Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Antivirus firms consider protection against Sony DRM rootkit 3

Status
Not open for further replies.

pechenegs

MIS
Jun 15, 2003
1,040
GB
The other thread I posted miraculously went awol like a few others thanks to the anonymous mods on here!




Antivirus firms consider protection against Sony DRM rootkit
Matt Loney
ZDNet UK
November 04, 2005, 17:35 GMT

Talkback
Tell us your opinion
Kaspersky calls it spyware, while at Sophos it's ineptware. Whatever you term the software used by Sony's digital rights management, antivirus companies are considering adding protection against it to their products


§
?
Antivirus firms are considering protecting their customers from the digital rights management software used by Sony on some CDs.

Kaspersky Labs has classed Sony's DRM software as spyware because, among other things, it can cause crashes and loss of data and it can compromise system integrity and security.

Explaining its decision, Kaspersky said it used the definition of spyware provided by the Anti-Spyware Coalition. Sophos is similarly scathing of Sony and is calling the software "ineptware".

The issue reaches much further than the individual PCs of those users who buy particular Sony CDs, say the antivirus companies. The DRM software uses what is known as a rootkit, which means that it is invisible to the operating system, to most anti-virus and security software and to IT departments trying to cope with security on user's desktop and notebook PCs.

Furthermore, say the antivirus companies, the software can be exploited by hackers and viruses and used to cloak any file from the operating system.

"The Sony rootkit can be used to hide any files from the operating system, so we think the way that Sony has implemented this is somewhat flawed," said Graham Cluley, senior technology consultant at Sophos. "The danger is that other malware may come along which exploits the Sony rootkit."

Due to what Cluley said is a lack of malicious intent on Sony's part, Sophos is not defining the rootkit itself as malware, preferring instead to refer to it as ineptware.

"We don't really believe this is malware and so we don't currently detect it," said Cluley. However, he said detection for rootkits like that used by Sony will be built into Sophos Antivirus version 6, due out in 2006. "This is potentially unwanted...
 
If it was a result of my posting a slashdot-sourced workaround (and thereby risking DMCA prosecution), I apologise, especially since you lost your purple hearts. I'll give you one now as a peace-offering.
I am amused by the fact that if you're infected with this, you can rename your favourite ripping software to begin $SYS$ and thereby retrieve the WAV files. Who said the Americans don't do irony....?

soi la, soi carré
 
No problem, just that a lot of other people posted good info here and it was all concentrated in one post!
 
Maybe it was my Digital CD workaround.
Of course the DCMA is irrelevant in the other 90% of the world, oh and the Sony software maybe illegal in it's own right....

Only the truly stupid believe they know everything.
Stu.. 2004
 
Hold on, I see a Black Helecopter hovering above........quick, dump the RFID tags.

Only the truly stupid believe they know everything.
Stu.. 2004
 
There is a MASSIVE lashback building against this. Every security forum I visit, this is THE topic. And if you check out the Amazon.com page linked from Sunbelt...well, the majority of Van Zat's "reviews" are warning people away from Sony (last check there was 191 reviews, not one I read was on the music and Van Zat's CD has a 1 star rating).
 
<blinks> Erm..that should have been backlash.
 
This one has to be the best for stupidity by Sony!


Sony: Why care about rootkits?





ZDNet UK
November 09, 2005, 18:10 GMT

Talkback
Tell us your opinion
'Most people don't even know what a rootkit is so why should they care about it?' says a SonyBMG executive


§
?
A senior SonyBMG executive has hit back at the criticism surrounding the company's use of a digital rights management (DRM) technology on a music CD.

Thomas Hesse, the president of SonyBMG's global digital business division, said in a radio interview last week that its use of rootkits is not an issue to the everyday user."Most people don't even know what a rootkit is, so why should they care about it?" he said in the interview with radio company NPR.

The copy-restriction software is hidden so that music pirates cannot find and remove it, according to Hesse. "This is purely about restricting the ability to burn MP3 files in an unprotected manner," he said.

Although Sony does not appear to understand why people are concerned about the use of rootkits, the EMI Group has tried to distance itself from the controversy by stating that it does not use rootkits on its own products.

"EMI is not using any software that hides traces of the program. There is no 'rootkit' behaviour and there are no processes left running in the background," an EMI spokesman said last week
 
They (Sony) will soon care if people who installed their rootkit get hit with this:

Is this corporate incompetence or arrogance?



Men occasionally stumble over the truth, but most of them pick themselves up and hurry off as if nothing ever happened.

Sir Winston Churchill
 
I'd say arrogance. Sony got hit this past summer with a huge fine for posting superlative reviews for their movies from a reviewer that didn't exist. If a company gets caught doing something illegal and refuses to admit wrongdoing, it's arrogance. [flame]

[soapbox]Don't even get me going on the company doing something illegal/immoral in the first place.

James P. Cottingham
-----------------------------------------
[sup]I'm number 1,229!
I'm number 1,229![/sup]
 
This whole issue is ludicrous and crazy.

It's like buying a cassette tape with a spycam inside it to make sure you can't dub it for your buddy.

I don't know how this could pass for legal in any sense.

Just because you agree to something, even in a contract (or especially in a EULA), doesn't make it inherently legal, valid, or enforceable.

If I sell you some crack and then try to sue you for not paying for it, I can't because selling crack isn't legal in the first place.

As far as I know, compromising the security systems of other people isn't legal either.

It's at least unethical and evil, anyway.
 
Interesting...

However, I still am watching this with more than a bit of interest. Sony has come under attack from the PC world, there's still no word if the Mac world will now be left alone.

Additionally, this is a temporary suspension of the DRM. It isn't Sony saying "we give, we were wrong."

This isn't over yet.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top