Sony CDs Install Rootkit on Your Computer! BMG XCP2 DRM AFU! - 2,389 Views, 2 Comments
|
Previous Article « Online Airplane Tracking! Track Airplane Flights on the Internet!
Read Next Article » Skype Uses Your Computer to Route Other Peoples’ Skype Calls
Sony BMG is on everyone’s lips this week, and for once they aren’t talking about the PSP or music downloads. This week they are talking about the fact that Sony has secretly embedded First4Internet’s XCP2 rootkit-like software on their CDs, which while perhaps intended only for digital rights management (DRM), actually not only spies on what you are doing and reports that back to the Sony BMG mothership, but it also opens up your computer to risk by allowing other, even more malicious spyware and other programs to slip in undetected and take over your machine’s processes. Now, to be sure, I doubt that Sony intended this situation when they arranged with First4Internet to use their XCP2 on Sony BMG CDs. Sony would tell you that all they were trying to do was make sure that you used only their media player with their CDs on your computer. Nevermind that it’s your computer, you paid good money for the CD, and so long as you aren’t copying and pirating their material, with what you choose to view the material should be none of their business. This was all blown wide open when Mark Russinovich over at Sysinternals posted an extremely detailed analysis of what he found after discovering the Sony rootkit on his own computer. Said Mark, on his blog, of what he found, “The entire experience was frustrating and irritating. Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files.” The response among the Internet community has ranged from outrage, to surprise that anyone is surprised to, already, at least one lawsuit. Where this will all end is anybody’s guess, but in the meantime, if you choose to purchase Sony BMG CDs, and to put them in your computer, well, buyer beware. You can read Mark Russinovich’s extremely detailed write-up of his discovery here. In the meantime, Russinovich has documented SonyGate 2, his effort to uninstall the Sony rootkit and Sony’s completely unacceptable response, here. Recommended reading:
Follow Anne on Twitter
Friend Anne on Facebook
Sony CDs Install Rootkit on Your Computer! BMG XCP2 DRM AFU!
Twitter Explained in Plain English
Previous Article « Online Airplane Tracking! Track Airplane Flights on the Internet!
Read Next Article » Skype Uses Your Computer to Route Other Peoples’ Skype Calls
Read more:
» Sony BMG Pulls Rootkit - Sony BMG Statement on Pulling Rootkit
» State of Texas Sues Sony BMG Over Music CD Rootkits
» Sony Caves on RootKit, Pulls CDs, Offers Exchange Program
» Sony BMG Settles Lawsuits Over First4Internet XCP Rootkit and MediaMax Security Hole
For additional similar stories check out our archives on Just Plain Wrong, Pirates, Security
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
I had a spat with BMG about an earlier version of their copyright control software on a CD as I use Sony’s SonicStage software to change all my CD’s into ATRAC3 files for use on my media PC and my NetMD. BMGs response to my complaint then was to offer a non-copyright version of the CD if I sent them my proof of purchase. By the time they responded, the MP3s were available online.
It’s MY PC, I paid for the CD, I paid for the software and I want to use it HOW I WANT! Sony - when are you going to realise that you’re damaging your own reputation with these repeated anti-piracy faux-pas?
Comment by Doug Lochery — 11/9/2005 @ 12:20 am
After trying to rip the SONY BMG title ‘13 Steps’ by A Perfect Circle (Tool for girls, if you ask me) so he could listen to it on his SONY MP3 player - a CD that HE ACTUALLY OWNS by the way, he found that Windows XP could no longer detect his CD-ROM drive - innocently - he thought the CD Drive was kaput so bought a new one. This was also undetectable and only after an hour of two of me scouring the Internet for him could I find that by removing XCP2 would XP begin detecting the CD-ROM drives again. This is just another example of how over-zealous security methods by money-grabbing corporations punish only the law-abiding, silent majority, normal customer. Any badass cd-pirate would kick xcp2’s ass anyday. However - my friend is not that type of person - so why does he get punished for someone else’s wrongs? Sony are tramps.
Comment by Chris — 1/10/2009 @ 11:29 am