Slashdot Mirror
Sony Rootkit Phones Home
strider44 writes "Mark from Sysinternals has digged a little deeper into the Sony DRM and discovered it Phones Home with an ID for the CD being listened to. XCP Support claims that "The player has a standard rotating banner that connects the user to additional content (e.g. provides a link to the artist web site). The player simply looks online to see if another banner is available for rotation. The communication is one-way in that a banner is simply retrieved from the server if available. No information is ever fed back or collected about the consumer or their activities." Also on this topic, Matt Nikki in the comments section discovered that the DRM can be bypassed simply by renaming your favourite ripping program with "$sys$" at the start of the filename and ripping the CD using this file, which is now undetectable even by the Sony DRM. You can use the Sony rootkit itself to bypass their own DRM!" Update: 11/07 14:21 GMT by H : Attentive reader Matteo G.P. Flora also notes that an Italian lawyer has filed suit against Sony on behalf of the Italian equivalent of the EFF. Translation availabe through the hive mind. Update: 11/07 15:18 GMT by H : It does appear that in fact Sony does see through the $sys$ - see Muzzy's comment for more details.
What happens if it phones home with a really big packet?
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
"No information is ever fed back or collected about the consumer or their activities."
Other then your IP address, date and time it's connected to the net, the CD you're listening to, how often you listen to it...
Is it the game of working out ways to piss off Sony by circumventing their crappy DRM?
Most ony customers care little for this Sony solution. My 12 year old sister doesn't seem to care one bit. Sony has the "right" to provide this feature as you're not being forced to buy it.
You're responsible for checking out a product before buying it. I won't buy any music ROM disc that doesn't have the "CD" certification logo, unless it is from an indie band. I still rip eve y CD from a CD player with an optical out into my PC. Safety first.
You obviously never read the original article. Sony didn't advertise in any way shape or form that this was on the CD, so even you wouldn't have been able to "check out" the product before buying it!
Of course, this presumes that the product and the producer don't take active steps to deceive the consumer, and presumes a technically-sophisticated consumer capable of analyzing the technology involved. Your idealistic scenario kind of falls flat when it runs into the real world.
...phil
"For a list of the ways which technology has failed to improve our quality of life, press 3."
Stop voting in the booth, vote in the checkout aisle.
You know as well as I do that if you don't do the bidding of the right people, you won't find yourself with any "shelf space". Its white bread or wheat bread, anything else is illegal. Feel free to vote in the checkout aisle, just don't complain to anyone when your rye bread is nowhere to be found.
These copy protection schemes are NEVER goign to work as long as the content is still available to play on regular cd players. Even if it's not, it will be hacked as long as some hacker thinks it might be an amusing way to spend an afternoon.
why are sony SO unbeleivably stupid as to think otherwise. They must be wasting hundreds of thousands of pounds on this utterly useless rubbish, that even the least technical of people can bypass.
These things are so childish no hacker would even bother with them, as stated this one even defeats itself!
It only takes one breach to distribute a copy, why piss off thousands of genuine paying clients?
The mind boggles, the only people winning are the copy protection companies living happy lives doing nothing but ripping Sony off.
aren't they supposed to do maketing studdies on things before release?
maybe employ a 16 year old to independantly test the schemes for them rather than taking the word of the people selling them this rubbish
(I'd have said 10 year old but it wouldn't be legal)
revenue lost to purchasing clients who will have to return product as it wont run. $X,0000
revenue lost to potential clients who will be scared off buying in the first place. $Y,0000
estimated reputation damage to company. priceless.
estimate of no. of pirated copies prevented. ZERO.
So you can use their own rootkit to bypass their own DRM. And exactly what level of control do you even have at the point where you are screwing with a rootkit to rip CD's on your own computer?
I hope Microsoft is paying attention here, because this could set an EXTREMELY bad trend here. Why do we have these "certified" drivers? Because a lot of them were crap. Now we have software injecting stuff directly into the OS. I can't say this is going to help MS in the security and stability department.
AFAIK, the rootkit is the only protection on this CD. As they admit, it looks like a normal CD to an Apple computer - and, of course, to a Linux computer. And, for that matter, to a Windows computer with Autorun disabled... I do enjoy a truly pathetic copyrestriction system, don't you?
Real Daleks don't climb stairs - they level the building.
Matt Nikki in the comments section discovered that the DRM can be bypassed simply by renaming your favourite ripping program with "$sys$" at the start of the filename and ripping the CD using this file, which is now undetectable even by the Sony DRM. You can use the Sony rootkit itself to bypass their own DRM!"
All I've seen from people on this issue are ways to get around the DRM. Yes, there are MANY ways to get around it, audio line-out to a DAT or an iPod, using linux, a mac, CDex, Audiograbber, Audiohijack-pro...
