Digital Disaster- the Sony Rootkit Fiasco

various FR links & stories | 11-21-05 | the heavy equipment guy

[backhoe]

 

 Texas Sues Sony Over Alleged CD Spyware --  Here is the description by the guy who discovered it: http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html along with a ton of commentary. --it's not just Sony - they just happened to be caught.  Just remember - many movie and music companies are not happy that you can burn CDs and send files over the internet, regardless of what you were going to burn or send - they would rather you not have the ability at all, end of story. In Canada they had resorted to getting a tax in place on recordable media and players,  Depends on Who has the right to control your PC.

And worse:

 Sony Rootkit Trojans Emerge

 

 Gaffer Tape Defeats Sony DRM Rootkit

 

 EFF Files Class Action Lawsuit Against Sony BMG (The big shoe drops! Both DRMs!)

 

 Sony BMG Recalls 52 Copy-Protected Titles (has the list)

 

 Sony Woes Worsen Thread (Shoots other foot, working on kneecaps) -- Mark's Blog by Mark Russinovich of Sysinternals.com reported the initial finding of XCP in the post Sony, Rootkits and Digital Rights Management Gone Too Far:

--more-

http://www.freerepublic.com/focus/f-bloggers/1524245/posts

 

 AnyDVD tackles Sony DRM Rootkit Virus!

 

  Sony BMG recalls copy-protected discs

 

 And it's getting worse--
http://www.freedom-to-tinker.com/?p=925
Sony has subsidiaries distributing another spyware kit... SunnComm’s MediaMax-- wrote about MediaMax

 

 Sony in internet 'price-rigging' rumpus Also:Microsoft to remove Sony BMG malware

 

 Sony has infected over one-half million world wide nets incl U.S. Military

 Infection US photo.

with original at http://www.doxpara.com.nyud.net:8090/planetsony_usa.JPG

and for Europe which was not supposed to have any is at

with the original at http://www.doxpara.com.nyud.net:8090/planetsony_europe.JPG

 Spyware Sony Seems To Breach Copyright (Sony Rootkit Built Using Stolen Software) -- "A hacker had mass-mailed e-mail with an attachment, which when clicked on installs malware. The malware hides by using Sony BMG software that is also hidden -- the software would have already been installed on a computer when consumers played Sony's copy-protected music CDs."

 Sony halts production of 'rootkit' CDs

Trojan horse exploits Sony DRM copy protection vulnerability

 

 More on Sony: Dangerous Decloaking Patch, EULAs and Phoning Home -- The upshot is, this rootkit doesn't just install itself surreptitiously on your machine and hijack your CDrom drivers, it also propagates across the network, and can infect machines that you didn't even log on to. It's a virus as well as a rootkit.

 

 Mac anti-rip code surfaces on Sony BMG CD

 

 SONY DMA Malware breaks PC's -- Computer Associates on the XCP Rootkit

http://www3.ca.com/securityadvisor/pest/collateral.aspx?cid=76345

Sony’s Rootkit: First 4 Internet Responds
http://www.sysinternals.com/blog/2005/11/sonys-rootkit-first-4-internet.html

Sony: You don’t reeeeaaaally want to uninstall, do you?
http://www.sysinternals.com/blog/2005/11/sony-you-dont-reeeeaaaally-want-to_09.html

 

 Sony hit by lawsuits over root kit --

 First Trojan Using Sony DRM Spotted -- Here's how Sony's department president defends this fiasco:

In an interview with NPR reporter Neda Ulaby, the President of Sony BMG's Global Digital Business, Thomas Hesse, defends Sony's installation of a rootkit by declaring, "Most people, I think, don't even know what a Rootkit is, so why should they care about it?"

So help me God, I am not making this up.

This bozo makes Mary Mapes' defense of the Dan Ra^ther bogus memos look like a masterpiece of logic and reason.

 

  The rootkit of all evil? [Sony music CDs install hidden software!]

 

  Sony CD Copy Protection Seems To Rely On Hacker Rootkit

 

 Sony to Help Remove its DRM Rootkit

 

 Sony, Rootkits and Digital Rights Management Gone Too Far

 

 Sony, Rootkits and Digital Rights Management Gone Too Far -- I have no problem with Sony wanting to protect their legal rights on the music. But stealth installation of malware is beyond the pale.

 It's ridiculous what these MPAA and RIAA participants will do to protect their cartel. Suing their own customers, installing rootkits or spyware or whatever it is, it goes well beyond this. I have no love for these organizations and rarely, if ever, buy music CD's and movie DVDs for this reason (as well as not wanting my money to support people like Hanoi Jane and musical "talent" like Eminem).

