The Inq is reporting on a sysinternals article about malware being installed by Sony's DRM protected Audio discs.

It installs cloaked malware on a windows PC running it, it is immensly hard to remove and there are already working exploits out there against PC's infected with this software.

Apparently, Virus scanners are not picking it up because the Anti-virus companies are working *with* Sony on this.

http://www.theinquirer.net/?article=27426

This kind of stuff is the best reason to use Free Software. Imagine this, your legally bought virusscanner has been programmed to ignore malware from another product you legally bought.

Scary stuff, but Linux users are still safe from this kind of attack.

I just saw this issue has been posted before. The inq's new articles is an interesting read though. It does a point-to-point reply to Sony's FAQ on this (weaseling their way out).

sony also released a program that will remove every bit of the rootkit from your system. shouldn't really effect anyone here anyway, right guys? :D

the program is only available to people who enquire about it specifically. The world is upside down; to get flagrantly malicious software off your computer, you must ask for an under-the-table bit of software to remove it.

Thank god for alternatives.

sony also released a program that will remove every bit of the rootkit from your system. shouldn't really effect anyone here anyway, right guys? :D
"Russinovich also pointed out that because the cloaking technique it used to hide itself was so crude, malware authors could hide their own nefarious programs on users hard disks using Sony's DRM software.
However, the patch that Sony will offer doesn't remove the 'rootkit' DRM: it only makes the hidden files visible.
Macintosh and Linux users are unaffected by the DRM kit, which only works on Windows PCs."
http://www.theregister.co.uk/2005/11/03/sony_rootkit_drm/
:rolleyes:

the program is only available to people who enquire about it specifically. The world is upside down; to get flagrantly malicious software off your computer, you must ask for an under-the-table bit of software to remove it.


Indeed, when you call to have it removed, they grill you for the reasons for it (as if it's presence is normal).

Sony sued over rootkits
http://www.theinquirer.net/?article=27508

In a just world, they could be sued for enough to bankrupt them. Any regular person's life would be ruined for hacking millions of people. Why not a corporation?

Its the age old problem.

If you owe the bank $100,000, the bank owns you.
If you owe the bank $100,000,000, you own the bank.

Even worse, that software also phones home. It sends the time, IP-address and album you're listening to.
But in the end I think the customers can blame themselves. By buying CDs with direct restriction management on them they are actually supporting those companies. You cannot feed a monster and then complain when it bites you.

But in the end I think the customers can blame themselves. By buying CDs with direct restriction management on them they are actually supporting those companies. You cannot feed a monster and then complain when it bites you.

That's not strictly fair in this instance as apparently there was no indication anywhere that the CD contained DRM measures, let alone the security and stability nightmare that is a third-party rootkit.

In general, though, I agree - it would be nice if we could awaken people from their apathy and arrange a boycott of certain DRM-infested products, and make it very clear to the company involved and the public at large (to combat the inevitable "The lost sales must have been due to piracy!" that the company will come up with!) exactly why the sales of their item are plummeting.

That's not strictly fair in this instance as apparently there was no indication anywhere that the CD contained DRM measures, let alone the security and stability nightmare that is a third-party rootkit.

In general, though, I agree - it would be nice if we could awaken people from their apathy and arrange a boycott of certain DRM-infested products, and make it very clear to the company involved and the public at large (to combat the inevitable "The lost sales must have been due to piracy!" that the company will come up with!) exactly why the sales of their item are plummeting.
The sad thing is that for most consumers, DRM is user-transparent. You won't be able to convince them to boycott their precious Britney (or whatever) CDs because the discs carry DRM, because you have to resort to very sophisticated terminology to even explain it.

By the time you've begun, they've tuned you out and turned Britney up.

By the time you've begun, they've tuned you out and turned Britney up.

Well said, unfortunately.

This made me laugh: http://www.bash.org/?577451