Tag: rootkit

The Fall out over the Sony Rootkit/DRM

Sony BMG logo

The backlash against the SonyBMG rootkit and DRM has been one heck of a rollercoaster ride which doesnt seem to be ending anytime soon. Here's some highlights in case you have missed them. interlaced with some Cluetrains.

A couple of lawsuits have been filed against Sony for breaking there EULA.

Then Sony issued a patched which is impossible to find (everything sony is impossible to find on there site to be truthful) and does not actually remove the DRM, well what do you expect?

Talking about the EULA, some very interesting clauses and points to consider when buying your next CD

Sony's Exec, Thomas Hesse (President of Sony's Global Digital Business) replied to the whole issue of Rootkits and DRM by saying What users dont't know cant hurt them… (A must listen by the way!). And echoing Miles thoughts, Apple and Microsoft must be pissing themselves with laughter. Thomas Hesse has some balls saying what he said and the bloggers will have the last say about his ridiculous comment.

#14 Corporations do not speak in the same voice as these new networked conversations. To their intended online audiences, companies sound hollow, flat, literally inhuman.

New virus uses Sony BMG software, yep that very badly written code for the RootKit has been lerverged for a virus which hides via Sony's Rootkit.

The complete list of SonyBMG Rootkit CDs at the EFF

Apple Anti rip software found on the same Sony BMG CDs. Usual discussion on Slashdot about Mac users and will Sony bring DRM to linux too?

The power of the blog outlines what's been already seen by in other areas like the Kryptonite lock. When will the mainstream media actually pay attention to what there children are reading online?

#6 The Internet is enabling conversations among human beings that were simply not possible in the era of mass media.

#94 To traditional corporations, networked conversations may appear confused, may sound confusing. But we are organizing faster than they are. We have better tools, more new ideas, no rules to slow us down.

And of course some fun, Sony I download your music


At long last, Sony halts production of 'rootkit' CDs

Sony BMG Music Entertainment said Friday that it will suspend production of CDs with copy-protection technology that has been exploited by virus writers to try to hide their malicious code on PCs.

The decision by the music label comes after 10 days of controversy around the technology, which is designed to limit the number of copies that can be made of the CD and to prevent a computer user from making unprotected MP3s of the music.

Security experts blasted the technology because it uses “rootkit” techniques to hide itself on hard drives and could be used by virus writers to make their malicious code invisible. The first remote-control Trojan horses that took advantage of the cloak provided by Sony BMG surfaced this week.

“We are aware that a computer virus is circulating that may affect computers with XCP content protection software,” the record label said in a statement Friday. “We stand by content protection technology as an important tool to protect our intellectual property rights and those of our artists. Nonetheless, as a precautionary measure, Sony BMG is temporarily suspending the manufacture of CDs containing XCP technology.”

Lets hope thats the end of XCP and its rootkit. Somehow, I know it wont be.

Comments [Comments]
Trackbacks [0]

Make no mistake the battle lines have been drawn, Sony Rootkits and its DRM

Sony, Rootkits and Digital Rights Management Gone Too Far. Plain and simple, if you buy a Sony DRM CD like Get Right with the Man by the Van Zant brothers, agree to the EULA and install the DRM on your machine. Sony will also install a rootkit to make sure there XCP DRM is never removed. Is Sony taking this too far? In the words of Miles Money talks, Ian.

What makes this different from the other DRM currently deployed on CD by Macrovision, SunnComm, etc? Well a kernel rootkit will give access to your whole system and is undetectable by Virus killers and Spyware scanners. It will also rewrite the routines of your system, so you, your administrator and even the system can not see the files and/or process. Once installed, its pretty impossible to get rid of without erasing your whole system drive. As Microsoft themselves say, Be afraid, be very afraid.

Slashdotted and Digged. But Miles diggged a little deeper. Its really interesting following Ceri Coburn (a developer from first 4 internet, makers of the XCP DRM) around the internet. I wasnt sure of exact what he was doing but Miles explain some of his postings and where First 4 internet have been hacking stuff up.

Some examples, Trying to write a Snort logfile parser, maybe XCP is Ceri's first windows driver? We wonder if the XCP dll's are dialing home? Dont get us wrong, I'm sure Ceri is a nice guy but the posts and dont suggest a very well thoughout, stable and secure rootkit (if there is such a thing). And even when you read through Mark Russinovich entry, he points out mistakes and things which could have been better thoughtout to avoid detection and deletion. So Instead we're wondering how soon will it be till others exploit XCP, specially if Sony/BMG avoid being sued and other Record labels deploy XCP like have deployed DRM from Macrovision and SunnComm.

This is indeed a worrying trend for digital music lovers and does not look like ending at root access to your machine. As someone said in the comments. Forget ghosts and goblins. This scary Haloween story sent shivers up my spine.

Comments [Comments]
Trackbacks [0]

Messy haxoring with metasploit caught on iptv

Its not quite as cool as it may sound from the title. I just watched epioside 13 of my lame-ass iptv soap, The scene. yes everyones got there weakness but if you put this against other soaps like Hollyoaks then it comes out quite well. Anyhow, I got a real kick out of main character trying to get root on windows box hosting a FTP server. They used the well established metasploit to find a flaw and exploit it. To be fair its one step up from the hack in the matrix reloaded and they did do a little homework to use the nice opensource framework metasploit. Its certainly a fine line between security tester and exploiter but the best tools always are.

Talking of which if you didnt catch the Security now podcast number 9 about rootkits, please do as it will give you a good old wake up call. I've been personally aware of rootkits for quite a long time but I didnt know spyware, adware applications were starting to use them just so they cant be removed from a computer. Its crazy, but its true. Honestly I wouldnt wish a rootkit on my worst enemy, I just cant imagine anything worst. Anyhow, Steve and Leo do a great job explaining how rootkits work. It is however really good to know Microsoft and Sysinternals are working on the problem. I did try out SysInternal's Rootkit Revealer on all my machines and I'm clean as expected but its good to be sure. I suggest everyone should give it a try, at least till Microsoft add rootkit scanning to there malicious software removal tool. No one likes to be rooted…

Comments [Comments]
Trackbacks [0]