SONY installing RootKits on Computers for Digital Rights Management

By exclamation55 · 13 replies
Nov 1, 2005

  1. :unch:
  2. Spike

    Spike TS Evangelist Posts: 2,168

    Had this piece of news (along with its interesting link) been posted or crossposted to the correct forum, it would have saved me the effort of posting it there myself only to find that someone has already written a thread with the story.
  3. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    Those bastards even include this trojan on their new CDs. The hacktool-rootkit installs surrepticiously while you are listening to that CD on your PC!
    Time to start boycotting Sony!
  4. MrGaribaldi

    MrGaribaldi TechSpot Ambassador Posts: 2,512

    All you have to do is to not accept the EULA for the "player" and use a cd-player software of your choice... But I agree that it's horrible what they're doing!
  5. jobeard

    jobeard TS Ambassador Posts: 11,166   +986


    Ouch! Look at this review!
    "These DRM files are almost impossible to remove without fouling Windows systems"​

    "Users like Russinovich who are sophisticated enough to find the files and try to delete them will find that Windows can no longer detect the CD drive attached to their systems, Russinovich found, and it requires other subtle manipulations of Windows to restore."​

    see the removal tool
  6. exclamation55

    exclamation55 Banned Topic Starter Posts: 76

    SONY issues DRM patch

    Talk about the POWER OF FORUMS :knock:
  7. MrGaribaldi

    MrGaribaldi TechSpot Ambassador Posts: 2,512

    Unfortunately, it only shows the rootkit, it doesn't remove it. So you've still got a little program sending a message to sony telling them what cd (if not what track) you're listening to....
  8. exclamation55

    exclamation55 Banned Topic Starter Posts: 76

  9. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    These are the SONY CDs concerned (sofar...):

    According to the EFF, the following CDs contain the DRM in question:

    • Trey Anastasio, Shine (Columbia)
    • Celine Dion, On ne Change Pas (Epic)
    • Neil Diamond, 12 Songs (Columbia)
    • Our Lady Peace, Healthy in Paranoid Times (Columbia)
    • Chris Botti, To Love Again (Columbia)
    • Van Zant, Get Right with the Man (Columbia)
    • Switchfoot, Nothing is Sound (Columbia)
    • The Coral, The Invisible Invasion (Columbia)
    • Acceptance, Phantoms (Columbia)
    • Susie Suh, Susie Suh (Epic)
    • Amerie, Touch (Columbia)
    • Life of Agony, Broken Valley (Epic)
    • Horace Silver Quintet, Silver's Blue (Epic Legacy)
    • Gerry Mulligan, Jeru (Columbia Legacy)
    • Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
    • The Bad Plus, Suspicious Activity (Columbia)
    • The Dead 60s, The Dead 60s (Epic)
    • Dion, The Essential Dion (Columbia Legacy)
    • Natasha Bedingfield, Unwritten (Epic)
  10. jobeard

    jobeard TS Ambassador Posts: 11,166   +986

    Sony DRM -> Copyright infringement

    excerpt from Special Report: Digital Rights Management
    The DRM files remain installed on the hard disk even if the EULA is

    Like a virus, there is no meaningful uninstaller available. Now, some of
    the DRM protected CDs will indeed add an entry for SunnComm to the
    Add/Remove control panel.

    When activated, it removes most of the files in the shared folder, but
    leaves the core copy protection module (sbcphid.sys) active and resident.

    That means other programs (like iTunes) can't access other SunnComm
    protected CDs.But wait, there's more. MediaMax "phones home" without
    your consent every time you play the CD. When a CD is played, a request
    is sent to a SunnComm server that includes an ID along with the request
    that identifies the CD.

    Of course, the request by itself identifies the OS you are running as
    well as your IP address.

    The request seems to be for SunnComm's "Perfect Placement" feature,
    which can insert ad content while viewing the CD.

    So, Windows users have to deal with a triple threat. Without user
    consent, the DRM installs software on the target computer, provides no
    way to uninstall its core, and lets SunnComm know every time the CD is

    But wait, there's even more.

    Someone in the Netherlands did a decompile on the XCP rootkit that has
    gotten most of the attention lately. It seems that parts of the rootkit
    use the LAME mp3 encoder, which is licensed under the Lesser GPL. That
    means by delivering only an executable (the rootkit) without source or
    crediting, XCP violates the GPL Violating the GPL puts Sony at massive
    legal risk for—wait for it—copyright infringement. :blackeye:
  11. jobeard

    jobeard TS Ambassador Posts: 11,166   +986

    Microsoft to fight Sony's DRM

    In an upcoming weekly software update, Microsoft will add the new electronic signature so that Windows AntiSpyware can spot and automatically remove the software, Garms wrote. Windows AntiSpyware is a beta product that Microsoft eventually plans to rename Windows Defender.

    Microsoft will also include the XCP signature in the next update to its Malicious Software Removal tool, and with its Web-based security service called Windows Live Safety Center, according to Garms.
  12. exclamation55

    exclamation55 Banned Topic Starter Posts: 76

    Now - TEXAS sues SONY but TAPE can Stop DRM


  13. greyferret

    greyferret TS Rookie

    this looks like the right place. I installed a sony dvd/cdrw that came with its own software and a newer version of nero. It also came with the rootkit. I didn't even know it was there, don't use ie very much, but the first time I ran ie because that paticular site wouldn't work with firefox, my security software picked up the rootkit and zapped it. But I understand that there are files left behind. So I can't use this burner to back up anything on my computer because I don't know that its not going to place a rootkit on each cd I burn. So I'm going to get another burner from a different compnay, hp maybe. What I'm worried about is those left over files being able to corrupt the software for the new burner. How do I not end up just reinstalling the rootkit when I set up the computer again?
  14. jobeard

    jobeard TS Ambassador Posts: 11,166   +986

    Sony's uninstaller is worse than the XCP software!

    In response to the firestorm over its DRM on CDs, Sony made available last week a
    Web-based "uninstaller" to remove it. It appears this cure is worse than the disease.

    see the article for details :-(
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...