There are several articles, some on The Register, BoingBoing, PCMag, F-Secure, as well as our previous entry entitled Marks Sysinternals Blog: Sony Rootkits Digital Rights Management Gone Too Far which take the information even further regarding the Sony Rootkit DRM.

According to one of The Register’s articles entitled Hidden DRM code’s legitimacy questioned, Mikko Hippönen , chief research officer for F-Secure stated the following:

“No one reads the licensing agreements, and even if you do, (the Sony BMG agreement) does not make it obvious what is happening,” he said. “It’s also not obvious that it is almost impossible to uninstall the program.” The concerns are the latest backlash against music and movie companies over what many critics call heavy-handed tactics designed to maintain the status quo in the face of innovative technologies that are disrupting the copyright holders’ traditional business models. The industries’ tactics have varied from frequent lawsuits against consumers to lobbying Congress for harsher penalties against those who use file-sharing technologies. Meanwhile, some vigilantes have poisoned peer-to-peer file sharing systems with Trojan horse programs that report the user.

The latest tactic, however, hews much closer than past actions to the definition of a malicious threat to a user’s computer system, said Edward Felten, a professor of computer science and public affairs at Princeton University and an expert in digital-rights management technology. “It is not legitimate to undermine the user’s desire to secure their own computer,” Felten said. “I don’t think they should be hiding files and programs and registry entries from the system administrator, ever.” Answering critics, Sony BMG released on Wednesday a limited statement on its site and also posted a patch that Windows users can run using Internet Explorer to remove the copy-protection software from their system. Neither First 4 Internet or Sony BMG returned requests for comment on the issue.

“The protection software simply acts to prevent unlimited copying and ripping from discs featuring this protection solution,” Sony BMG said in a statement posted on its site. “It is otherwise inactive. The software does not collect any personal information nor is it designed to be intrusive to your computer system.”

Wow, apparently making your computer system vulnerable to attacks by other malicious coders due to the nature of the rootkit software is not addressed nor even acknowledged. Check out this quote from Sony in the article:

“The protection software simply acts to prevent unlimited copying and ripping from discs featuring this protection solution,” Sony BMG said in a statement posted on its site. “It is otherwise inactive. The software does not collect any personal information nor is it designed to be intrusive to your computer system.”

Apparently, they think that simply uncloaking the ‘rootkit’ makes it all better now.

According to another article on The Register entitled, Removing Son’s CD ‘rootkit’ kills Windows.

A PCMag article entitled Sony DRM Uses Rootkit techniques states the following:

New digital rights management technology shipping on music CDs by Sony Corp. of America/Bertelsmann AG artists employs stealthy, rootkit-style techniques to hide from users, according to a security expert.

The new technology, which Sony has dubbed “sterile burning,” manipulates the Windows core processing center, or “kernel,” to make the DRM almost totally undetectable on Windows systems.

This article further goes on to say:

Through a detailed analysis of communication between the media player installed from the Sony CD and the rootkit files, Russinovich was able to determine that the rootkit files were installed with the media player and communicated with it.

Russinovich was reluctant to discuss the details of how the DRM software works, citing fear of prosecution under the DMCA (Digital Millennium Copyright Act). However, he said the rootkit features help enforce the sterile burning limits on copying Sony music files.

BoingBoing’s entry on it entitled Sony DRM uses black-hat rootkits where an item by Steve was submitted in regard to this stating:

Steve sez, “A technical dissection by the mighty Mark Russinovich of Sony’s rootkit-based DRM. Sony uses genuine black-hat techniques to install a rootkit, even choosing a Windows-sounding name for a service just like your favourite backdoor, and about as easy to detect or remove. Basically, Sony puts the sort of malware on its customers’ PCs that the rest of the world spends alot of money fighting.

Amen Steve!

F-Secure’s Weblog entry entitled A chilling though about CDs that have rootkit DRM posted today, Friday, November 4, 2005 states:

t is hard enough to program something on that level, without having to worry about any other programs trying to do something with same parts of the OS.

Thus if there would be two DRM rootkits on the same system trying to hook same APIs, the results would be highly unpredictable. Or actually, a system crash is quite predictable result in such situation.

Advertisements

Tag Cloud

%d bloggers like this: