Sony, Rootkits and Digital Rights Management Gone Too Far

Mark's Sysinternals ^ | Monday, October 31, 2005 | Mark's Sysinternals

[AppyPappy]

I don't believe so.

Would the music CD be able to write over a read-only file?

[zeugma]

Would the music CD be able to write over a read-only file?

Maybe, maybe not. The 'administrator' can write over anything, although I think it normally kicks up errors. I just don't do enough in windows to be able to tell you one way or another on that.

[HAL9000]

Bottom line - Avoid Microsoft Windows like the plague.

[RJL]

Bump

[Senator Bedfellow]

The problem in windows land is that there are too many programs out there written in such a (stooopid) way that they require Admin privs to run.

Actually, very few require admin privs to run, but most require admin privs to install. This little bug will fail quite readily if you attempt to run it from a non-administrative account - non-administrators cannot, by default, write to HKLM or %systemroot%.

[Golden Eagle]

FYI, the term "rootkit" was originally developed to describe a process that compromised Unix systems, not Windows. You mean you didn't know this?

Here's a long list of current examples of rootkits for Unix and Linux since you seem oblivious:

http://packetstormsecurity.nl/UNIX/penetration/rootkits/

[zeugma]

I know where the term comes from moron. We're discussing a windows rootkit on this thread, or are to too freaking dense to know that.

Do you ever have anything useful to contribute to FreeRepublic?

[Golden Eagle]

Do you ever have anything useful to contribute to FreeRepublic?

One of my uses seems to be pointing out your inaccuracies most every time we come in contact. You did manage to admit it previously in this thread. This time though, it was your normal temper tantrum and name calling instead.

[zeugma]

I call you a moron because you are a moron. You contribute nothing at all to this forum. You are a psychic leach that attempts to suck anything good out of any discussion and divert it into word games and non-sequitors. With any luck, someday the mods will decide they've had enough of your crap and ban you permanently.

[Golden Eagle]

LOL, it must suck to have what you consider a moron constantly correct your ignorant claims. Guess you'll have to deal with it, since I doubt it's going to change.

[jokar]

Bump

[ShadowAce]

Sony releases a fix for this.

[Still Thinking]

How do you like the accompanying self serving pablum:

"November 2, 2005 - This Service Pack removes the cloaking technology component that has been recently discussed in a number of articles published regarding the XCP Technology used on SONY BMG content protected CDs. This component is not malicious and does not compromise security. However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers."

[thulldud]

"This component is not malicious and does not compromise security."

They must be liberals. We can't judge their actions, since their intent was good ("not malicious").

The "does not compromise security" is bold-faced enough to be worthy of Harry Reid.

[RogueIsland]

Windows allows non-administrator accounts. This will become more user friendly in the next version of Windows, which will allow non-administrators to install programs for their own use, without touching the main registry. Non-admins who install programs will get a private programs folder and a private copy of the registry. Perhaps something like this should have been done years ago, but MS has been obsessed with making Windows work with legacy programs. I have programs from 1982 that still run on XP.

The main problem under XP is unruly software devolopers whose software doesn't play well under non-admin accounts. Not much Microsoft can do about that but withold certification.

You are absolutely right about them needing to break the backward-compatibility death spiral. They need to just pull an Apple and say, "After this, backward compatibility is not supported except in emulation mode".

[js1138]

The main problem under XP is unruly software devolopers whose software doesn't play well under non-admin accounts. Not much Microsoft can do about that but withold certification.

But there is. Vista will allow non-admin users to appear as virtual admins. The software will not know the difference, but it will not be able to trash the real registry. The downside is that machines with more than one login will need to have some software installed multiple times, but disk space is cheap.

[expat_panama]

Thanks for the ping-- this stuff is happening so fast and furious that I'm finding it impossible to keep up with it all.

[HAL9000]

FYI, the term "rootkit" was originally developed to describe a process that compromised Unix systems, not Windows. You mean you didn't know this?

I'm vaguely familar with the history of rootkits. Windows is probably the easiest platform for surreptitious installation.

Were you aware that Apple has filed a patent for tamper-resistant code?

[Still Thinking]

The "does not compromise security" is bold-faced enough to be worthy of Harry Reid.

Well, on second thought maybe it IS a true statement. Maybe they were talking about THEIR security, and not the computer security of their victims. (Also see "trusted computing")

[Golden Eagle]

No I wasn't, thank you for the info.