“California has filed a class-action lawsuit against Sony and a second one may be filed today in New York. The lawsuit was filed Nov. 1 in Superior Court for the County of Los Angeles by Vernon, CA. It asks the court to prevent Sony from selling additional CDs protected by the anti-piracy software, and seeks monetary damages for California consumers who purchased them. The suit alleges that Sony’s software violates at least three California statutes, including the “Consumer Legal Remedies Act,” which governs unfair and/or deceptive trade acts; and the “Consumer Protection against Computer Spyware Act,” which prohibits — among other things — software that takes control over the user’s computer or misrepresents the user’s ability or right to uninstall the program. The suit also alleges that Sony’s actions violate the California Unfair Competition law, which allows public prosecutors and private citizens to file lawsuits to protect businesses and consumers from unfair business practices”
Sony has been taking a lot of heat for their dirty tricks with their audio CD DRM system which contained a rootkit.
For those of you who don’t know, a rootkit is basicly a little program that hooks into the operating system, and hides any process running on the computer, so that antivirus software, firewalls, antispyware… NOTHING is able to see and or detect it. Now this is something malicious crackers has been using for over a decade when they cracked into a system and wanted to put a hidden backdoor on the system.
Whenever you would try to play an audio CD from Sony it would pop up and End-user license agreement (EULA), which most people would just ignore and click yes or no.
If you choose yes, the this program of Sony’s would install a DRM system in order to prevent you from ripping the CD or making a copy of it. But not only that, it also install a rootkit that makes the DRM system totally invisible to the user, and if the user would actually find it and pull the files out, they would loose access to their CD-ROM drives, because this DRM system acts as a filter on the CD-ROM drive.
And if you thought that was bad, apperantly this crab DRM system of Sony’s is poorly written, it is known to acutally cause blue screens and make Windows crash.
Apperantly there is already a trojan out there using Sony’s rootkit to hide itself, the rootkit will hide ANY file, of which’s filename begins with $sys$. So “$sys$sonysbadassrootkit.sys” would be completely invisible to the user, antivirus software and antispyware software.
This poses a serious security risk to the people who has this shit of Sony’s installed on their machine, a few of the major antivirus companies have said that they will be releasing standalone tools in the upcoming days that will get rid of this.
The Electronic Frontier Foundation has published a list of CDs which has been confirmed to contain this DRM rootkit:
http://www.eff.org/deeplinks/archives/004144.php
The above list could very well be incomplete, Slashdot reader xtracto has also made a list of albums:
http://slashdot.org/~xtracto/journal/121088
If you’re curious if you’ve Sony’s DRM rootkit on your system, you can download Rootkit Revealer free from SysInternals, you need to look for a huge tack of files that begins with $sys$
Its nice to see that Sony is going to have some repercussions from their bad descisions, although, from what I’m hearing there are other music companies also using similar technology.
The PC Doctor Blog reports that Universal Music Group CDs are also carrying some sort of rootkit