http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html :unch:

Had this piece of news (along with its interesting link) been posted or crossposted to the correct forum, it would have saved me the effort of posting it there myself only to find that someone has already written a thread with the story.

Those bastards even include this trojan on their new CDs. The hacktool-rootkit installs surrepticiously while you are listening to that CD on your PC!
Time to start boycotting Sony!

http://blogs.zdnet.com/BTL/?p=2092&tag=nl.e589

All you have to do is to not accept the EULA for the "player" and use a cd-player software of your choice... But I agree that it's horrible what they're doing!

review

Ouch! Look at this review!

"These DRM files are almost impossible to remove without fouling Windows systems"

"Users like Russinovich who are sophisticated enough to find the files and try to delete them will find that Windows can no longer detect the CD drive attached to their systems, Russinovich found, and it requires other subtle manipulations of Windows to restore."

see the removal tool

SONY issues DRM patch

Talk about the POWER OF FORUMS :knock:

http://seattlepi.nwsource.com/business/1700AP_Sony_Copy_Protection.html

Unfortunately, it only shows the rootkit, it doesn't remove it. So you've still got a little program sending a message to sony telling them what cd (if not what track) you're listening to....

Latest FED Class Action may include 50 States

Sony BMG is facing yet another class-action lawsuit stemming from the controversy over its anti-piracy software, this time from a New York attorney who filed a federal case that could potentially include consumers in all 50 states.

http://blogs.washingtonpost.com/securityfix/2005/11/sony_faces_anot.html

These are the SONY CDs concerned (sofar...):

According to the EFF, the following CDs contain the DRM in question:

• Trey Anastasio, Shine (Columbia)
• Celine Dion, On ne Change Pas (Epic)
• Neil Diamond, 12 Songs (Columbia)
• Our Lady Peace, Healthy in Paranoid Times (Columbia)
• Chris Botti, To Love Again (Columbia)
• Van Zant, Get Right with the Man (Columbia)
• Switchfoot, Nothing is Sound (Columbia)
• The Coral, The Invisible Invasion (Columbia)
• Acceptance, Phantoms (Columbia)
• Susie Suh, Susie Suh (Epic)
• Amerie, Touch (Columbia)
• Life of Agony, Broken Valley (Epic)
• Horace Silver Quintet, Silver's Blue (Epic Legacy)
• Gerry Mulligan, Jeru (Columbia Legacy)
• Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
• The Bad Plus, Suspicious Activity (Columbia)
• The Dead 60s, The Dead 60s (Epic)
• Dion, The Essential Dion (Columbia Legacy)
• Natasha Bedingfield, Unwritten (Epic)

Sony DRM -> Copyright infringement

excerpt from
eWEEK.com Special Report: Digital Rights Management
......
The DRM files remain installed on the hard disk even if the EULA is
declined.

Like a virus, there is no meaningful uninstaller available. Now, some of
the DRM protected CDs will indeed add an entry for SunnComm to the
Add/Remove control panel.

When activated, it removes most of the files in the shared folder, but
leaves the core copy protection module (sbcphid.sys) active and resident.

That means other programs (like iTunes) can't access other SunnComm
protected CDs.But wait, there's more. MediaMax "phones home" without
your consent every time you play the CD. When a CD is played, a request
is sent to a SunnComm server that includes an ID along with the request
that identifies the CD.

Of course, the request by itself identifies the OS you are running as
well as your IP address.

The request seems to be for SunnComm's "Perfect Placement" feature,
which can insert ad content while viewing the CD.

So, Windows users have to deal with a triple threat. Without user
consent, the DRM installs software on the target computer, provides no
way to uninstall its core, and lets SunnComm know every time the CD is
played.

But wait, there's even more.

Someone in the Netherlands did a decompile on the XCP rootkit that has
gotten most of the attention lately. It seems that parts of the rootkit
use the LAME mp3 encoder, which is licensed under the Lesser GPL. That
means by delivering only an executable (the rootkit) without source or
crediting, XCP violates the GPL Violating the GPL puts Sony at massive
legal risk for—wait for it—copyright infringement. :blackeye:

Microsoft to fight Sony's DRM

In an upcoming weekly software update, Microsoft will add the new electronic signature so that Windows AntiSpyware can spot and automatically remove the software, Garms wrote. Windows AntiSpyware is a beta product that Microsoft eventually plans to rename Windows Defender.

Microsoft will also include the XCP signature in the next update to its Malicious Software Removal tool, and with its Web-based security service called Windows Live Safety Center, according to Garms.

Now - TEXAS sues SONY but TAPE can Stop DRM

http://www.techweb.com/wire/security/174400646;jsessionid=0OAAQF1MCNZKGQSNDBCSKH0CJUMEKJVN

http://news.yahoo.com/s/ap/20051121...9QQka6s0NUE;_ylu=X3oDMTA3cjE0b2MwBHNlYwM3Mzg-

this looks like the right place. I installed a sony dvd/cdrw that came with its own software and a newer version of nero. It also came with the rootkit. I didn't even know it was there, don't use ie very much, but the first time I ran ie because that paticular site wouldn't work with firefox, my security software picked up the rootkit and zapped it. But I understand that there are files left behind. So I can't use this burner to back up anything on my computer because I don't know that its not going to place a rootkit on each cd I burn. So I'm going to get another burner from a different compnay, hp maybe. What I'm worried about is those left over files being able to corrupt the software for the new burner. How do I not end up just reinstalling the rootkit when I set up the computer again?

Sony's uninstaller is worse than the XCP software!

In response to the firestorm over its DRM on CDs, Sony made available last week a
Web-based "uninstaller" to remove it. It appears this cure is worse than the disease.

see the Eweek.com article for details :-(