Jump to content

Mark's Sysinternals Blog


Eric Legge

Recommended Posts

  • Replies 66
  • Created
  • Last Reply

Top Posters In This Topic

  • epp_b

    11

  • hkspike

    5

  • Cluttermagnet

    5

  • Marsden11

    5

I first saw this on engadget - took a brief look at this one at SysInternals, and it's definately worth anyone's time.I knew DRM was trash from the start, but this is dispicable! B)

Link to comment
Share on other sites

Sony now is offering a "Service Pack" to un-hide the hidden files. The downside? You must use Internet Explorer, because it is an ActiveX control!Sounds safe to me...... B)

Link to comment
Share on other sites

Since this only affects Windows PCs, why doesn't someone start a class action discrimination suit. Obviously, DRM (and Sony) discriminates against Windows users by preventing the playing of CD content on their PCs while allowing unrestricted use of the same content on Apple or Linux PCs. :download:

Link to comment
Share on other sites

Guest LilBambi

Mine either. I have been boycotting the RIAA/Big 5 since Napster was taken down and things haven't gotten better with age.I have put several topics about this on my blog this past week too.Also at EFF.org they have a PDF about the RIAA v. The People - Two Years Later. Certainly worth a read. Puts the last two years into perspective. I think it came out before the Sony/BMG fiasco because I am sure they would have included it if it hadn't. ;)Here's the direct link to the piece at EFF.org:http://www.eff.org/news/archives/2005_11.php#004116And here's a direct link to the PDF file on EFF.org:http://www.eff.org/IP/P2P/RIAAatTWO_FINAL.pdfThere's also a link at my blog for that too.

Link to comment
Share on other sites

The company that created the DRM software for Sony has issued an update:"SonyBMG and First4Internet, the companies caught installing rootkit-like software on the computers of people who bought certain CDs, have taken their first baby steps toward addressing the problem. But they still have a long way to go; and they might even have made the situation worse."Yesterday, the companies released a software update that they say “removes the cloaking technology component that has been recently discussed in a number of articlesâ€. Reading that statement, and the press statements by company representitives, you might think that that’s all the update does. It’s not."The update is more than 3.5 megabytes in size, and it appears to contain new versions of almost all the files included in the initial installation of the entire DRM system, as well as creating some new files. In short, they’re not just taking away the rootkit-like function — they’re almost certainly adding things to the system as well. And once again, they’re not disclosing what they’re doing." - http://www.freedom-to-tinker.com/?p=921

Link to comment
Share on other sites

Guest LilBambi

Excellent reading Eric, as his Freedom to Tinker's earlier entry on this subject.I have them both updated to my blog listing today when I found CNet's Declan's article posted on ZDNet today: Why they say spyware is good for you | Tech News on ZDNetI find all of this very upsetting. No country should create criminals out of folks who wish to remove something that was placed on their computer, with or without, the 'installer's' permission. It is after all your computer. And what does such demonizing of customers/potential customers do for a society already so sick of interference, legislation and restrictions on what they purchase (taking away citizens' fair use of what they buy and creating criminals of citizens) and backed by corporate lobbyists and our own government -- which is SUPPOSED to be run by "The People" not corporations? Who's government is this anyway, I ask myself for the umpteenth time these days. Sigh....This along with everything else that's going on out there with spyware, trojans, patents, copyright, DMCA, litigation, copy protection for software, hardware, etc. etc., is really is beginning to wear my patience thin. It seems to get worse by the day.

Link to comment
Share on other sites

Guest LilBambi
:blink: Good one epp_b!I have added it to my latest entry on this on my blog, along with another quote by an article on the Christian Science Monitor:
In response to a flood of criticism, Sony and First 4 Internet reacted with information-age speed. The software patch was up and running on the Web by Nov. 2. But the patch serves only to locate the hidden software. Bloggers and computer experts are still steamed: The patch does nothing to help the user remove the rootkit, they say, and may in fact aggravate the problem. For his part, Russinovich wonders why Sony wasn’t more careful in the first place. He cites a National Public Radio interview with Sony’s president of Global Digital Business, Thomas Hesse, in which he said that “most people, I think, don’t even know what a rootkit is, so why should they care about it?” “That quote nicely summarizes the problem,” Russinovich says.
http://jim-fran.com/BambisMusings/?p=284or direct at the CSMonitor.com - Sony aims at pirates - and hits users
http://www.theinquirer.net/?article=27508that's one that was posted. I don't know if it is the only one.I've been following Mark's blog on Sysinternals. Because he has the expertise to look at the "programs" and then reports fairly on his findings.
Good one zlim! Added this one too!
Link to comment
Share on other sites

