Sony BMG Music Entertainment and a technology partner are working with antivirus companies on a fix for a potential security problem in some copy-restricted CDs.

Earlier in the week, security experts said that anticopying technology used by Sony BMG could be adapted by virus writers to hide malicious software on the hard drives of computers that have played one of the CDs. The antipiracy tool is included on many of Sony BMG’s latest music releases, from Van Zant to My Morning Jacket.

Sony BMG’s technology partner First 4 Internet, a British company, said on Wednesday that it has released a patch to antivirus companies that will eliminate the copy-restricted software’s ability to hide. In consequence, it will also prevent virus writers from cloaking their work using the copy-restriction tools.

The issue erupted into the public consciousness late on Monday, when computer developer and author Mark Russinovich published a blog detailing how he had found the First 4 Internet software hiding deep in his computer, after he had listened to a copy-restricted CD distributed by Sony BMG.

The anticopying technology included a tool called a “rootkit”, often used by virus writers. A rootkit takes partial control of a computer’s operating system at a very deep level in order to hide the presence of files or ongoing processes.

Rootkits, while not intrinsically malicious, are viewed with deep suspicion by many in the software development community. They are extraordinarily difficult to find and remove without specific instructions, and attempts to modify the way they act can even damage the normal functioning of a computer.

In the case of the First 4 Internet software, attempts to remove it manually rendered the CD drive of the computer inoperable, Russinovich found.

Consumers who want to remove the copy- restriction software altogether from their machine can contact the company’s customer support service for instructions, a Sony BMG representative said.

Note: Last time I checked the article, the link to Sony-BMG for the patch was OK. Look for “software updates”. The link to cust svce at the end of the article didn’t work. Good luck!



  1. Jon says:

    Sony’s arrogance is as bad as their ignorance. This is the final push to many to not buy any Sony CD from now on. People will just get it legally through online music services or illegally through P2P.

    Wish there are some class action law suit against them soon.

    One trent that I noticed is big media companies, RIAA, MPAA, etc care less and less about consumers’ perception of them. They sue, threaten and mess up people’s systems without considering the consumers’ reaction. The only explaination is that they know people already think very lowly of them and no longer cares.

  2. Bill says:

    While Sony’s actions are inexcusable, Microsoft must shoulder part of the blame for this – they allowed the Sony to instal software at the root level.

    Why should merely playing a disk allow Sony to violate my computer? A professional-grade operating system would protect you from that.

  3. Trogdor the Burninator says:

    No one would stand for this if the automakers put in an “anti-theft” device that could allow the company to monitor your car (preferences, location, driving style) or even allow them (or others) to make adjustments.

    Are they hoping all their customers bleat?

  4. That just started the boycott for me personally — while as a mac user I’m unaffected (atleast for now), this is too much for anyone. I don’t condone invading anyone’s property, neither should sony.

  5. pmh says:

    My, my… the DRM movement just goes from bad to worse. This story on The Big Picture blog (http://bigpicture.typepad.com/comments/2005/10/drm_crippled_cd.html) covers another case of Sony’s madness… their attempts to attack Apple is also leaving their customers as victims of collateral damage.
    -pmh

  6. Wayne says:

    If you’ve already had the rootkit installed on your computer, there may be no easy solution to removing it; however, the best solution is always precention. You should never allow the rootkit– like any virus or malware– to be installed on your computer in the first place. Just like looking both ways before crossing the street, you should take a moment as a safety precaution to look at what you’re putting into your computer before you close the tray.

    Still, the answer to getting around the rootkit copy protection problem is all over the Web and easy to do… simply hold down the shift key when you insert one of these CDs from Sony BMG and remain holding it until the CD shows up in your player of choice. You can then play the actual audio files rather than the protected WMA files on the disc, and thus you can rip the CD with iTunes or your music converter of choice.

    Essentially, holding down the shift key prevents the CD from utilizing the autorun feature in Windows. This is how the rootkit is installed so quickly and without your knowledge. You can also disable autorun in Windows XP and probably should disable it to precent any CD you might insert from installing something on your computer.

