Do not put Sony Music CDs in your editor's drive at DVinfo.net
DV Info Net

Go Back   DV Info Net > The DV Info Network > Digital Video Industry News

Digital Video Industry News
Events, press releases, bulletins and dispatches from the DV world at large.

Reply
 
Thread Tools Search this Thread
Old November 1st, 2005, 06:52 AM   #1
Trustee
 
Join Date: Feb 2004
Location: Suwanee, GA
Posts: 1,241
Do not put Sony Music CDs in your editor's drive

Mark Russinovich recently discovered that Sony's content protected CDs will install, without warning, a rootkit on your PC. Rootkits hide themselves, prevent detection, and in some way, alter the usage of your computer. You can read more about it At the Registry and at Mark's discussion linked from The Registry here

The rootkit will alter how the CD drivers work and could possibly limit your ability to write files to disc. Trying to uninstall the kit can cause some components to be disabled. The potential exists that you could possibly lose the ability to create content that is in no way related to any Sony materials and there are no major telltales on why that has happened.

Mark Russinovich is one of the leading OS internals folks around (He and David Solomon are the kings). Mark also notes that besides underhanded, the app is very poorly written. :p
George Ellis is offline   Reply With Quote
Old November 1st, 2005, 01:24 PM   #2
Trustee
 
Join Date: May 2005
Location: Saint Cloud, Florida
Posts: 1,043
I had this issue and had to wipe my entire machine to byte zeros in order to remove it, DIE SONY!
__________________
www.facebook.com/projectspecto
Marco Wagner is offline   Reply With Quote
Old November 1st, 2005, 06:40 PM   #3
Trustee
 
Join Date: Mar 2004
Location: Carlsbad CA
Posts: 1,132
nice post! i wonder if proper virus/spybot type of monitoring software would stop this from installing?
Dan Euritt is offline   Reply With Quote
Old November 1st, 2005, 06:53 PM   #4
Trustee
 
Join Date: May 2005
Location: Saint Cloud, Florida
Posts: 1,043
I think it would if you trained it. Maybe to look for rootkit extensions or something along those lines.
__________________
www.facebook.com/projectspecto
Marco Wagner is offline   Reply With Quote
Old November 1st, 2005, 08:15 PM   #5
Inner Circle
 
Join Date: Jul 2002
Location: Albany, NY 12210
Posts: 2,652
There's gotta be a lawsuit in this.
Marco Leavitt is offline   Reply With Quote
Old November 2nd, 2005, 04:42 AM   #6
Trustee
 
Join Date: Feb 2004
Location: Suwanee, GA
Posts: 1,241
Quote:
Originally Posted by Dan Euritt
nice post! i wonder if proper virus/spybot type of monitoring software would stop this from installing?
At the moment, no. Cisco Security Agent may, but that is not an over-the-counter solution.
George Ellis is offline   Reply With Quote
Old November 5th, 2005, 02:02 AM   #7
Regular Crew
 
Join Date: Nov 2005
Posts: 80
Quote:
Originally Posted by Marco Leavitt
There's gotta be a lawsuit in this.
I was wondering the same thing.
James Llewellyn is offline   Reply With Quote
Old November 5th, 2005, 09:29 AM   #8
Wrangler
 
Join Date: Dec 2002
Location: Mays Landing, NJ
Posts: 11,794
Here's some more info on this issue...

http://news.yahoo.com/news?tmpl=stor...03/bs_nf/39083
http://biz.yahoo.com/ap/051102/sony_...tion.html?.v=5
Boyd Ostroff is offline   Reply With Quote
Old November 5th, 2005, 11:53 AM   #9
Regular Crew
 
Join Date: Jul 2005
Location: Wiltshire, UK
Posts: 192
Sony have posted a fix

Hi all
Following the previous threads, it appears Sony have posted a fix at
http://cp.sonybmg.com/xcp/english/updates.html. Thought I'd post it up here to save people trawling! Pity Sony don't stick to producing cameras - they're quite good at that!!! ;-)
Graham Risdon is offline   Reply With Quote
Old November 10th, 2005, 05:59 PM   #10
Inner Circle
 
Join Date: Jul 2002
Location: Albany, NY 12210
Posts: 2,652
And the lawsuits start ...