But that is all just retarded, if you're buying this CD and you use it as Sony want you to use it, it is NO different than if you buy the CD and rip it with some workaround. Sony don't SEE a difference. The MP3s will be on DC++ anyway, it's not like they will lose sales to people ripping it for their iPods or whatever.
And if you do buy the CD, (regardless of wheter you rip it or not) you have just voted. Corporations are the Governments of today and with your purchase you vote. And buying any content protected CD regardless of what you do with it is a VOTE to Sony that DRM is acceptable to you. And that means next time it won't be some crappy nobody C&W CD that is taking over your PC, it'll be the big Sony acts. And then the big EMI acts and WB acts and so on.
Vote with your cash, buy non-DRM encumbered CDs or else just steal it. I'd prefer to take the moral issues and risk of stealing rather than just be Sony's bitch and install their shitty rootkit on my computer.
If it installs this rootkit through autorun when you put the CD into your Windows machine, how is this any different from a worm? Just because it isn't spread through the internet doesn't change the fact that it is a virus.
Sig: I stole this sig.
What's the goal here? To stop the people who buy CDs and rip copies for a few friends... by driving everybody to rely on safer online distribution exclusively?
Ah, but you didn't say illegal, you said wrong. The equation of the two is perhaps the greatest threat to liberty in the modern world.
Real Daleks don't climb stairs - they level the building.
If you care about this, then don't buy Sony games, music or movies. If you don't care about DRM and spyware issues then by all means go out and buy more product from them.
Is sending a clear message that you will not tolerate corporate abuses worth going a few months without shelling out $18 for a CD that has two decent tracks on it?
Accept nothing less - the public firing of the VP who oversaw the department that gave the green light to this - or no purchase of any Sony game, music or movie.
Personally I don't think enough people value unhacked systems enough to make the sacrifice. My prediction is that Sony will essentially get away with it, may have their insurance company pay a few settlement checks, and make a better attempt next time around. Or simply write enough checks to MS to ensure that the DRM is included in the Colonel (weak joke about a police state... sorry). And write enough checks to Motorola and Intel to make sure that DRM is included at the chip level. And write enough checks to US Senators to make sure that the law will back them up next time.
Again, the only recourse is to refuse to buy Sony products until a VP is fired. Nothing else will work.
If the g'vt kept the data on you that google does you'd better believe you'd be calling it "doing evil"
Isn't it a problem if you can't read the EULA before buying the product? And since you unpacked the CD you are actually stuck with it.
This is totally insecure, but very convenient.
Isn't the solution pretty simple? Anyone surprised that Sony is pulling shit like this? They're one of the major members of the RIAA, MPAA, CRIA... Don't be a stupid consumer -- it's ridiculous to both spend your money on something that upsets you, only to get upset more. Warn your family against Sony products
The way I heard it, it sounded like it was copying itself from the CD to the machine without the users consent. I assumed this would be called a virus as it is replicating itself. Maybe trend micro's quiz didn't educate me very well
After finding more information about it, it sounds as if it blocks programs from accessing the CD drive that are in sony's list.
Step 1: Rename your Windows Server App to ITUNES3.EXE
Step 2: Put all the config files for that server app on a CD
Step 3: Insert Sony music CD into secondary drive
Step 4: The DRM that installed itself without your consent crashed your mission critical server. Sony is liable!
Step 5: ???
Step 6: Profit!
Sig: I stole this sig.
This "rootkit" doesn't even have to be present now that the virus/trojan/spyware writers know it is possible. Re-implementing this feature would just be one of the first steps of installation. Shouldn't people be demanding a fix for this from Microsoft?
Edward Burr
Having a smoking section in a restaurant is like having a peeing section in a swimming pool.
Lets stop pretending that retailers allow you to return CDs.
1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcf
Perhaps, but I'd guess that this cd would pass the tests and get the mark because it plays in everything except a windows pc w/autorun (and only then because their shitty software breaks your machine)
That said, it is a damn sleazy thing to do - both in terms of screwing the people who buy the CD and in terms of the decision to purchase this (ultimately useless) DRM.
Apparantly a lot of the higher ups in this DRM company also have high level positions in Sony. Would anyone here be surprised if any of the execs at the DRM company received bonuses around the time period that Sony chose their DRM?
If this is given enough public attention, perhaps shareholders may get pissed.
1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcf
Btw, Since distracting CD-ROM functionality by randomizing the signal a little seems to be "OK", you can expect the record companies to target P2P apps with future DRM systems. If it's OK to screw your system and ripping software, it's going to be ok to screw your p2p if they think you're sharing their stuff. This kind of malware along with DRM is a slippery slope, and you'll never know where it ends if you tolerate it even a little.
-- Matti Nikki
No I didn't. I entered into a contract for sale of goods with the record store, the terms of which were that I handed over some cash and they handed over a CD. That contract was fulfilled to the satisfaction of both sides. I have no other contractual obligations of any kind.
