Forgot your password?
typodupeerror
User Journal

xtracto's Journal: Sony Rootkit CD providers! 44

Journal by xtracto

Update, November 17:
Sony has made available an official list of the CD's that contain the XCP copy protection. The list can be read HERE.

As stated on the story: Sony DRM Installs a Rootkit, it seems that some of Sony's disks install a rootkit on your system after you try to listen them on your PC.

Why does it matter?

A rootkit is A type of Trojan that keeps itself, other files, registry keys and network connections hidden from detection. It runs at the lowest level of the machine and typically intercepts common API calls."

It is dangerous because hackers and virus writers can use it to help the attacker [hacker] to maintain his or her access to the system and use it for malicious purposes

On this page one of the developers at SysInternals explains what and how is the rootkit installed WITHOUT ASKING YOU when you insert any of the affected AUDIO CD's to play them on your computer running WINDOWS

Which CD's?
I have made a list of the CD's that are "Enhanced" and "Copy Protected" from sony with the XCP copy protection that provides a Rootkit.

It is easy to get an "up to date" list with
this google query.

The list of CD's so far are:
Nothing Is Sound. Switchfoot
Unwritten [CONTENT/COPY-PROTECTED CD] [ENHANCED]
Natasha Bedingfield

Ride [CONTENT/COPY-PROTECTED CD] [CONTENT/COPY-PROTECTED CD]
Shelly Fairchild
12 Songs [CONTENT/COPY-PROTECTED CD]
Neil Diamond
Touch [CONTENT/COPY-PROTECTED CD] [CONTENT/COPY-PROTECTED CD]
Amerie
Bloom Remix Album [CONTENT/COPY-PROTECTED CD] [ENHANCED]
Sarah McLachlan
Kasabian [CONTENT/COPY-PROTECTED CD]
Kasabian
The Essential Pete Seeger [CONTENT/COPY-PROTECTED CD] [CONTENT/COPY-PROTECTED CD] [ORIGINAL RECORDING REMASTERED]
Pete Seeger
Jeru [CONTENT/COPY-PROTECTED CD] [ENHANCED] [ORIGINAL RECORDING REMASTERED]
Gerry Mulligan
Times Like These [CONTENT/COPY-PROTECTED CD] [CONTENT/COPY-PROTECTED CD]
Buddy Jewell,
Bob Brookmeyer & Friends [CONTENT/COPY-PROTECTED CD] [ORIGINAL RECORDING REMASTERED]
Bob Brookmeyer
Healthy In Paranoid Times [CONTENT/COPY-PROTECTED CD] [ENHANCED]
Our Lady Peace
Cautivo [CONTENT/COPY-PROTECTED CD] [DUALDISC]
Chayanne
The Invisible Invasion [CONTENT/COPY-PROTECTED CD]
Coral, The Coral
Defined [CONTENT/COPY-PROTECTED CD] [CONTENT/COPY-PROTECTED CD]
Amici Forever
Suspicious Activity [CONTENT/COPY-PROTECTED CD] [ENHANCED]
The Bad Plus
Manhattan Symphonie [CONTENT/COPY-PROTECTED CD] [ORIGINAL RECORDING REMASTERED]
Dexter Gordon
Phantoms [CONTENT/COPY-PROTECTED CD] [CONTENT/COPY-PROTECTED CD]
Acceptance
On Ne Change Pas [CONTENT/COPY-PROTECTED CD]
Celine Dion

Get Right with the Man [CONTENT/COPY-PROTECTED CD]
Van Zant
To Love Again [CONTENT/COPY-PROTECTED CD] [ENHANCED]
Chris Botti
Life [CONTENT/COPY-PROTECTED CD] [DUALDISC]
Ricky Martin
The Essential Dion [CONTENT/COPY-PROTECTED CD] [CONTENT/COPY-PROTECTED CD] [ENHANCED] [ORIGINAL RECORDING REMASTERED]
Dion
Faso Latido [CONTENT/COPY-PROTECTED CD] [CONTENT/COPY-PROTECTED CD]
A Static Lullaby
Change It All [CONTENT/COPY-PROTECTED CD]
Goapele

Susie Suh [CONTENT/COPY-PROTECTED CD]
Susie Suh

My Very Special Guests [CONTENT/COPY-PROTECTED CD] [CONTENT/COPY-PROTECTED CD] [ORIGINAL RECORDING REMASTERED]
George Jones

Broken Valley [CONTENT/COPY-PROTECTED CD]
Life of Agony
Silver's Blue [CONTENT/COPY-PROTECTED CD] [ENHANCED] [ORIGINAL RECORDING REMASTERED]
Horace Silver
Z [CONTENT/COPY-PROTECTED CD] [ENHANCED]
My Morning Jacket
The 60s [CONTENT/COPY-PROTECTED CD]
The Dead 60s

What Can I do?
It is important to note that if you have tried to listen any of the above mentioned CD's your computer may have the rootkit installed. Hence, your system may be in danger of being hacked.

