Slyck.com
 
Slyck Chatbox - And More

Sony Offers Removal Technique on Cloaked DRM Software

Discuss Slyck's latest news
Forum rules
PLEASE READ BEFORE POSTING: Slyck Forum Rules

Sony Offers Removal Technique on Cloaked DRM Software

Postby SlyckTom » Wed Nov 02, 2005 7:34 pm

If the record labels are trying to win the DRM (Digital Rights Management) public relations war, they are off to an atrocious start. The intention of DRM is to protect the intellectual property rights of content owners. Being the blanket term it is, DRM can take the form of virtually any technique.

On October 31, 2005, the Internet community learned how ugly these techniques could get. Mark Russinovich, an expert on the internals of Windows and one of the writers behind Sysinternals.com, <a href=http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html target=_blank>discovered</a> evidence of a rootkit on one of his computers.

Rootkits are sneaky pieces of software that hide on one's computer. They are virtually invisible to most, if not all, conventional anti-spyware and anti-virus software. You may ask why they hide themselves from diagnostic software scans. This is done because they are most often associated with the worst kinds of software on the Internet. No, not Grokster, but other malicious software such as viruses, trojans, and other malware.

Using RootKitRevealer (RKR), Mark Russinovich discovered a "hidden directory, several hidden device drivers, and a hidden application"

After a lengthy and clever investigation, Mark Russinovich discovered the Rootkit was part of a DRM copy protection scheme devised by a company named First4Internet. First4Internet had developed a DRM technology dubbed XPC, or Extended Copy Protection, which it <a href=http://news.cnet.co.uk/digitalmusic/0,39029666,39189658,00.htm target=_blank>licensed</a> to Sony-BMG Music. The copy protections software had been included on the Sony-BMG CD "Get Right with the Man" by the Van Zant brothers, which Russinovich had played on the computer in question.

The fact this software couldn’t be detected by conventional spyware or virus sweepers was bad news, but certainly not the worst. If an inexperienced individual were to remove the cloaked files after discovery with RKR, the individual's computer may become seriously crippled. Although Sony repeatedly attempted to hide behind their EULA, which made no mention of this software, the public backlash proved too much for Sony-BMG to bear. Even those who support an artist's right to protect their content were scornful of this inexcusable move by Sony-BMG.

In response, Sony-BMG Music was forced to provide a method to remove this cloaked DRM software. In an update issued today, Sony-BMG issued the following <a href=http://cp.sonybmg.com/xcp/english/updates.html target=_blank>statement</a>:

"November 2, 2005 - This Service Pack removes the cloaking technology component that has been recently discussed in a number of articles published regarding the XCP Technology used on SONY BMG content protected CDs. This component is not malicious and does not compromise security. However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers."

It’s interesting that Sony-BMG Music felt they could hide this kind of copy protection scheme from the public. The music industry is in a difficult position as "legitimate" downloads have stagnated and the P2P population continues to increase. A public relations nightmare such as this, especially one that draws attention to DRM and its implications, is definitely not what the music industry needs.
Follow us on Twitter @SlyckDotCom
Join our Facebook Fan page
SlyckTom
 
Posts: 5713
Joined: Fri Jul 26, 2002 7:22 pm
Location: New York City

Postby AlexanderHanff » Wed Nov 02, 2005 7:39 pm

Nice article Tom.

I would like to point out to anyone who does not know, that one of the websites Sony were referring to was Slyck.com and anyone who wants to read the thread who has not already seen it, please check here:

http://www.slyck.com/forums/viewtopic.php?t=15729

As I said in there, people who use such language as "They have too much money, we can't win if we fight them..." have just been proved wrong. This move by Sony today was nothing less than an example of Consumer Power. It proved that if enough people, make enough noise, they can win.

Everyone who was involved in the campaign to expose this issue can sleep tonight knowing they can make a difference and that hope is not lost.
User avatar
AlexanderHanff
 
Posts: 932
Joined: Sat Apr 09, 2005 8:03 am
Location: UK

Postby Skel » Wed Nov 02, 2005 7:39 pm

Wow kinda Suprised by this but glad that they found theis junk of a software app. Very nice read Tom :wink:
The Few The proud the Filetopians
http://www.filetopia.com
[Avatar removed - please resize to be 100px wide max]
Image removed - No graphics in sigs please! - HC
Forum Rules
Skel
 
Posts: 264
Joined: Fri Apr 30, 2004 8:19 am

Postby allanp22 » Wed Nov 02, 2005 8:01 pm

I am convinced what Sony did is criminal.
Sony should be sued and punished just like Virus Writers are.
User avatar
allanp22
 
Posts: 62
Joined: Wed Feb 02, 2005 10:20 pm
Location: Canada

Postby AussieMatt » Wed Nov 02, 2005 8:02 pm

At a time when technology companies are just starting to try and provide alternatives to iTunes using a p2p model to sell content online Sony pulls a stunt like this.