Real Daleks don't climb stairs - they level the building.
Now, I didn't buy that CD (or any others in the last five or six years) but if I had, I'd like to see where the terms and conditions of the contract that I SIGNED AND AGREED to are. If they are available for viewing BEFORE I make the purchase AND they explicitly indicate everything that Sony is allowed to do to my computer if I choose to put it in my computer, then you have a point. If not, then it is nothing more than a con, equivalent to me mailing you a letter that you open to see "the act of opening this letter means you agree to give me all your worldly assets, and none of your debts". If you feel Sony isn't WRONG, then you'd better fork over everything you own when you get that letter, because it's the same thing. Now, if I posted "the act of opening this letter means you agree to give me all your worldly assets, and none of your debts" and you open it, well, that's fair game because you had the option, and if you weren't a dumbass, you wouldn't open it. That's the difference. Sony is not providing OUTSIDE of the purchase the terms and conditions that you are claiming binds the purchasor, and Sony is NOT refunding your money if you disagree with what you find inside.
Microsoft has simply created an unbelievable amount of ill-will and lack of trust in me.
This article is about Sony and their creation of ill-will and lack of trust, not Microsoft. Yes, yes. Sony's rootkit is designed for windows, autoplay, etc and so on, but you really can't blame Microsoft in this case. It is just as possible to create a rootkit for any Macintosh or Linux machine, they just haven't because most of their customers use windows.
As for autoplay being a bad idea, it is and it isn't. I remember back when autoplay was first introduced (I can't beleive it was 10 years ago) the whole idea was that you would buy a product from the store, insert it into your computer, and bam, you're off. I remember thinking it was a pretty cool idea at the time, although only one program actually did it as cool as the Microsoft commercials, SimCity 2000. (You would insert the CD-ROM, and then play the game, w/out installation). While in retrospect it wasn't the best idea security-wise (at least without some sort of warning), I would be sad to see autoplay completely dissapear, since I'm lazy and enjoy my computer anticipating what I want it to do.
Everybody in industrialized nations will always have access to more than enough medium for their brains to drown in. Money made directly from the sale of media, is in this case, a secondary concern.
The only things people might have a more difficult time gaining access to in our DRM future are positive, un-tainted messages. Though with choice and intent, people can find those easily enough as well.
So don't sweat the reverse psychology; we'll still all be able to listen to the next pop star with relatively little trouble. --In fact, as per usual, it will probably take a degree of concentrated effort to avoid whatever dark-side, soul-draining message of slavery is being broadcast.
"Hit me Baby, one more time."
Ugh. The stuff is like nuclear fall-out. Destructive and near impossible to avoid.
-FL
I do have to agree with your comments. I agree that other OS's can have software added in bad ways. What I would prefer to see is that the OS's that I run, never allow any install to occurr without me personally OKing the operation. Maybe that would be obtrusive, but that is what I would wish.
But what I do object to in MS Windows is the concept that Microsoft has designed their "system" with the input from their 'strategic partners' like Sony, to allow these sorts of things which have happened, which is basically designing an OS to be primarily setup behind the scenes away from the user, such that the OS is at the beck and call of Microsoft and its partners. Microsoft is thus responsible for this mess, at the 'root' of the problem. They thus deserve my dissing and scorn. They have caused a LOT of wasted hours out of my life that should never have ocurred.
This attitude has caused an incredible amount of harm on so many levels that I am surprised some enterprising attorney has not filed a suit against Microsoft and tried to get class action status to represent all individual Windows users.
What sort of "legitimate application" needs to be hidden using a rootkit? What sort of definition of legitimate are they using, anyway?
Second favorite part:
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
In the past, while working on a friend's infected laptop, cleaning out malware, I took down the names of some of the installed junk, and in frustration, I reinstalled the OS, and created 0-byte files with the same names as the spyware files, then I set them to read-only, and permissions only to the SYSTEM and a dummy admin user account. For the past year or so, she hasn't had nearly as many episodes of needing me to clear off her system. Part of that may be because of the copy of Spybot Search and Destroy, Norton, and the fact that she now uses Firefox.
But creating an 0-byte Aries.sys stub, making it read-only, may prevent the installation of the real-deal.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
Just my luck, when I make it to slashdot it's something I've analyzed wrong. I tested to rename my ripping software to begin with $sys$ and it ripped it fine, but apparently something else was the deciding factor. I can't reproduce that effect!
Too late. This is the kind of falsehood which will become true merely by repetition. It is too good a story not to tell. You will see it repeated over and over on site after site. Occasionally people will try to follow up with corrections but they will never get the attention that the original false report got.
"A lie can travel halfway around the world while the truth is still putting on its shoes." - Mark Twain