If you feel outraged because of this, you can write to the artists and complain about the problem. Tell them that their CD breaks your system as it opens a security hole.

If you think that there are other CD's which should be on this list please feel free to list them in a comment, also if you think any of the listed CD's DOES NOT actually have this problem please also state it in a comment.

Thank you!.

UPDATE:
November, 07. 2005

Mark Russinovich has posted a new entry on his blog showing some quite interesting and not less nasty behaviours of the fix "patch" provided by sony.

I found very interesting some of the comment posts in response of its blog entry. Specifically the one made by an author named xcp support who presumably represent the company behind the XCP technology.

On that post she states the following:

Blog: He claims that the patch itself could cause a blue-screen, although he says the risk is small.

Answer: This is pure conjecture. F4I is using standard Windows commands (net stop) to stop their driver. Nothing more.

There, she is trying to discredit the information provided by Russinovich's work. Stating that the program uses "standard windows commands". While that is certainly true, Russinovich shown on his post the specific state of the system that would cause the system failure.

Now, more interesting is a post from another user, Matt Nikki: ...If you want a more concrete proof, try to rename your favourite ripping software as $sys$whatever.exe and then run it again. You'll notice that the DRM system can no longer detect it, and thus you'll get good copy of the track you try to rip instead of one filled with noise.

So, that means that if someone wanted to make illegal copies of the CD's listed before, they just needed to rename one file!. Thus, at the very end it is Sony's technology who is providing the means to bypass its own copy protection technology.

People won't need to disassemble or hack/crack and or reverse engineer anything. Just rename a simple file.

Ironic no?

List Update
Anyway, here is an update of the list as of today.
For those who asked, no the links above aren't any kind of referral links. This means I will not get any money if anyone clicks those links and/or buy those CDs.

To make this list I am only making a google search as I stated before and then manually parsing the entries.

Life In Slow Motion David Gray
Elizabethtown [SOUNDTRACK] Various Artists
Golden Elkland
Aha Shake Heartbreak Kings of Leon
Unfabulous And More: Emma Roberts [ENHANCED] Emma Roberts
Vivian Vivian Green
Dreamin' My Dreams [ENHANCED] Patty Loveless
Mary Mary [ENHANCED] Mary Mary
Never Gone Backstreet Boys
Aha Shake Heartbreak Kings of Leon
Friendship [ORIGINAL RECORDING REMASTERED] Ray Charles
Juego De Amor [Copy Protected CD] ~ Antony Santos
On Your Shore Charlotte Martin
Brown Sugar Various Artists
Blue Skies Diana DeGarmo
I'm a Hustla [EXPLICIT LYRICS] Cassidy
Hero Kirk Franklin
All That I Am Santana

List last updated:
November, 09. 2005 (13:08 GMT)
(The most up to date list can be found HERE)

This discussion has been archived. No new comments can be posted.

Sony Rootkit CD providers!

Comments Filter:
  • Thank you so much for doing this!
  • brakes != breaks
    • who besides yourself has time to notice crap like that?
      • who besides yourself has time to notice crap like that?

        Time? I don't think anyone who points out grammatical and spelling errors has to read the passage slowly or multiple times. These things stick out like purple giraffes to many people and are noticed on the first read only. Thus, if you read the passage, you spent the same amount of time noticing mistakes as the grammar nazi who pointed it out... he just did a better job ;p
  • You mention that we should contact the artists. Switchfoot have very publicly stated that a) they are unhappy about the DRM, b) that they were unaware that it would be on there, c) that they can't really do anything about it. Artists are pretty powerless in the grand scheme of music distribution.
    • That's fine, but at leastthey are aware now. It would be cool if some of the larger Sony artists would force Sony to keep their root kit out of their work in future releases.
    • I hear this all the time. Artists are not powerless against the music publishing/distro business. Think about it: if artists don't make music, there's nothing to distribute. The real problem is that music publishing/distro has reduced artists to fungible goods by ensuring that artist management, lawyers and producers are in collusion to rob the artist of their leverage. Most artists (esp. those new to the business) are just too niave for their own good. If they bothered to defend themselves properly, o
      • Artists also have a lot more media power than the record companies. The public likes artists and hates record companies, so where do you think the public are going to side if the artists decide to make a stand? And as much as the companies think they are above public opinion, they aren't. If they lose the siding of the public in large enough proportions, the laws they misuse get ammended, no artists sign with them and no one buys their goods.
  • Dave Matthews Band - Stand Up
  • I followed your link to amazon.com for one album and marked all the reviews that mentioned the DRM problem as "helpful". They are already running so high that they come up first, but it would be good to make sure it stays that way.
  • The Above List (Score:2, Interesting)