These companies are also ready to sell content like games and video in the near future ,so music may become a very small part of thier revenue stream becuse the profit margins are so small in the digital music bussiness .

I hope this bites Sony in the arse (for you Brits and Aussies) .
AussieMatt
 
Posts: 1044
Joined: Wed Mar 03, 2004 10:03 am

Postby notbob » Wed Nov 02, 2005 8:06 pm

allanp22 wrote:I am convinced what Sony did is criminal.
Sony should be sued and punished just like Virus Writers are.


why? people clicked yes and installed it. if the thing autoinstalled through an autoplay without an affirmation, that would be like a virus

i have no pity for people that willingly install things without knowing what they do. is it a virus writer's fault someone doesn't have an antivirus? did the writer open the attachment? there is a lot to be said about taking responsibility for the user's own stupidity here
i eat regularly
notbob
 
Posts: 1174
Joined: Mon Nov 10, 2003 8:27 pm

Postby NocturnalVagabond » Wed Nov 02, 2005 8:25 pm

oh yeah right, the consumer is expected to trust a removal tool that comes from the same company who put the crap there in the first place....
:roll:

For all we know, it simply moves the sh*t to another hidden location. Sony's credibility is completely shot after all this.
User avatar
NocturnalVagabond
Tin Foil Hat Salesperson
 
Posts: 915
Joined: Thu Sep 29, 2005 10:59 pm
Location: Downunda

Postby Drake » Wed Nov 02, 2005 8:32 pm

Do any antivirus programs classify this as a virus? I don't think so. Sony knew exactly what they were doing and should be held accountable for their actions.

If not, then rogue programmers can just create phony apps and distribute their virus without fear of prosecution by including a 5000 word EULA.
User avatar
Drake
 
Posts: 2058
Joined: Tue Aug 05, 2003 12:56 pm
Location: Meepos (where charging for MP3s is illegal!)

Postby tm, » Wed Nov 02, 2005 9:16 pm

Does anyone remember the Turbotax DRM debacle?

When this Extreme Tech article exposed the sneaky virus-like stuff that Turbotax was doing on paying customers' computers, ostensibly in the name of copy-protection, the news helped foster an avalanche of ill-will toward the company, which may have been a major factor in causing many customers to flock to a competing product from H&R Block in the 2 months after that story broke.

TurboTax dropped its DRM scheme after that, but it may have been a case of 'too little too late' - as they have yet to regain their once-dominant market share that was lost in 2003 when many tech-savvy customers refused to buy that year's version of Turbotax's then-DRM-infected software.

I wonder if Sony was aware of the beating that TurboTax took due to its foolish decision to use a similar type of invasive DRM?
tm,
 
Posts: 1192
Joined: Wed Apr 21, 2004 12:23 am

Postby firestorm9377 » Wed Nov 02, 2005 9:28 pm

good thing i didn't buy that vanzant cd (was thinking about it). Was this the only cd with this on it?
firestorm9377
 
Posts: 148
Joined: Sat Jul 09, 2005 1:44 am
Location: in a box

Postby NocturnalVagabond » Wed Nov 02, 2005 9:35 pm

Interesting - perhaps I am going blind, but can anybody find any reference to removal of this crap on either the sites http://www.sonymusic.com or http://www.sonybmg.com ?

Why do I get the feeling that 'finding' this removal tool is gonna be harder than finding the actual malware on the pc in the first place......
User avatar
NocturnalVagabond
Tin Foil Hat Salesperson
 
Posts: 915
Joined: Thu Sep 29, 2005 10:59 pm
Location: Downunda

Postby Freebird Mike » Wed Nov 02, 2005 9:36 pm

Apparently there is software already present that will prevent the rootkit from installing and accessing the operating system. McCaffe Security Suite? Norton 2006? Nah, try AnyDVD :shock:
Songlifter since 1999
User avatar
Freebird Mike
 
Posts: 292
Joined: Tue Jun 15, 2004 11:12 pm
Location: Left of the Atlantic

Postby 666 » Wed Nov 02, 2005 10:21 pm

notbob wrote:why? people clicked yes and installed it.


