The Sony Digital Rights Management Debacle

Tue, 2007-08-28 09:34 by admin · Forum/category:

Latest news

2007-12-17 – How Sony BMG lost its mind and rootkitted its CDs – prepublication law paper

History

On Monday, October 31, 2005 Mark Russinovich of www.sysinternals.com published a blog entry in which he described in detail how he discovered a root kit on his own computer. First suspecting that he had become the unlikely victim of some kind of computer virus attack, he investigated further, only to find out that the culprit was Sony, and the delivery mechanism was not an ordinary email Trojan, but a music CD.

Here is Mark Russinovich's blog entry that started it all. It is partly technical, but anyway worth looking at. If you're interested in the whole story, you have to begin at the October 31, 2005, blog entry near the bottom and then keep reading the next one above, thus working your way up in the direction from bottom to top. At least it seems by now to have a partly happy ending.More links to relevant news articles on the subject and some related topics follow.

The media pick up the story: PCWorld, News.com, BBC

Sony gives in and gives in a little more, but still not enough.

Malware uses the Sony BMG root kit: World of Warcraft hackers, Trojan

Sony sued over rootkits

Sony strikes again. This time they want to inhibit Playstation game swapping.

Microsoft to delete Sony DRM 'rootkit'

Sony rootkit prompts office clampdown on CD use

Not again! Uninstaller for other Sony DRM also opens huge security hole

Sony malware infections in the millions

Has Sony stolen open source software?

Probably the next issue of the Windows Malicious Software Removal Tool, part of the monthly update cycle, will automatically find and remove the Sony rootkit.

Info on Sony's EULA (End User License Agreement)

List of Sony CDs that contain the rootkit: slashdot.org, amazon.com

One person's reckoning: I'm tired of Sony's bullshit.

2007-12-17 – How Sony BMG lost its mind and rootkitted its CDs – prepublication law paper

2005-12-21 – Attorney General Abbott Slaps Sony With New Spyware Violations

Write your opinion to Sony or, better, boycott the company that gave us Betamax and the Memory Stick.

More Sony involvement - the Bioshock game this time

Thu, 2007-08-30 07:49 by admin

BioShock Soaked in DRM Fiasco
Rob Wright
August 27, 2007 19:41

BioShock DRM

It's been about a week since BioShock's launch, and the digital rights management controversy surrounding the game shows little signs of abating. BioShock had received considerable hype and overwhelming positive reviews (including my own), but the game has been mired in an uproar regarding the game's installation policy, which initially limited each customer to two installations only through SecuROM's copy protection software.

The trouble started almost immediately after BioShock release on Aug. 21. Word began circulating through various forums about technical issues with the game's installation; specifically, many users who had run into issues with playing the game, whether it was Window Vista related issues or graphics drivers, un-installed BioShock and then re-installed it on other machines. They were then greeted with an unfortunate message that read: "Too many activations on different PCs have been performed with the entered SERIAL NUMBER. No further activations are allowed." The message also included an e-mail address for SecuROM support (support@securom.com).

[Note that SecuROM is owned by Sony.]

Read the complete article at: http://www.twitchguru.com/2007/08/27/bioshock_drm/

Deja vu all over again: Sony uses rootkits, charges F-Secure

Tue, 2007-08-28 09:43 by admin

Some USB drives create a hidden folder that hackers can use to cloak malware

Gregg Keizer August 27, 2007 (Computerworld) -- A line of USB drives sold by Sony Electronics Inc. installs files in a hidden folder that can be accessed and used by hackers, a Finnish security company charged today, raising the specter of a replay of the fiasco that hit Sony's music arm two years ago when researchers discovered that its copy protection software used rootkit-like technologies.

According to F-Secure Corp., the fingerprint-reader software included with the Sony MicroVault USM-F line of flash drives installs a driver that hides in a hidden directory under "c:indows". That directory, and the files within it, are not visible through Windows' usual application programming interface, said F-Secure researcher Mika Stahlberg in a posting to the company's blog today.

"[But] if you know the name of the directory, it is possible to enter the hidden directory using [the] command prompt, and it is possible to create new hidden files," said Stahlberg. "There are also ways to run files from this directory."

All of this -- and the fact that the directory goes unspotted by some antivirus scanners -- is similar to the Sony BMG rootkit case in late 2005. Then, researchers spotted rootkit-like cloaking technologies used by the copy-protection software Sony BMG Music Entertainment installed on PCs when customers played the label's audio CDs. The Federal Trade Commission alleged that Sony had violated federal law and settled with the company earlier this year. Before that, Sony paid out nearly $6 million to settle cases with U.S. states.

Read complete article

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.