BRAIN_RECALL

All defective brains please form a line to the right, thank you.

Tuesday, November 22, 2005

Duck and cover...

Ahh, what they used to say after a nuclear strike. To protect yourself, you should duck and cover.

My guess is Sony is doing that right now, hoping the shit-storm just flies over. Oh, but it isn't.

At last count, at least SIX class action lawsuits were filed against Sony over the rootkit. They include the states of New York, California, and Texas as well as the Electronic Frontier Foundation. The District Attorney of Texas is alone calling for a penalty of $100,000 per infection. Even if only 100 installations were found to exist in the state of Texas, that alone amounts to a $10 million penalty. And, judging by this map of detected infections, that is a low number.

But, lets turn to what Sony is doing. They at first denied any wrongdoing, of course. This is standard procedure for such a megacorp. Of course, the problem didn't go away, so they stopped production of the infected CDs. Great, but there were still some 20 million CDs in circulation. Only after enough complaints and two class-action lawsuits later did Sony offer to remove all infected CDs from store shelves and offer a replacement with a non-infected CD. Glad to see them save face when faced with legal consequences.

Ahh, Sony. In their infinite greed they had set back DRM by several years. Instead of the initial plan of slowly letting us get used to DRM before we were totally restricted, they turned up the water too hot and the frog jumped out before it boiled to death. They have thrown a better part of the music industry in total disarray, as people are now being scared off from buying CDs for the holiday season. People are boycotting Sony, and I'm surely going to be one of them. Even though Sony BMG isn't entirely affiliated with Sony Electronics, the link in the name alone is enough for me.

People are aware now. They know what the music industry is doing to their rights. They will soon learn of all their wonderful practices as EMI forces Apple to enter a variable pricing scheme sometime next year. People will figure it out, and then they'll be done.

The age of the media cartels will soon be over. All thanks to Sony and a rootkit.

Edit:
Almost forgot some of the better parts. Sony uses another type of DRM from a company called SunComm. This stuff isn't QUITE as bad, but it's still horrible in one simple fact. When you insert the CD it will ask you to install the "Enhanced content" (read: DRM and thier required media player). However, if you click no to not accept thier terms, it still installs the DRM! You couldn't make this shit up...

Monday, November 07, 2005

Lets try this again...

I was going to write about my latest adventures in Guild Wars, but, I decided to tackle something far differnt.

Recently, large entertainment buisnesses (mostly music, such as Time Warner, BMG, Sony, etc.) has decided to include DRM to restrict your rights when using thier music. Digital Rights Management was touted as a consumer-demanded "feature," but it simply isn't. With the advent of computers with CD burners and P2P on high-speed internet, the old corporations became scared that they would loose control over the distribution system they have become dependant on. So, DRM is belived to be thier saving grace, where digital content will be restricted to how they want it used, not how you want it used.

Most of the DRM of yore was pathetic. Usually it was some program that would autorun on a Windows machine to disable the CD drive from reading the audio portion of the disc correctly or by confusing the drive to cause the computer to crash. Lots of these attempts even prevented the discs from being played on normal stand-alone CD players. The consumers weren't happy, and they showed it with large amounts of these CDs being returned. Retailers had to foot the bill, leaving them quite mad as well.

Now Sony takes it up one notch. With some recent music, such as Switchfoot's "Nothing is Sound" album they released the worst possible DRM they could come up with. (For an entire listing of DRM protected Sony CD's from Amazon to avoid, check here. ) Sony's DRM autoruns a program on Windows asking you to install a specifically built CD-player. The installer presents a standard EULA (End User Liscense Agreement that is presented with almost all software during installation) where there is no mention of the DRM Sony will be installing nor the way the DRM works. But here is what Sony doesn't want you to know.

The DRM installs what is called a rootkit (rootkits are generally an essential part of any good trojan). Essentially, it really screws with Windows to hide itself and all the files it wants to from Windows. Specifically, any file, program, process, or folder starting with "$sys$" are hidden from Windows, and thus from you. The DRM uses this cloaking rootkit to hide the true DRM, a new CD-ROM driver. The new driver has a special function to scramble the data when a ripping program attempts to rip tracks from not just Sony's CDs, but all CDs. It also goes so far to disable CD burners from creating audio discs. It will aslo contact Sony each time you play thier CD to download advertisements to your computer. All in the name of corporate greed.

The cd-burner and ripping isn't new, and has been done before. But what is new and what is getting everyone very mad is the rootkit. Here are a few things that can be done with the rootkit:
  • World of Warcraft hackers are using the rootkit to hide thier cheating program from Blizzard's anti-cheating program called Warden. Rename the program with the "$sys$" in front of it and it becomes completely hidden.
  • Any virus, worm, trojan, spyware, adware, and malware can use this rootkit to hide itself from the user and any virus/spyware scanner.
  • Sony can seemlessly install even more restrictive DRM, such as blocking a new program the old version didn't, without the user's knowledge or consent.

The exterior of the CD you buy doesn't mention the wonderful rootkit. It never mentions how it would affect your ability to listen to, burn, or rip other CDs. Sony attempts to hide behind a shrinkwrap EULA. What are they? "By opening this product, you agree to all the terms within." The problem is you have no way to know what the terms are without opening it, and if you don't agree with it you are instructed to return the product to the place of purchase, which, for the most part, won't return opened CD's or computer games since they could have been copied. The really bad part is the EULA inside doesn't mention the above DRM protection methods at all, including the phoning-home part.

Only after the DRM was dragged into the light did Sony offer a uninstaller, which at first required you to email two seperate people and wait for a response from them to get a link to go get the uninstaller. They're obviously trying to frustrate the casual user to keep thier rootkit on your computer. Better yet, the uninstaller doesn't uninstall the DRM, but mearly removes the cloaking feature of the rootkit. In fact, the uninstaller UPGRADES the DRM to a newer version!

And yet, after all of this, Sony still calls thier DRM impliementation "not a security risk."
Maybe after newer versions with deeper imbeded rootkits that also disable P2P software people will realize what all the rage was about.

PS: This was reposted, after the comments were spamed. It was only once, but enough to tick me off, enable post moderation, and repost this post to purge the comments.