A EULA can't make illegal things legal. When EULA and law are in conflict, the law always overrules the EULA.
666
 
Posts: 347
Joined: Sun Aug 01, 2004 9:58 pm

Postby shulkman » Wed Nov 02, 2005 10:27 pm

Here's my thoughts on it:

1. I wonder just how effective this removal tool will be. Most of us know that after you remove a program there is still a ton of junk left in the windows registry.

2. I believe Sony knew that there would eventually be a backlash about this. How else could they come up with a removal tool so quickly? The story only broke two days ago.

3. I hope this isn't the end of this. This story needs much wider coverage than this. This should be on CNN, NBC, etc...

4. And I hope that Sony gets the snot sued out of them for it anyways. I guarantee this, I won't buy another CD again. I won't take the chance of crap getting on my computer. If I still used kazaa, I'd rather take my chances with an .exe file, than have a 100% chance to put junk on my PC with a CD that I paid for.
"And on the eighth day God said, "OK Murphy, you take over."
shulkman
 
Posts: 69
Joined: Mon Jan 24, 2005 11:22 am
Location: The Seventh Circle

Postby NocturnalVagabond » Wed Nov 02, 2005 10:40 pm

shulkman wrote:This should be on CNN, NBC, etc...

Never gonna happen - those major networks are all either owned by or affiliated with the members of the MPAA/RIAA.
The only way this story will make it is in a back-page article, buried next to an advertisement for hemorrhoid cream (cheap irony, perhaps?)
And any such coverage by the majors will undoubtedly slant it towards the gross overreaction of some radical elements of the pirating community.
User avatar
NocturnalVagabond
Tin Foil Hat Salesperson
 
Posts: 915
Joined: Thu Sep 29, 2005 10:59 pm
Location: Downunda

Postby Scavenger » Thu Nov 03, 2005 3:03 am

Great article.

Wow. How frightening is it when being legal or "doing the right thing" by buying the music actually ends up possibly messing up your pc!

DRM really is scary. I agree with the above post - no more buying CDs. Not like I had bought one in years anyway...
User avatar
Scavenger
 
Posts: 51
Joined: Sun Sep 11, 2005 4:38 pm

Postby poullos » Thu Nov 03, 2005 5:41 am

I might be a bit of topic...but, are those ed2k search with 300-400 100% complete files, DRM? I just clicked 1-2 out of curiosity and 10-12 mldonkeys immediately showed up to upload at full speed!
¯\(º_o)/¯
User avatar
poullos
 
Posts: 1087
Joined: Fri Mar 19, 2004 9:29 am
Location: Mobile Server

Postby zim » Thu Nov 03, 2005 6:05 am

were they wmv/wma files?

yep. loaded with drm.

:lol:


On topic... Sony came out with the tool so fast since they had the tool made the same time they bought the drm package.

They knew the geeks would complain. So they had a fix ready to go. Now we're happy and they can go back to infecting the rest of the public with zero problem.

Its just good business...
FINE! downloading *IS* stealing. I still don' t care. I'm still going to do it. And laugh while i do!
User avatar
zim
 
Posts: 5776
Joined: Wed Apr 20, 2005 10:01 am

Postby poullos » Thu Nov 03, 2005 6:09 am

Who uploads that fast? MPAA, RIAA, who?
¯\(º_o)/¯
User avatar
poullos
 
Posts: 1087
Joined: Fri Mar 19, 2004 9:29 am
Location: Mobile Server

Postby AlexanderHanff » Thu Nov 03, 2005 6:10 am

zim wrote:were they wmv/wma files?

yep. loaded with drm.

:lol:


On topic... Sony came out with the tool so fast since they had the tool made the same time they bought the drm package.

They knew the geeks would complain. So they had a fix ready to go. Now we're happy and they can go back to infecting the rest of the public with zero problem.

Its just good business...


No we are not happy and this is not the end of it. I have already filed complaints requesting a criminal investigation in the UK with 2 Law Enforcement departments and also with the Government IT Response Task Force.