    by Sevnn (824266)
    The Above List can be compared and will be identical to the list of cd's that I will never buy for any reason. Sony was collectively stupid for thinking that this software would not be discovered. I do feel sorry for any artist who has signed with Sony and was not made aware of this sort of devious business practices. I hope they are able to leverage their contacts against Sony for possible lost sales or some manner of misrepresentation.
  • by Ron Bennett (14590) on Saturday November 05, 2005 @05:10AM (#13956695) Homepage
    Sony and other labels don't seem to care much about public perception - it's very telling how Sony released a "patch" that doesn't remove any of the copy protection, but simply "reveals" the files; are working with various anti-virus software companies to ensure such files are skipped and not labeled as a trogan, which of course it actually is.

    Perhaps many of the music labels wish the music CD format would die and be replaced with something else - embedding "trojans" is definitely speeding up the music CDs demise ...

    And in the longrun that will hurt the labels - even now with all the on-line music options, many people still buy music CDs because they are simple to buy, familiar, easy of use, etc ... and likely would continue do so for many years - but with such trojan nonsense, that could be in doubt ... people in droves will stop buying them if they believe such products won't work properly / damage their computer.

    Ron
  • Searching Amazon with similar search [google.com] as the one you have posted returns slightly more CD's. 44 results instead of 36 as of today.
  • by 1to1law (929883) on Wednesday November 09, 2005 @05:13PM (#13992230)
    If you are a resident of California and/or have purchased one of the Sony/Columbia music CDs with the First 4 Internet DRM schemes in California, please contact me at eleeAT1to1lawDOTcom. Please SAVE your receipt and if possible, take a screenshot of the CD playing software installed on your computer. I'm an attorney in Los Angeles, California and I'm investigating bringing a class action lawsuit against Sony. The foregoing is an ADVERTISEMENT. I am licensed to practice law in the jurisdictions of California and New York only.
  • Another CD: (This one got me dammit!) Nickelback - All The Right Reasons This practice is criminal and should be outlawed. How dare Sony think they have the right to install software on my computer secretly that I can't remove. To hell with their IP rights - what about the rights of consumers!
    • Seems I got my labels crossed. Although the aformentioned Nickelback CD is protected, its not a Sony label its EMI. EMI claims that their software is not installed without user permission (although I don't recall giving permission) and that it can be removed. More here -> www.emimusic.info Sony still sucks for using a kernel hack for their stuff though.
  • ...are about to get more comments in your journal than you've probably had before.

    There's a Slashdot article linking to it, posted in the Mysterius Future.
  • Something to Be Proud Of - Montgomery Gentry
    • " Something to Be Proud Of "

      I bet Montgomery and Gentry aren't too proud of this. Oh the irony. Van Zant's "Get Right with the Man" is pretty ironic too, although they are talking about God as the Man, not Big Brother.
      • Well their answer email was not stellar, but it is one of the people working for them: Reply email from Montgomery Gentry re DRM: Thanks for taking the time to send your complaint. I have forwarded it onto management and Sony music. Thanks,
    • An interesting point is that 'Something to be Proud Of' is available on the iTunes store. At $9.99 on the iTunes store it's cheaper then the copy protected CD, it's easier to remove the DRM and you can't infect your Windows machine with a root-kit. Sounds like a winner all the way around...
      • True enough but at Circuit City where I bought it, I also got a 12 song sampler (more popular country music) so it was worth slightly more than the $11.99 I paid for mine.
  • XCP != Sunncomm's MediaMax
  • Velvet Revolver - Contraband. This is under the RCA label which is a unit of BMG. The writing on the packaging indicates this. Unfortunately, last year when I purchased the cd, I had no idea that playing the disc on my PC and agreeing to the EULA installation was going to cause so many issues.

Another megabytes the dust.

Working...