Play a CD, Corrupt Your PC

Related link: http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html

In this gripping piece of computer detective work, programmer Mark Russinovich reveals how a Sony music CD infected his computer so badly even Safe Mode can’t bypass it. The original article is amazing, but the outraged reader comments show that this dangerously sloppy attempt at locking up music will be a watershed event in digital rights management.

Some excerpts:

Way to go, Sony. You’ve really made me want to legitimately purchase music, now that it includes worse viruses than I’ll find on Kazaa.

This software is not only poorly written, but it has been causing bluescreens for a while now. And if you delete the offending device drivers, your CD-ROM drive is no longer accessible. Seriously, this has class-action lawsuit written all over it.

Sony should pay the same fine that individuals are expected to pay if sued by the RIAA. Their infringement into your operating system is just as bad as a copyright infringement.

This appears to be illegal in California, punishable by a $1,000 fine per computer affected.

In Australia, this software contravenes the Cybercrime Act. EULAs do not trump laws. You cannot contract murder, and you cannot contract your way around laws designed to prevent secret, unauthorized intrusion and modification of a system.

Who’s the one NOW circumventing security? Wouldn’t be grand if the DMCA were used AGAINST the RIAA for the very same thing they are suing other people for?

Do you still have the offending CD? If so, why? Return the CD for a full refund. I currently do this with all DVDs that contain advertising I cannot skip.

The more interesting question is how Microsoft will view this effort of Sony’s. They have taken great pains to bend Windows to Hollywood’s demands, but this mechanism CANNOT be seen as secure or of benefit to their own customers. There is no way this supports “trustworthy computing.”

Just few days ago I wrote a rootkit that acts as a DRM system. I was thinking I could demonstrate that the [European] law will protect malware, too, which is obviously unintended. But to see the same techniques are used in an actual DRM scheme already being deployed, I’m shocked.

Thanks Sony! Now when I write my worm, all I have to do is name it “$sys$” and it’ll be “auto-cloaked” on systems you’ve compromised.

My scan tools will trip over this as an altered system call. Meaning much more work for me, much more work for the systems administrator, and much pain for everyone all the way around in the longer run.

This is part of the reason we use products such as DeviceWall on our systems. It [not only] allows us to block contractors from plugging iPods into our corporate networks, but also helps keep crap like this off of our systems when employees bring discs in from outside the office.

If I get any CDs that try to deploy such software I use ISOBuster to rip the audio and ignore anything else on the CD.

If your PC has plenty of RAM or two CD drives, just use Slax, a simple form of Linux that loads from a CD and includes cdparanoia (for ripping individual tracks as .wav files) and cdrdao (for creating a .toc/.dat pair).

The odd thing is, this must have been happening for some time. This shows just how poorly we’re protected by virus scanners.

It’s ironic that Sony, the ones who brought us Fair Use in video [by defeating the Betamax lawsuit] are as draconian as they are now.

Back to vinyl?