Good thing I never liked Sony to begin with; I might have already become a victem of their childish scheme...However I doubt I ever will be, seeing as I don't buy CDs anyway http://news.bbc.co.uk/2/hi/technology/4427606.stmVirus writers are exploiting Sony's controversial anti-piracy software to hide their malicious creations.
http://www.washingtonpost.com/wp-dyn/co ... 00632.htmlSony to Stop Controversial CD Software
By Ted Bridis
The Associated Press
Friday, November 11, 2005; 2:02 PM
Stung by continuing criticism, the world's second-largest music label, Sony BMG Music Entertainment, promised Friday to temporarily suspend making music CDs with antipiracy technology that can leave computers vulnerable to hackers.
Sony defended its right to prevent customers from illegally copying music but said it will halt manufacturing CDs with the "XCP" technology as a precautionary measure. "We also intend to re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use," the company said in a statement.
The antipiracy technology, which works only on Windows computers, prevents customers from making more than a few copies of the CD and prevents them from loading the CD's songs onto Apple Computer's popular iPod portable music players. Some other music players, which recognize Microsoft's proprietary music format, would work.
Sony's announcement came one day after leading security companies disclosed that hackers were distributing malicious programs over the Internet that exploited the antipiracy technology's ability to avoid detection. Hackers discovered they can effectively render their programs invisible by using names for computer files similar to ones cloaked by the Sony technology.
Sony's program is included on about 20 popular music titles, including releases by Van Zant and The Bad Plus.
"This is a step they should have taken immediately," said Mark Russinovich, chief software architect at Internals Software who discovered the hidden copy-protection technology Oct. 31 and posted his findings on his Web log. He said Sony did not admit any wrongdoing, nor did it promise not to use similar techniques in the future.
Security researchers have described Sony's technology as "spyware," saying it is difficult to remove, transmits without warning details about what music is playing, and that Sony's notice to consumers about the technology was inadequate. Sony executives have rejected the description of their technology as spyware.
Some leading antivirus companies updated their protective software this week to detect Sony's antipiracy program, disable it and prevent it from reinstalling.
After Russinovich criticized Sony, it made available a software patch that removed the technology's ability to avoid detection. It also made more broadly available its instructions on how to remove the software permanently. Customers who remove the software are unable to listen to the music CD on their computer.
pwnedJMEaT wrote:Malowned
Don't count on getting much back even if you do join up in the class-action. Most of the money will end up in the lawyers pockets.DCrazy wrote:I bought the Foo Fighters' latest album (which is copy-protected) just before this whole thing broke. I don't run Windows so I wasn't affected by any of this copy-protection stuff, but I hope that it has the offending program on it so I can join a class-action lawsuit.
Damn straight. When Microsoft Update kicks your ass, you know you're screwed.Darkside Heartless wrote:pwnedJMEaT wrote:Malowned
By M$ too, that's gotta hurt.
And as you read farther along in this forum, you see that once you 'Agree' (sic) to install Sony's DRM (there's no 'I Disagree' button it appears), you are captive to it FOREVER! There's appears to be no (legal) way out, even if you wanted to uninstall and give the CD back to Sony.While most vendors have determined that the "aries.sys" rootkit is a threat because of exploitations, it is SOLELY this aries.sys file that is being removed, in order to "uncloak" any file which takes advantage of the rootkit's ability to hide ANY file which contains "$sys$" in its filename or its registry entries. However, any other files that are part of this "Digital Rights Management" collection have been placed "off limits" by ALL vendors, including Microsoft. NO vendor has stepped up to the plate and offered to completely eliminate these contents. And it is incredibly difficult to do so without system damage.
And Sony's rootkit -- designed to stop copyright infringement -- itself may have infringed on copyright. As amazing as it might seem, the code seems to include an open-source MP3 encoder in violation of that library's license agreement.
h0h0!Sarge wrote:This is getting juicy now.... I thought this part particularly interesting.
And Sony's rootkit -- designed to stop copyright infringement -- itself may have infringed on copyright. As amazing as it might seem, the code seems to include an open-source MP3 encoder in violation of that library's license agreement.
http://www.wired.com/news/privacy/0,184 ... _tophead_2
Would someone please let me know if this really works? I'm not sure if it really is detecting it or not so someone that really does have this 'virus' needs to let me know.
The "rootkit" indeed hides the uber-secret "$sys$filesystem" folder, which is a subfolder of the WINNT (NT and 2000) or WINDOWS (XP) "SYSTEM32" folder. The rootkit sadly, is UNABLE to hide itself from being accessed directly from a COMMAND PROMPT (found in the start menu/programs/accessories list).
So for chuckles, I opened a COMMAND prompt. I then went (on an XP box, NT and Win2000 would be a WINNT rather than WINDOWS) ...
CD\WINDOWS (enter)
CD SYSTEM32 (enter)
CD $sys$filesystem (enter)
Low and behold, on a machine infected by this, I got a PROMPT with $sys$filesystem present! (on an UNinfected machine, you'd get an error of "not found." Surprisingly, it let me HAVE it!) If this directory doesn't show, then you're NOT infected! You're finished right here.
Code: Select all
C:\>cd winnt
C:\WINNT>cd system32
C:\WINNT\system32>cd $sys$filesystem
The system cannot find the path specified.
C:\WINNT\system32> :-D yaaayhttp://www.theregister.com/2005/11/23/s ... questions/How many corporate, government, military, and scientific organizations will ban the use of any Sony CD now on any machine connected to their networks?
I've already sent out an email to everyone where I werk forbidding Sony (and SunnCom) CDs from being played along with the list of the 53 titles listed by Sony as having this DRM.# How would those corporate, government, and scientific organizations have reacted if a group hostile to American interests had engaged in the same security violations practiced by Sony?