Guest LilBambi

I've added another item to bottom of my blog entry:

In a BetaNews blurb entitled Sony President: Rootkit of No Concern BetaNews reports that NPR had an interview with Sony BMG’s Global Digital Business President Thomas Hesse. In this interview, Mr. Hesse downplayed the the DRM fiasco saying he objected to terms such as malware, spyware and rootkit. BetaNews quoted Mr. Hesse as stating that “Most people, I think, don’t even know what a rootkit is, so why should they care about it?”When I listened to the NPR Morning Edition “Sony Music CDs Under Fire from Privacy Advocates” presentation from November 4, 2005, I thought it was a rounded approach in presenting a capsulated audio report on the issues, including not only Mr. Hess’ comments, but those of several notable security experts including Mark from Syinternals who found the rootkit on his system and did the forensic investigation to determine where it came from, what it’s potential was, what it did, and how to remove it.It is certainly interesting to note that Sony of course as BetaNews reports totally played down the potentially devastating possibilities of such software, and their hiding of it, and did not address the lack of information in the EULA for the approximately 20 CDs he said make use of the hidden DRM enforcing technology.
http://jim-fran.com/BambisMusings/?p=284I may have to start another post for this. I have been trying to keep them together, but there are just too many out there, and I only have a few of them on the posting!
Link to comment
Share on other sites

Cluttermagnet

'When The Law becomes unlawful..."This is an overall social trend in this country and elsewhere, and does not augur well for civil behavior in the future. Rather, it channels us more towards chaos. When people have 'the law' used against them unfairly, and as a weapon, they lose respect for the law, and compliance goes to **** in a hurry. This is where we are today. I guess, in a strange way, this all makes me glad I'm not 'young'. Consequently, for me, the latest hot musical properties are not 'must haves'. I haven't paid for any new music in any form in probably well over a decade now. Oh, one exception- I bought a few Firesign Theatre CDs at Best Buy a few years back, to support that excellent and underappreciated comedy troupe. Best Buy no longer sells them and I no longer buy anything from their music department. OTOH I *have* paid serious money for older CDs and yes, even vinyl LPs on Ebay and such. Oldies and goodies you *can* own, folks. At least, it's ownership so far as I'm concerned. No, I don't share around such material. "Wouldn't be prudent- at this juncture". But I do liberally copy it onto CDRs and (gasp!) audio cassettes for my personal consumption. Napster was a hoot til RIAA killed it. Somebody please put a stake through their (RIAA) wicked hearts. Where are the mobs with torches and pitchforks outside of RIAA HQ? I guess they must be busy defending against frivilous lawsuits and trying to stay out of bankruptcy. Siiiighhhhh!

Edited by Cluttermagnet
Link to comment
Share on other sites

Guest LilBambi

Hey ClutterMagnet! Great to see you!Actually, within about 7 hours in one day, they reported TWO!And that's besides the Netcraft hack to hide cheats in the game that is making use of that rootkit as well.

Link to comment
Share on other sites

Guest LilBambi
'When The Law becomes unlawful..."This is an overall social trend in this country and elsewhere, and does not augur well for civil behavior in the future. Rather, it channels us more towards chaos. When people have 'the law' used against them unfairly, and as a weapon, they lose respect for the law, and compliance goes to **** in a hurry. This is where we are today. I guess, in a strange way, this all makes me glad I'm not 'young'. Consequently, for me, the latest hot musical properties are not 'must haves'. I haven't paid for any new music in any form in probably well over a decade now. Oh, one exception- I bought a few Firesign Theatre CDs at Best Buy a few years back, to support that excellent and underappreciated comedy troupe. Best Buy no longer sells them and I no longer buy anything from their music department. OTOH I *have* paid serious money for older CDs and yes, even vinyl LPs on Ebay and such. Oldies and goodies you *can* own, folks. At least, it's ownership so far as I'm concerned. No, I don't share around such material. "Wouldn't be prudent- at this juncture". But I do liberally copy it onto CDRs and (gasp!) audio cassettes for my personal consumption. Napster was a hoot til RIAA killed it. Somebody please put a stake through their (RIAA) wicked hearts. Where are the mobs with torches and pitchforks outside of RIAA HQ? I guess they must be busy defending against frivilous lawsuits and trying to stay out of bankruptcy. Siiiighhhhh!
Boy, isn't that the truth. It's one of the things I tried to address, however, not as eloquently as you did, on my blog. It really worries me quite a bit. Even more than the music dilemma itself really.
Link to comment
Share on other sites

Guest LilBambi

Temporarily is the key statement there.This is not the end of this ... it is just the next move in the chess game, unfortunately.

