PDA

View Full Version : Sony Music CDs infect Windows PCs when played!



towsonu2003
November 2nd, 2005, 06:32 PM
Very insteresting stuff... Posting to attract MS Windows admirers' attention further to this...

Rename something.txt to $sys$something.txt and watch it dissapear, if you are infected in your Windows PC. Test it in your work PC as well :)

here is the news (Slashdot):
"An anonymous read writes "SysInternals.com guru Mark Russinovich has a detailed investigation of a rootkit from Sony Music. It's installed with a DRM-encumbered music CD, Van Zant's "Get Right with the Man". (Mmmm, delicious irony!) The rootkit introduces several security holes into the system that could be exploited by others, such as hiding any executable file that starts with '$sys$'. Russinovich also identifies several programming bugs in the method it uses to hook system calls, and chronicles the painful steps he had to take to 'exorcise the daemon' from his system." This house is clear. "
From: http://it.slashdot.org/it/05/10/31/2016223.shtml?tid=172

Here is the second part of it:
http://yro.slashdot.org/yro/05/11/02/1421250.shtml?tid=233&tid=17

I'm pretty sure this will get very popular among other companies as well.

Discussion in ubuntu forums at:
http://www.ubuntuforums.org/showthread.php?t=85092

Dr. Nick
November 2nd, 2005, 07:46 PM
I heard about this, Apparently no mention in the EULA either, I wander if they do similar with DVDs?

I would say this would help get some people off of windows, but I doubt the cd would work in linux since apparently it only plays using the propriteary sony player included on the cd which appears to be garbage.

As if windows users didnt have enough to worry about already with the rootkits going around AOL IM, also I read an article on malware here http://www.channelregister.co.uk/2005/11/01/october_virus_chart/
it says that 1 in 60 emails is infected with something.

The fact that a major (sometimes respectable) company like sony would pull off a stunt like this is sad. What possible benefit could come from this crap? Sure you may be trying to limit p2p but your going to tick off your customers who in-turn will want to hurt you more.

Also the fact that viruses could exploit this very easily is scary, Imagine sony being responsible for opening up an easy whole for viruses to exploit, The hardest part about viruses is geting them into a system, well sony could have just made that very easy for virus creators ; who now have more free time to write new variants that could be very dangerous and carry a heavier payload.

Sheesh this little rant has more behind it then just sony, they are just the icing on the cake for me :)

Im glad I dont like any of the artist on their label to begin with, Image the implications of this, what if artist pulled out of sony due to severly ticked off fans? Then What?

Brunellus
November 2nd, 2005, 07:59 PM
c'mon be serious.

The success of spyware is a testament to how little people really care about what's going on inside their computers. What makes you thinkt that the discovery of yet another piece of malware is going to get them mad enough NOT to buy pop music from Sony?

That's right. It isn't.

Mr. Electric Wizard
November 2nd, 2005, 08:07 PM
Here is another thread on this site talking about this BS:
http://www.ubuntuforums.org/showthread.php?t=85092

Dr. Nick
November 2nd, 2005, 08:07 PM
c'mon be serious.

The success of spyware is a testament to how little people really care about what's going on inside their computers. What makes you thinkt that the discovery of yet another piece of malware is going to get them mad enough NOT to buy pop music from Sony?

That's right. It isn't.

True, I admit I may have been exagerated some, But definately those in tech circles may get annoyed. The bad part about all this is that people are PAYING to get spyware now, before it was usually confined to freeware applications, And XP if you consider some of it spyware.

I do agree that some people dont care about what goes on inside their computers thus spyware is rampant, but I would expect these tactics by some small company , not a massive media giant. I doubt this will be enough to change anything but if they are not stopped now ,when will they stop? How far will they go?

Dr. Nick
November 5th, 2005, 10:54 PM
Hehe.

Didnt take long for the practical uses of this to show :)

http://www.channelregister.co.uk/2005/11/04/secfocus_wow_bot/


Want to cheat in your online game and not get caught? Just buy a Sony BMG copy protected CD.

.. I dont condone this, just find it humorus :p