From Pine View Farm

Sony’s Rootkit, Still in the News 0

Texas and the EFF are suing:

The state of Texas and consumer activist group Electronic Frontier Foundation filed lawsuits Monday against the music giant, alleging that its copy-protected CDs violate laws against spyware and make computers vulnerable to attack.

But The Register doesn’t see any effect on Sony’s bottom line to date:

The only figure that matters – the bottom line – appears to be unaffected by the fiasco. CNet’s John Borland reports, and as retailers confirmed to The Register, that Sony hasn’t lost sales from popular titles infected with the notorious XCP copy-restriction technology.

The poorly written software leaves a PC wide open to hackers, and attempts to remove it can disable the CD drive. Sony Music reluctantly announced a recall and exchange program for XCP-infected CDs last week.

But the rootkit can be easily defeated:

Sony’s controversial DRM technology – which installs rootkit-style software when users play Sony BMG CDs on Windows PCs – can be defeated easily with nothing more than a piece of masking tape, security researchers have discovered.


Now analyst house Gartner has discovered that the technology can be easily defeated simply by applying a fingernail-sized piece of opaque tape to the outer edge of the disc. This renders session two — which contains the self-loading DRM software — unreadable.

So that (from the same story in El Reg) . . .

“After more than five years of trying, the recording industry has not yet demonstrated a workable DRM scheme for music CDs,” Gartner concludes.

But (still from the same story) . . . .

Placing gaffer tape on the edge of a CD may make it unbalanced and could cause damage to the disc or (worse) drive as it spins at high speed. A better option, as Reg readers point out, might be to disable Windows autorun.

If only Windows listened when we tried to turn off Autorun!

Meanwhile, Sony has given hackers a ticket to a gold mine:

Hacker websites are using Sony’s DRM uninstaller in an attempt to take over Windows PCs. Under pressure, Sony recently released a tool to remove the rootkit technology installed when users play Sony BMG CDs on Windows PCs. This happened after it was shown Sony’s DRM code (First4Internet XCP program) created a handy means for hackers to hide malware from anti-virus scanning programs.


Comments are closed.