by Mike Masnick

Sony, Rootkits And Mock Surprise

from the who-didn't-see-this-coming dept

This has been discussed to death on other blogs and news sites, so we'd been ignoring it on the assumption that you've seen it elsewhere already. However, in the last twelve hours or so, it's been submitted a dozen times by people who seem to want us to write about it. Yes, the copy protection scheme that Sony uses on some of its CDs acts identical to all sorts of nefarious malware, sneaking its way deep into your computer and making itself almost impossible to remove. What's amusing about the story, though, is the way so many people are acting surprised and outraged by it. How else would you expect the entertainment industry to put copy protection on your computer? Of course they're going to try to hide it. And, why wouldn't they hide it deep within the system using the same techniques as rootkits? People have pointed out for ages that most of these copy protection schemes are no different than other types of malware (installed without you knowing it, prevents your computer from acting as it should, not easily removable, etc.). All this article has done is show more explicitly how it's been done -- but it's hardly a surprise. If you didn't expect the entertainment industry to employ these tactics, then you haven't been paying much attention lately.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    Ben McNelly, 1 Nov 2005 @ 12:15pm

    No Subject Given

    I smell a class action lawsuit....

    Seriously though, I would love to sue, or at least stop large company's software makers from hijacking your computer. Ever bought a kodak digital camera? Ever used AOL? Real media? Even adobe reader!!! and what about the poor people who go through a normal set up for somthing like msn messenger and dont see the nic little check boxes that install toolbars and change homepages? Even little stuff like that annoys me. At least sometimes we have a choice. But somthing like Kodak's software? Cannot be stopped! you cant even kill the process!

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 1 Nov 2005 @ 12:24pm

      Re: No Subject Given

      What I don't understand (I obviously have ignored this issue on other blogs) is why it is legal for them to do this crap but none of the ad networks?

      Is it installed without our knowledge and hidden without our consent? Then it should be illegal. However, if I am checking a box or ignoring the warnings telling me something will be installed, then that is my own fault.

      But if something is installed simply by popping in a new CD I just bought without asking me first, I should be able to sue.

      reply to this | link to this | view in chronology ]

      • identicon
        lar3ry, 1 Nov 2005 @ 12:47pm

        It's truly a root kit... Malware

        You should read one of the many articles. It does install without warning. The guy that originally documented it is a professional "SysInternals" developer, and he had to jump through hoops to uninstall it (if you simply delete the files, your system becomes unbootable, since it even loads IN SAFE MODE). It was a great bit of detective work, and he spent a LOT of time attempting to uninstall it.

        Face it, this is malware. There is NO entry in "Add/Remove programs" to install it, and it's an active malware: it is contantly checking out your system causing a CPU penalty of about 1-2%. Now, if you don't think that 1-2% is high, what happens when a couple of dozen different distributors decide to install a dozen different bits of malware on top of one another. It will bring your system to its knees. And what benefit does the uninformed consumer get? No benefit whatsoever! This ugly bit of code is installed on your system without your permission to "protect" the songs on your CD from YOU!

        If it walks like a duck, and quacks like a duck, then, by Jim, it's a damned duck! This malware is nothing more or less than a root kit, designed to hide files and registry keys, and to spy on what you are doing. It installs itself as a service as a USB driver (huh? your CD isn't on a USB connection? So what? We don't really have to TELL you what we're installing on your system!).

        It's a kick in the face to every person that purchases this CD. Complaining to SONY won't do squat. They know what the software does, and if they claim ignorance, then they haven't done due dilligence in protecting YOUR computer from THEIR software. They can put anything you want in an end user license, but even then, they don't mention the root kit. It's still their responsibility: if their software destroys any system--and making it so you can't boot EVEN IN SAFE MODE is nothing less than destruction--then they are guilty of the computerized equivalent of vandalism.

        Suggestion: purchase a Mac or a Linux box, and use that to listen to (and legally rip!) your legally purchased CD's. A Mac Mini costs less than $500, and a Linux box can be put together as cheaply as a regular PC. If you MUST use Windows, disable the CD "auto-run" feature, but eventually there will be a way for the labels to circumvent even that. (Hmmm.... isn't that a circumvention device?)

        reply to this | link to this | view in chronology ]

        • identicon
          Mthorn, 2 Nov 2005 @ 7:51am

          Re: It's truly a root kit... Malware

          I always turn of auto-run, that is the most annoying damned feature. You start a game, it asks you to enter the CD. You enter the CD, autorun starts in the background. You close the game to find an install screen waiting for you. Or you enter a DVD to read the data but it starts playing the movie. I hate that "feature".

          Anyway, just use iTunes or Napster for your music. They both have copy protection, but as far as I know they don't install rootkit type protection for it. You can easily burn to a CD without any copy protection. Who uses CD players for music these days anyway?

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 Nov 2005 @ 12:37pm

    Hmm, how do I post a suspicion ...

    without getting involved in a flame fest?


    I'm surprised that Mark Russinovich didn't expect this before he installed the software that came with the Sony CD.

    Is he really so smart as to track down all the details of the hidden files, and yet somehow not have an inkling that installing Sony's DRM laden media player might screw with his system?

    If I was more suspicious, I might believe that Mr. Russinovich already had an article in mind even before he purchased his copy protected CD.

    I had this thought even before I noticed how blatant the COPY-PROTECTED warning on Amazon is that he claims to have missed.

    reply to this | link to this | view in chronology ]

  • identicon
    Nate Silva, 1 Nov 2005 @ 1:56pm

    Where are the anti-virus vendors?

    Do anti-virus/anti-spyware programs detect this yet? Will they?

    reply to this | link to this | view in chronology ]

  • identicon
    daniel duende, 4 Nov 2005 @ 12:46pm

    The solution is quite simple

    In the face of the dangerous behaviour of the entertainment industry, i've taken the easiest road some time ago:

    I've quit BUYING any entertainment product. It's easier and (now it sounds even more) safer to download music and video from P2P :)

    reply to this | link to this | view in chronology ]

    • identicon
      Red1JackFoster, 5 Nov 2005 @ 5:35pm

      Re: The solution is quite simple

      I would have to agree with you on that. Sony should realize that now people are going to pirate to protect themselves and their computer. Brilliant!

      reply to this | link to this | view in chronology ]

  • identicon
    Dr.T, 24 May 2006 @ 12:36pm

    Billing them?

    Anyone who surreptitiously installs something on my computer that takes me hours to remove will get a bill for my time, at the usual corporate consultancy rate of $240/hr. A few hundred of those that Sony refuses to pay makes for a class action suit, wouldn't you say? At the very least, it'll cost them in terms of having to get their lawyers to analyze their position, which, although IANAL, I suspect will lead to the suits drafting some sort of wording that they will HAVE TO put on their CD's to cover their asses. Sort of like the warning on cigarette packs.... "Placing this CD in your computer may inflict serious damage, and/or lead to invasions of privacy to which your purchase of this CD constitutes informed consent." If Sony takes up this idea now in original or modified form, they can have it for the low, low price of $10,000 USD, as it's MINE MINE MINE and it MUST BE PROTECTED! ;->

    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.