CD.)
    Recommendation: Back up all non-infected data from the medium by re-burning it to a new blank CD, destroy infected disk.

    --
    Anagram("United States of America") == "Dine out, taste a Mac, fries"
  17. Re:Also, First 4 Internet's rebuttle by dylan_- · · Score: 5, Funny
    "Rebuttle" is not a word. Neither is "Buttle". It's "Rebuttal". Look it up
    Actually, "buttle" is a word. It means to pour out drink (it's a back-formation from "butler"). Therefore "rebuttle" is obviously to refill someone's glass. Or something. Ahem.
    --
    Igor Presnyakov stole my hat
  18. sign here... by Thud457 · · Score: 3, Funny

    No, this is some horrible mistake! I think the man you really want is Harry T uttle

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  19. the spice MUST flow! by Thud457 · · Score: 3, Funny

    Don't they need rye bread to breed the ergot that fuels the management / marketing team?

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  20. Re:cnet has a intresting article by IDontAgreeWithYou · · Score: 5, Funny

    I emailed this post to your english teacher. She's dead now. Are you happy?

    --
    Finding other idiots on /. that agree with your opinion doesn't make it any less stupid.