Weekly Edition
Return to the Security pageRecent Features
| |||||||||||||
Sony, rootkits, and the escalation of the DRM war
As most readers are likely to have seen by now, a Windows developer recently
discovered
that a rootkit on his system had been installed by the DRM
("digital restrictions management," to use Richard Stallman's apt term)
code from a copy-protected CD. This CD (Van Zant's appropriately named
"Get Right With The Man") was issued by SonyBMG. It happily installed
software on the system, overrode a couple of system calls, and proceeded to
hide itself from casual view. This is not the sort of experience that CD
purchases are normally looking for. SonyBMG should - and will - take a fair
amount of grief from this bit of silliness.
Just how silly is just becoming clear: consider this weblog entry which suggests that SonyBMG's DRM activities don't really even have anything to do with copy protection. Instead, SonyBMG is simply trying to make life more difficult for iPod users as a way of trying to muscle in on Apple's turf. It is increasingly clear that DRM is being used as a way of excluding competition, rather than for its stated purpose. With luck, some politicians might begin to understand this, and the tone of the debate in various national capitols may change a bit. Meanwhile, it is also clear that DRM is increasingly a security issue. We have music discs which install malware, the entertainment industry trying to poison bittorrent streams, and legislators who would like to legalize overt attacks against those who are deemed to be pirates. There will certainly be many computers - including those in companies - which have been infected with the DRM code shipped by SonyBMG, and the full capabilities of that code remain unclear. The next security compromise carried out in the name of piracy prevention may be even worse. There are some obvious conclusions to be drawn from this episode. The most obvious of all being that automatically running code from an arbitrary CD is a stunningly bad idea. Beyond that, avoiding Windows helps, for now. Even Macintosh systems are unaffected by SonyBMG's DRM. And it has been made clear that security threats can come from unexpected directions. SonyBMG is not a bunch of script kiddies in a basement somewhere; it's a high-profile corporation which, one might expect, would not be in the business of attacking its customers' computers. This is unlikely to be the last episode of this kind we will see. (Log in to post comments)
Sony, rootkits, and the escalation of the DRM war Posted Nov 3, 2005 6:17 UTC (Thu) by Duncan (guest, #6647) [Link] This was one of the things that finally pushed me off of MSWormOS, toLinux, when I otherwise would have been upgrading to what I began to call eXPrivacy. I realized (as my newsgroup posts from the time confirm) that the "activation" code MS was shipping in "eXPrivacy" was setting a precedent. Sure, at the time, the code collected a "somewhat limited" amount of information on the computer hardware, then weakened that rather more by bitmapping specific information to a small number of bits (ranges for disk size values to fit in 2 or 3 bits, IIRC) or hashed it (as they did with the computer's MAC address and disk ID, IIRC), and MS claimed even that wasn't stored in a way directly retrievable by user, but the precedent was clear -- MS had decreed it was acceptable to spy on users and transmit information obtained locally back to the mother ship for tracking purposes. That precedent crossed the line -- I was simply *NOT* willing to accept it, both in principle, and because I knew that once MS made it OK, it would be equally OK for every other software maker, many of which I trusted substantially less than MS. A few years later, and spyware has become a household term. There are anti-spyware distributors similar to the AV distributors that have been with us for some time. Now we see music companies distributing root-kits on their CDs, and there's really no end in sight. Unfortunately, not enough other folks saw it coming as I did, or cared enough about it if they did, to refuse to have a part in it, period, or we'd not be in the position we (as the computing community, of which Linux is still a part, tho it doesn't affect us so directly) in, today. Fortunately, others had this idea about software freedom, that the /user/ actually had some rights that needed considered, long before I came along, and Linux was available to jump to. I now consider that the best computer choice I ever made, bar none, and competing for the best /choice/ I ever made, bar none. Ironically, while I had discovered the land of software freedom and had been increasingly thinking about switching for a couple years, I have MS to thank for actually pushing me into it, as I'm honestly not sure if I'd have ever given up the decade of experience I had on MS by that time, if they hadn't. I've often said that the clearest demonstration of whether MS thought themselves a monopoly was the move to activation. They /knew/ what happened to the companies before that had tried to force dongles in the name of copy protection -- they got marginalized by the competition, in some cases MS itself being that competition, and wouldn't have made the same mistake with activation, if they thought there was any competition to move to. That they did this at the time of the monopoly trial and STILL got away with it... Anyway, I'm fortunate that there was an alternative for me. To that point, I'd personally spent quite some portion of my income over the several previous years buying MS, because the OS and my (hobbyist) programming platform was something I wasn't going to trust to pirate sources even if I HAD found it moral to do so. As well, I had been active in the IE/OE 4, 5, and 5.5 public betas, and had been in line at midnight for the release of Windows98, so yes, MS definitely lost a loyal customer! What a way to move in such a short time, but if freedom software such as Linux hadn't been available, the other choice was a complete reversal -- NEVER buying anything from MS, pirating EVERYTHING, because that would have been the only way to keep out of the activation net. Fortunately, it didn't come to that, and I didn't have to hobble my conscience. (Actually, the hardware makers ought to thank MS too, because MS' loss has been to a large degree the hardware maker's gain. I've had a dual Opteron system for nearly two years now, my first dual processor system, and just today upgraded to 4x300 G Seagate drives, which will soon be running Linux kernel based RAID, the first time I've ever had a RAID system, neither hardware upgrade of which I would have had money for if I had continued spending on MS and software in general at the rate I was.) Anyway... despite the Sonys of the world, the /good/ news is that at least most of the rest of the world seems to be slowly wising up to MS and the consequences it brings with it, and is gradually beginning to make choices supporting software freedom for themselves, too. Too bad the US, yet again, seems to be pulling the tail of the clue train, both technically and freedom wise, as it seems to be doing more and more often, lately. Duncan
Sony, rootkits, and the escalation of the DRM war Posted Nov 3, 2005 8:16 UTC (Thu) by Felix.Braun (subscriber, #3032) [Link] Appearently, First4Internet, the company that created the DRM-Software wants to make a patch available that will remove the root-kit properties of this DRM scheme (as reported by the Washington Post).
