Posted on 11/10/2005 10:03:29 AM PST by steve-b
Virus writers have begun taking advantage of Sony-BMG's use of rootkit technology in DRM software bundled with its music CDs.
Sony-BMG's rootkit DRM technology masks files whose filenames start with "$sys$". A newly-discovered variant of of the Breplibot Trojan takes advantage of this to drop the file "$sys$drv.exe" in the Windows system directory....
(Excerpt) Read more at theregister.co.uk ...
Thanks a lot Sony. You SonyBeaches.
They are already in trouble and have been for some time.
I can only hope that this is a cautionary tale for other companies who hope to "protect" their products in the same way.
I blame them both.
Ping for later self-reference.
In an interview with NPR reporter Neda Ulaby, the President of Sony BMG's Global Digital Business, Thomas Hesse, defends Sony's installation of a rootkit by declaring, "Most people, I think, don't even know what a Rootkit is, so why should they care about it?"So help me God, I am not making this up.
This bozo makes Mary Mapes' defense of the Dan Rather bogus memos look like a masterpiece of logic and reason.
He thinks that people not knowing what a rootkit is excuses these actions? So, by his logic, would it be ok for me to develop some new kind of virus or such* since most people won't know what it is? Lord Almighty, what a moron.
MGY
*Hypothetical only. I'm not developing any malicious programs.
Ping
I'm sorry, but I must insist that all self-referencing posts conform to my trademarked tagline.
LOL!
I recently purchased Imogen Heap's new CD (Speak for Yourself), an RCA Victor release, but with distribution credited to Sony/BMG. Reading recent reports of a Sony rootkit, I decided to poke around. In addition to the standard volume for AIFF files, there's a smaller extra partition for "enhanced" content. I was surprised to find a "Start.app" Mac application in addition to the expected Windows-related files. Running this app brings up a long legal agreement, clicking Continue prompts you for your username/password (uh-oh!), and then promptly exits. Digging around a bit, I find that Start.app actually installs 2 files: PhoenixNub1.kext and PhoenixNub12.kext.
Don't blame Sony? I guess you're the type that blames gun manufacturers for criminal use of firearms too. And BTW, AFAIK it doesn't "automatically install". The EULA/installer comes up automatically under autorun, but I don't believe it installs until you agree to the EULA. In other words, you are basically deliberately installing software on your machine, whether you know it or not (and Sony goes out of its way to make sure you don't), so it's a classic Trojan.
The EULA doesn't mention the hidden software. But more to the point, there's no good reason for allowing an audio disk to install software that alters the OS. It's stupid of MSFT to allow such behavior.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.