Are You Infected with Sony-BMG's Rootkit?EFF Confirms Secret Software on 19 CDsSan Francisco - News that some Sony-BMG music CDs installsecret rootkit software on their owners' computers hasshocked and angered thousands of music fans in recent days.Among the cause for concern is Sony's refusal to publiclylist which CDs contain the infectious software and toprovide a way for music fans to remove it. Now, theElectronic Frontier Foundation (EFF) has confirmed that thestealth program is deployed on at least 19 CDs in a varietyof genres.The software, created by First 4 Internet and known asXCP2, ostensibly "protects" the music from illegal copying.But in fact, it blocks a number of legal uses--likelistening to songs on your iPod. The software alsoreportedly slows down your computer and makes it moresusceptible to crashes and third-party attacks. And sincethe program is designed to hide itself, users may havetrouble diagnosing the problem."Entertainment companies often complain that fans refuse torespect their intellectual property rights. Yet tools likethis refuse to respect our own personal property rights,"said EFF staff attorney Jason Schultz. "Sony's tactics hereare hypocritical, in addition to being a security threat."If you listened to a CD with the XCP software on yourWindows PC, your computer is likely already infected. AnEFF investigation confirmed XCP software on 19 titles, but it's far from a complete list. Sony-BMG continues to refuseto make such a list available to consumers.Consumers can spot CDs with XCP by inspecting a CD closely,checking the left transparent spine on the front of thecase for a label that says "CONTENT PROTECTED." The back ofthese CDs also mention XCP in fine print. You can findpictures of these and other telltale labeling at http://www.eff.org/IP/DRM/Sony-BMG/
"Music fans should protect themselves from this stealthattack on their computer system," said EFF Senior StaffAttorney Fred von Lohmann.
For EFF's list of CDs with XCP::http://www.eff.org/deeplinks/archives/004144.phpThe "legalese rootkit" - Sony-BMG's EULA:http://www.eff.org/deeplinks/archives/004145.phpEFF's press release:http://www.eff.org/news/archives/2005_11.php#004146--
Sony-BMG Rootkit: EFF Collecting Stories, Considering LitigationEFF is collecting stories from EFF members and supporters who have purchased Sony-BMG CDs that contained the rootkit copy protection software. We're considering whether the effect on the public, or on EFF members, is sufficiently serious to merit EFF filing a lawsuit.If you satisfy the following criteria, we would like to hear from you:1. You have a Windows computer;2. First 4 Internet's XCP copy protection has been installed on your computer from a Sony CD (for more details, see our blog post referenced above or the SysInternals blog, http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html);3. You reside in either California or New York; and4. You are willing to participate in litigation.We have not made a final decision about filing any legal action, but we would like to hear from music fans who have been harmed by the Sony-BMG rootkit copy protection technology. Please contact allison@eff.org for more information.
Link to comment
Share on other sites

Cluttermagnet
Uh-It's a stupid Yahoo page. The url is impossibly long. I found two urls that point to exactly the same page. Try this: Sony to Suspend Making Antipiracy CDs It probably won't work either. Worked for me, however. Edited by Cluttermagnet
Link to comment
Share on other sites

Guest LilBambi

Here's another one on BetaNews: Sony BMG Pulling Controversial DRM

For its part, Sony says it has been responsive to the situation by posting removal instructions. But Russinovich disagrees, saying, "Without exaggeration I can say that I've analyzed virulent forms of spyware/adware that provide more straightforward means of uninstall."
Comment section had this comment:
By JediteTo add to this.. The Department of Homeland Security made an indirect mention of this situation, and what can only be categorized as a warning directed at Sony.Stewart Baker newly appointed Assitant Secretary for Policy for the DHS had this to say."I wanted to raise one point of caution as we go forward, because we are also responsible for maintaining the security of the information infrastructure of the United States and making sure peoples' [and] businesses' computers are secure. ... There's been a lot of publicity recently about tactics used in pursuing protection for music and DVD CDs in which questions have been raised about whether the protection measures install hidden files on peoples' computers that even the system administrators can’t find."In a remark clearly aimed directly at Sony and other labels, Stewart continued: "It's very important to remember that it's your intellectual property -- it's not your computer. And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days."If we have an avian flu outbreak here and it is even half as bad as the 1918 flu epidemic, we will be enormously dependent on being able to get remote access for a large number of people, and keeping the infrastructure functioning is a matter of life and death and we take it very seriously."Credit goes to Brian Krebs from the Washington post and his blog that has a bit more on this.
Edited by LilBambi
Link to comment
Share on other sites

"It's very important to remember that it's your intellectual property -- it's not your computer. And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days.
I think a lot of people, companies, etc ought to remember this. Edited by rolanaj
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...