Sony, rootkits, and the escalation of the DRM war Posted Nov 3, 2005 12:56 UTC (Thu) by smitty_one_each (subscriber, #28989) [Link] So, what? If the capacity to perform a low-level tweak on the OS remains, then what difference does removing the first rootkit receiving wide publicity make?
LAME included? Posted Nov 3, 2005 8:45 UTC (Thu) by hingo (guest, #14792) [Link] Apparently a file called GO.EXE on the Van Zant CD contains a string "http://www.mp3dev.org/ 0.90 LAME3.95". (Discovered by Matti Nikki.) If this means what we all think it meants, First4Internet is in violation of the LGPL?
LAME included? Posted Nov 10, 2005 19:31 UTC (Thu) by Thue (subscriber, #14277) [Link] One of the purposes for the DRM program is to prevent CD rippers from working, so that string is probably just being used when detecting LAME.
If this is the case then the use of that string falls under fair use, ie not a copyright violation.
LAME included? Posted Nov 14, 2005 8:13 UTC (Mon) by hingo (guest, #14792) [Link] Good point. Just to be clear, because I didn't spell it out above, the other alternative is that it has LAME statically linked.
What action is helpful? Posted Nov 3, 2005 12:44 UTC (Thu) by nicku (subscriber, #777) [Link] I feel that few readers are less than incensed at Sony's behaviour. But how can we effectively make Sony aware of our indignation in a useful way?
What action is helpful? Posted Nov 3, 2005 13:36 UTC (Thu) by copsewood (subscriber, #199) [Link] When a UK resident has their computer contents modified by this without their authorisation encourage them to complain to the police that this is an offence against the computer misuse act. Time for the rights of ordinary computer owners to be upheld against corporate crime of this sort. I think there are also various other places which have made unauthorised modification or preparation to do so illegal for the same reasons, but your local laws may vary.
What action is helpful? Posted Nov 3, 2005 14:04 UTC (Thu) by NRArnot (subscriber, #3033) [Link] I'd suggest invoicing Sony for the time=money of completely wiping clean the hard disk and reinstalling all of your software. Also the cost of the backup storage rendered necessary by the above. Even if they make a removal tool available that doesn't require connecting the computer to a network and running Internet Exploiter, you still cannot be certain that your system is not compromised. Starting from scratch is the only way. There are already exploits of this abomination out there ... just because you have got rid of the Sony crud does not mean that it hasn't opened the gate for something even worse.
And when they won't pay up ... I'd suggest to USA folks that the words "class action" should spring to mind.
As mentioned above what they've done is criminally illegal in the UK, and although IANAL, I've read that similar laws apply in several USA states as well. Where they do, call the police. Are there any states where criminal prosecutions can be brought privately, or where citizens can actually force the police to enforce the laws that protect your computer?
I'm going to be deleting native Windows off my home computer this week-end (ie, no more dual boot). From now on, Windows will run only in a VM, so I can revert it. (Though for how long one can trust VMWare not to create backdoors for the media groups, who knows. Hang on to your old versions of Linux and VMware, assuming the latter isn't already on the dark side).
And anyone from Sony reading this, I now have a personal buy-Sony-last policy. I've always liked VAIOs, but now I know what depths the company will sink to on the software front, I won't be buying another one.
What action is helpful? Posted Nov 3, 2005 14:56 UTC (Thu) by tcabot (subscriber, #6656) [Link] Stop giving them your money. There's a huge amount of good music at http://www.archive.org/audio/etree.php (especially if you like the dead).
What action is helpful? Posted Nov 3, 2005 19:16 UTC (Thu) by nicku (subscriber, #777) [Link] especially if you like the deadI do. Thank you.
|
|||||||||||||