Posted on 10/31/2005 7:59:57 PM PST by zeugma
From slashdot.org article:
"SysInternals.com guru Mark Russinovich has a detailed investigation of a rootkit from Sony Music. It's installed with a DRM-encumbered music CD, Van Zant's "Get Right with the Man". (Mmmm, delicious irony!) The rootkit introduces several security holes into the system that could be exploited by others, such as hiding any executable file that starts with '$sys$'. Russinovich also identifies several programming bugs in the method it uses to hook system calls, and chronicles the painful steps he had to take to 'exorcise the daemon' from his system."
Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit. Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden (see my Unearthing Rootkits article from the June issue of Windows IT Pro Magazine for more information on rootkits). The RKR results window reported a hidden directory, several hidden device drivers, and a hidden application:
That's what you can do when you own Congress.
Does one consent to this invasion by opening the CD wrapper, or is "computer crime" involved (Oregon law):
(2) Any person commits computer crime who knowingly accesses, attempts to access or uses, or attempts to use, any computer, computer system, computer network or any part thereof for the purpose of:
(a) Devising or executing any scheme or artifice to defraud;
(b) Obtaining money, property or services by means of false or fraudulent pretenses, representations or promises; or
(c) Committing theft, including, but not limited to, theft of proprietary information.
(3) Any person who knowingly and without authorization alters, damages or destroys any computer, computer system, computer network, or any computer software, program, documentation or data contained in such computer, computer system or computer network, commits computer crime.
(4) Any person who knowingly and without authorization uses, accesses or attempts to access any computer, computer system, computer network, or any computer software, program, documentation or data contained in such computer, computer system or computer network, commits computer crime.
(5)(a) A violation of the provisions of subsection (2) or (3) of this section shall be a Class C felony. Except as provided in paragraph (b) of this subsection, a violation of the provisions of subsection (4) of this section shall be a Class A misdemeanor.
Thanks for the extra ping, zeugma.
Hadn't you heard, it's been proven incontrovertibly that large political donors are never terrorists. The are simply incapable of being.
That would be the DRM ;), you dont really have a right to any of that..
I hate this whole issue on one side you have people who think stealing copyright is OK and on the others people who think its OK to pull crap like this..
bump
But the most disturbing part of the tale came when Russinovich ran his standard rootkit-removal tool on the post-Sony PC.
"Users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files," he writes.
Which puts it in an entirely different class of software to the copy restriction measures we've seen so far, which can be disabled by a Post-It note. Until specialist tools arrive to disinfect PCs of this particular measure. ®
I agree this has gone too far, which is why there needs to be a standardized DRM method for Windows PC's. Until that time, and there's a lot of pirates fighting it every step of the way, vigilante processes like this will probably become the norm. The same will eventually happen to Linux until standardized DRM is in place on that platform as well, since DRM is inevitable the smart move is to get standardized user-friendly mechanisms in place, which I'm sure you support. /sarcasm
And terrorists and criminals never take advantage of the huge gaping security holes large corporations secretly open in their customers computers. Terrorists and criminals respect and admire large corporations far to much to ever do that.
Nah, this will undoubtedly be added to SpyBot and other tools. It's not that difficult to remove the regkeys and binaries.
That is just wrong, no matter what the motivation.
Personally, I think that Sony is opening itself up to litigation by doing this; especially if it results in harm to your computer or data. It's fairly typical for software vendors to put up some kind of license UI that requires user input before installing software. Clearly, Sony isn't interested in what you or I have to say about their installation of software. But, as I pointed out earlier, it's a simple matter to disable this behavior.
Wow. I'm amazed that you're not on record as supporting the ability of a company in install, without the user's permission or knowledge, a program that changes the operating system of a computer in a fundamental way.
It's official folks, GE supports spyware and rootkits as long as it's done in the name of preventing "piracy".
Astounding. This is a keeper.
Geez. Need to proof better.
posted by Mark Russinovich @ 11:04 AM
Nice tip, thanks!
No I didn't, I specifically said I agree with you their behavior went too far. You obviously have some sort of mental disorder, I'd seriously suggest you get it checked out before you erroneously accuse someone else of something.
O.K. after looking at your comment closer, I apologize for claiming that you support this particular implementation of DRM.
My apologies.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.