So if they think we are just going to lie down and forget about it, they have another thing coming.
User avatar
AlexanderHanff
 
Posts: 932
Joined: Sat Apr 09, 2005 8:03 am
Location: UK

Postby Mel_Smiley_VIP » Thu Nov 03, 2005 6:10 am

666 wrote:
notbob wrote:why? people clicked yes and installed it.


A EULA can't make illegal things legal. When EULA and law are in conflict, the law always overrules the EULA.



While I sorta know what you mean, does it apply to this case? If there was a user agreement to instal software, what was illegal about it? I would like to see exactly what the EULA said before I jump to any conclusion.
You see us as you want to see us...
In the simplest terms, in the most
convenient definitions.
User avatar
Mel_Smiley_VIP
 
Posts: 1141
Joined: Sun Mar 14, 2004 12:36 am
Location: Dream Country

Postby Dormant707 » Thu Nov 03, 2005 6:15 am

AlexanderHanff wrote:No we are not happy and this is not the end of it. I have already filed complaints requesting a criminal investigation in the UK with 2 Law Enforcement departments and also with the Government IT Response Task Force.

So if they think we are just going to lie down and forget about it, they have another thing coming.


I got news Alex.... the Police are not going to do one iota about this whole issue.... they have far more important things on their hands.... like keeping yobs quiet on a Friday night, or terrorism, or murder, or rape, or traffic fines - you get the picture.
Dormant707
 
Posts: 5067
Joined: Fri Jul 15, 2005 5:03 pm

Postby AlexanderHanff » Thu Nov 03, 2005 6:21 am

dannybhoi wrote:
AlexanderHanff wrote:No we are not happy and this is not the end of it. I have already filed complaints requesting a criminal investigation in the UK with 2 Law Enforcement departments and also with the Government IT Response Task Force.

So if they think we are just going to lie down and forget about it, they have another thing coming.


I got news Alex.... the Police are not going to do one iota about this whole issue.... they have far more important things on their hands.... like keeping yobs quiet on a Friday night, or terrorism, or murder, or rape, or traffic fines - you get the picture.


Actually I reported it to the commissioner of Scotland Yard, the High Tech Crime Unit (specifically set up for this type of stuff) and as I said, the Government Department responsible for such matters. None of them are anything to do with friday night yobs. Furthermore, if they fail to act I will put a complaint into the Police Complaints Commission, I am also forwarding the information to the House of Commons today via my MP.

Why post such a negative comment, when we have already shown how powerful the consumer voice can be over the past 3 days? I will also be contacting Trading Standards to have all Sony CDs (and hopefully all DRM embedded CDs) removed from retailers shelves until an investigation is carried out as to whether or not these CDs cause serious security concerns which could lead to such things as identity theft and fraud.

So instead of coming back with "You got no chance" type comments, how about you get busy contacting your government representatives and law enforcement agencies. The more people do, the more notice they will take and the more likely they are to bend to the will of their voters.

I get sick of this defeatest attitude all the time.
User avatar
AlexanderHanff
 
Posts: 932
Joined: Sat Apr 09, 2005 8:03 am
Location: UK

Postby Dormant707 » Thu Nov 03, 2005 6:24 am

AlexanderHanff wrote:I get sick of this defeatest attitude all the time.


Not defeatist on this matter, simply reality. And trust me on this one, Sony will not be bothered by any one. They already have taken steps to remedy the situation.... nothing will happen.
Dormant707
 
Posts: 5067
Joined: Fri Jul 15, 2005 5:03 pm

Postby TheIce_Man222 » Thu Nov 03, 2005 6:30 am

i would recommend bagging http://www.sysinternals.com/Files/RootkitRevealer.zip the rootkit revealer as it is a very handy bit of software which i have used for a while - for those who run it and get the line:
HKLM\SOFTWARE\Classes\CLSID\{49370B11-A677-11d7-A773-00C04F68F44E}\Pins\Input\Types\{10ed2d83-f16f-0348-2000-8c26b23e9a26}\22

dont worry it just means you have or have had sound forge 7 on your system - seems i am the only one who has figured it out!
Last edited by TheIce_Man222 on Thu Nov 03, 2005 6:31 am, edited 1 time in total.
TheIce_Man222
 
Posts: 62
Joined: Thu May 19, 2005 9:19 am

Next

Return to Slyck News

Who is online

Users browsing this forum: No registered users and 1 guest

cron
© 2001-2008 Slyck.com