    I’ve picked up a few recent releases from Sony BMG artiists in the stores and all of them have some label printed on the back indicating how the CD works with your computer– this means it’s copy protected. (It should not be confused with the FBI Anti-piracy logo now printed on every CD.) I noticed there hasn’t been a “uniform” logo indicating the protection is on the disc, but it at least appears obvious. Additionally, Amazon.com is now starting to highlight which CDs are content protected on its site.

    I think Sony BMG is alienating its own customers and hurting its reputation with this scheme, and from what I’ve read, their artists are helpless to stop the protection from being put on their albums. Some bands and artists have spoken out against this practice and have promoted how to get around the copy protection on their Web sites.

    Yet, this essentially boils down to the computer user taking responsibility for what they’re doing with their PCs. The climate has changed once again, and just as you shouldn’t open e-mail attachments with some precaution, you shouldn’t insert any CD without examining it closely and, at the very least, holding down the shift key.

    Presently, the copy protection does not work on the Mac OS but I wouldn’t rule it out if Sony continues to believe this is the way to do business. I’m sure they’ll eventually see a lawsuit for this senseless mess.

  7. AB CD says:

    Cars are monitored like that. GM can download the last 30 seconds of movement.

  8. Chet says:

    Dear Sony/BMG,
    I NO LONGER TRUST YOUR COMPANY.
    How sad is this: I have never pirated music. You have profited from me in the past.
    Now I refuse to purchase anything Sony — at home or at work. And I manage spending for a technology department.

    Nice customer relations…. you jerks.

    Thanks, JCDv, for the soap box -Chet.

  9. Ascii King says:

    If this hides the processes form normal view, then as someone suggested elsewhere, all the virus writers are going to start using this program. Once they do that, Microsoft will have to patch the OS to prevent this from happening, but it is illegal under the DMCA to bypass software security systems. So if MS patches this hole, they will be breaking the law even if Sony agrees to allow it.

    Just like this rock band.
    http://www.theregister.co.uk/2005/09/21/christian_rockers_drm_tips/

  10. Damian says:

    It’s a mess. Even if Sony desists from this appalling behavior now, there are already likely thousands of infected computers out there. And there are thousands of these Trojanized CDs that unsuspecting members of the public have already bought.

    Mark Russinovich found the software was very badly written. Just think of all the problems it might cause: there are already reports of it causing blue screen of death on bootup for some people, and F-secure says it will “break the Vista beta spectacularly”. So anyone who’s using that stands to damage their OS and lose their data.

    Added to all this, every script kiddy out there can now exploit the hole Sony has opened for them. It’s a timebomb. The government department responsible for trading standards now has a duty to see these CDs are removed from the shelves in all stores before any more people are infected.

    I’m boycotting all Sony products now. I wrote them and told them I had, too.

    http://www.sonymusic.com/about/feedback.cgi

  11. Teyecoon says:

    We have the DMCA law for businesses, now where is the law to protect consumers that pre-warns them that they are about to install a DRM rootkit if they play the disk on the computer and an easy way to remove it without going online when they no longer wish to use the CD in the computer? Anyone in Congress have any concern for the consumers? Where is the balance in these laws that legislate everything the consumers can/can’t do without placing reasonable restrictions as to where the “enforcers” are crossing the line and exceeding their rights and authorities? Heck, this kind of invasion makes M$ OS registration look a bit reasonable. Of course, it’s quite ironic that you have to go through such hoops so that M$ is protected but they allow your security to be compromised without permission/confirmation just by naturally inserting a CD into your drive. Of course, M$ has continually proven their lack of concern for user security and this is just another example of that fact.

  12. websmythe says:

    Are there any subsiduary companies (music or otherwise) to Sony that use the same techonology?
    If we’re going to boycott we need to know them all, so that they all understand that you don’t play God with the people who have the money they want.


0

Bad Behavior has blocked 4668 access attempts in the last 7 days.