Last week I highlighted veteran Windows programming guru Mark Russinovich’s look into the nasty stuff Sony was leaving on the PC’s of those unfortunate enough to have bought one of several music CD’s with their new copy protection screen.
Sony’s response has been muddled and poorly executed as Russinovich documents. Here’s is his summation of their response:
[T]he comment [from the DRM software developer] does not explain why Sony won’t simply make the uninstaller available as a freely accessible download like they do the patch, nor why users have to submit two requests for the uninstaller and then wait for further instructions to be emailed (I still have not received the uninstaller). The only motivation I can see for this is that Sony hopes you’ll give up somewhere in the process and leave their DRM software on your system. I’ve seen similar strategies used by adware programs that make it difficult, but not impossible, for you to remove them.
Instead of admitting fault for installing a rootkit and installing it without proper disclosure, both Sony and First 4 Internet claim innocence. By not coming clean they are making clear to any potential customers that they are a not only technically incompetent, but also dishonest.Not unsurprisingly the first lawsuits are starting to appear.
And to make it worse, black-hats are able to take this freely-offered tool and turn it to their own ends. I play “World of Warcraft” and there have been comments in the forums that this tool would prevent Blizzard from checking for cheats and hacks, simply because they would not be able to check for things hidden by this POS from Sony.
The Sony software is now a big, well documented target for hackers of all sorts. I pity those who are unknowingly affected.
There may be more to it than simple stupidity. Check Houblog for a connection I should have made much earlier, seeing as I spent three years playing Everquest.
When this first broke, I thought my wife had installed it on her system, but she hasn’t. Obviously, she’s not going to.
Sorry but I wanted to quote a little line from the site houblog mentioned before.
“Is it a coincidence that Sony released a product on all it’s audio CD’s that “accidentally” enables rampant cheating in a competitor’s game, thereyby spoiling it?”
This is talking about World of Warcraft and it’s 2 main competitor games Everquest and Starwars Galaxies, both owned or licensed by Sony. It’s strange that we do not hear the same problems for those 2 with this rootkit….
… the first lawsuits are starting to appear.
Let’s hope that in the settlement, when it’s reached, that those suing sony will refuse to be buffaloed into accepting the nondisclosure terms that sony will surely insist upon.
Apparently, Sony would handle this PR problem the same way the French are handling the rioting! This is going to be very very bad for Sony and they need to get their butts in gear. I would be extremely pissed off (angry not drunk — for the British readers) to find a rootkit based DRM system being installed without full disclosure. Fortunately, the software won’t even run on a Mac and I can rip the music tracks just like normal. I suspect the same for Linux to be the case. It’s a Windows only software installer that runs when you have AutoRun turned on in Windows. Turn off AutoRun and the software never runs. Not sure if you can rip it at that point or not. I suppose you just might be able to… Hmm another DRM scheme foiled by holding down the Shift key when you insert the CD!
The gamer hacks are due to naming the game hacks as $sys$ which will hide them as the Sony DRM rootkit hides any file that starts that way. After the patch it stops hiding non DRM related files. So the multi-player game will scan for cheats and game hacks and not find them because the Sony DRM rootkit is hiding them! I’ve also heard you can hide your ripper software by simply renaming the executable so it starts with $sys$ and you can then rip the disc like normal.
DRM is pretty stupid, there is always a way around it. Their only hope is to make it such a pain that most people won’t bother. I say sue the heck out of Sony with class action lawsuits! They have no business installing any software off a music CD onto anyones computer without making it painfully clear what it’s going to do to your system. Their first release of the DRM software will hide any $sys$ file. The next release will stop that from happening but the damage is done. Anyone who doesn’t install the patch or insert a newer Sony music CD with the update now have something that a worm/trojan/virus could take advantage of to hide.
I’ve already had to clean regular trojan/viruses off a system where you could not see the infected executables because they were hiding behind a rootkit technique. i.e. I had to boot with CD to see the files on the hard disk. They were hidden in Explorer and even in the DOS console and over a network connection! The rootkit filters the data within the OS kernel so they remove files from directory listings at a very low level.