http://www.breitbart.com/news/2005/11/10/D8DPSA288.html

I hope they bleed Sony good over this.
Marco Leavitt is offline   Reply With Quote
Old November 10th, 2005, 06:08 PM   #11
Wrangler
 
Join Date: Dec 2002
Location: Mays Landing, NJ
Posts: 11,794
Here's one solution :-)

http://seattletimes.nwsource.com/htm...38_paul07.html

Quote:
Hardly a week goes by that I don't hear from a friend or colleague with a monumental Windows problem. I tell them I'm glad to help, on one condition: Next time they buy a computer, they agree to consider a Macintosh. A year ago, after a particularly trying week of spyware, adware, viral attacks, lock-ups and reboots, I changed my primary computer to a Mac.
Boyd Ostroff is offline   Reply With Quote
Old November 11th, 2005, 02:35 PM   #12
Guest
 
Posts: n/a
I appreciated your warning on this. This article just came up on the home page for my email. I'm not sure if it's the cause of the problem you mentioned above or not, but good news to prevent this from happening in the future if it is. To bad all of the old CD's willl still remain in circulation though -

"Sony BMG Music Entertainment, promised Friday to temporarily suspend making music CDs with antipiracy technology that can leave computers vulnerable to hackers."

From what I read in your post above the hacking was not the concern in this forum, but the "antipiracy technology" may have been affiliated with the "root kit" you mentioned above.

http://news.yahoo.com/s/ap/20051111/...opy_protection
  Reply With Quote
Old November 14th, 2005, 06:39 AM   #13
Trustee
 
Join Date: Feb 2004
Location: Suwanee, GA
Posts: 1,241
Quote:
Originally Posted by Graham Risdon
Hi all
Following the previous threads, it appears Sony have posted a fix at
http://cp.sonybmg.com/xcp/english/updates.html. Thought I'd post it up here to save people trawling! Pity Sony don't stick to producing cameras - they're quite good at that!!! ;-)
This is actually not a fix. It is not an uninstall. It just exposes the materials in the rootkit.

As of last week, there is now an exploit in the wild that will take advantage of the rootkit and use it to hide its operation. As of last week, both Symantec and Microsoft had included the signature for the kit in their anti-virus/anti-spyware tools. I do not know if that includes innoculation or uninstall. Because the rootkit add low and high filters (sub-classes the CD - a special driver that intercepts any calls to and from the CD device), and those directories in the registry can vary, they may not have included an uninstall yet.

Edit - added link http://www.cnn.com/2005/TECH/interne...eut/index.html
George Ellis is offline   Reply With Quote
Old November 14th, 2005, 04:06 PM   #14
Wrangler
 
Join Date: Dec 2002
Location: Mays Landing, NJ
Posts: 11,794
What were you thinking, Sony?

http://biz.yahoo.com/fool/051114/113199454317.html?.v=2

Quote:
Increasingly, music companies like Sony's Sony BMG arm are treating their customers like criminals who borrowed rather than purchased their products. Meanwhile, look out, this newest development points to the ways that the recording industry is going on the offensive -- it appears that the industry has moved on from tackling peer-to-peer networks to attack what they call "casual piracy"
Boyd Ostroff is offline   Reply With Quote
Old November 16th, 2005, 08:51 PM   #15
Inner Circle
 
Join Date: May 2005
Location: Burnaby, BC, Canada
Posts: 3,053
CDs to be recalled.

The affected CDs (according to the meda) are to be returned for a Copy-protectionless copy of the disc. Guess the people who did get the virus in their computer would have to reinstall everything and format the Hard drive!
Jack Zhang is offline   Reply
Reply

DV Info Net refers all where-to-buy and where-to-rent questions exclusively to these trusted full line dealers and rental houses...

B&H Photo Video
(866) 521-7381
New York, NY USA

Scan Computers Int. Ltd.
+44 0871-472-4747
Bolton, Lancashire UK


DV Info Net also encourages you to support local businesses and buy from an authorized dealer in your neighborhood.
  You are here: DV Info Net > The DV Info Network > Digital Video Industry News

Thread Tools Search this Thread
Search this Thread:

Advanced Search

 



All times are GMT -6. The time now is 08:55 PM.


DV Info Net -- Real Names, Real People, Real Info!
1998-2024 The Digital Video Information Network