=============================================

 FYI: ( Caution! I have not tested this- for informational purposes only! )--

 Download Rootkit Revealer, and extract it.

http://www.sysinternals.com/Utilities/RootkitRevealer.html

Double click on Rootkit Revealer and press "Scan".
It will take some time to do a complete scan. When finished press file/save and post the contents of the log please.

 Sony’s uninstall tool worse than the problem. --

A safer method of detection:

Copy notepad.exe to the an open folder window (or the desktop) and rename it to $SYS$notepad.exe
If the file immediately disappears, the Sony/BMG rootkit is active on your system.

[JoJo Gunn]

ping

[Blood of Tyrants]

Well, at least I am not infected.

[backhoe]

Well, at least I am not infected.

Glad to hear it.

Sony really screwed the pooch with this one.

[Amerigomag]

Thanks. This was a frustrating event to cover because many of the insightful stories were on Wired which has revoked our visa.

[Paul C. Jesup]

Sony really screwed the pooch with this one.

I don't think that goes far enough, what Sony/BGM done may earn itself a corperate Darwin Award for bankrupting itself because of class actions lawsuits against them because of the arrogance and paranoia in screwing over the people who actually pay money for their music.

[Cyber Liberty]

Thank goodness we haven't bought a CD for, like 15 years....

[supercat]

I don't think that goes far enough, what Sony/BGM done may earn itself a corperate Darwin Award for bankrupting itself because of class actions lawsuits against them because of the arrogance and paranoia in screwing over the people who actually pay money for their music.

I think the lawsuits are actually going to be a drop in the bucket compared with loss of sales. IMHO, Sony has successfully killed off Blu-Ray and quite possibly the PS3 as well.

[HEY4QDEMS]

I have been using sysinternal's rootkit revealer for over a year now and run it on all of our company computers as a scheduled task.

When it completes it emails the results to me and I connect to the affected computers and remove the suspect files, no harm no foul. I don't generally go through additional steps to determine who's rootkit is being dropped in the system.

The problem I have with Sony is that it will be very hard for them to claim that the rootkit wasn't installed secretly,(which is what they are now claiming), because one of the characteristics of a rootkit file is that it assumes an alias of a known benign file to prevent spyware programs from detecting it.

[Paul C. Jesup]

The problem I have with Sony is that it will be very hard for them to claim that the rootkit wasn't installed secretly,(which is what they are now claiming), because one of the characteristics of a rootkit file is that it assumes an alias of a known benign file to prevent spyware programs from detecting it.

I guess Sony/BGM wants to add perjury to their growing list of crimes.

[backhoe]

I have been using sysinternal's rootkit revealer for over a year now and run it on all of our company computers as a scheduled task.

I appreciate that info- not having run it, I was reluctant to give it anything besides "for informational purposes."

[metmom]

Loss of sales? Count me in. How can you trust them after this? I just won't take the chance.

[backhoe]

Here's where I link everything I find on browsers, OS's, malware, and general tech interest:

Browser Wars, take two

[SamAdams76]

It should be mentioned that it was the bloggers that brought all this out in the open and forced Sony to withdraw the CDs. If it were up to the mainstream media, very few of us would ever find out about it. We live in a different world now and mainstream media is quickly becoming irrelevant.

[Paul C. Jesup]

It should be mentioned that it was the bloggers that brought all this out in the open and forced Sony to withdraw the CDs. If it were up to the mainstream media, very few of us would ever find out about it. We live in a different world now and mainstream media is quickly becoming irrelevant.

Very true.

[metmom]

And I am glad for it. That's the thing I like so much about FR.

[steve-b]

It should be mentioned that it was the bloggers that brought all this out in the open and forced Sony to withdraw the CDs.

Somebody ought to put up a "Blogosphere Trophy Wall" with Photoshopped stuffed heads and appropriate quote plaques:

Dan Rather, SeeBS Anchor: "F*ck 'Em All."

Mary Mapes, SeeBS Producer: "I relied on the information, not the authentication."

Thomas Hesse, Sony Division President: "Most people, I think, don't even know what a rootkit is, so why should they care about it?"

[steve-b]

Submit DMCA comments for 2006 rulemaking (make sure removal of Sony junk is allowed)

[unseen]

MSM is irrelevant because the colleges and universities that produce the new journalists are not teaching them. I believe that MSM is not so much anti America as they are just stupid. The more I read and watch the MSM the more I understand the depth of their stupidity.

[backhoe]

Appreciate the link- thank you.