Sony DRM Installs a Rootkit? 801
An anonymous read writes "SysInternals.com guru Mark Russinovich has a detailed investigation of a rootkit from Sony Music. It's installed with a DRM-encumbered music CD, Van Zant's "Get Right with the Man". (Mmmm, delicious irony!) The rootkit introduces several security holes into the system that could be exploited by others, such as hiding any executable file that starts with '$sys$'. Russinovich also identifies several programming bugs in the method it uses to hook system calls, and chronicles the painful steps he had to take to 'exorcise the daemon' from his system." This house is clear.
In democratic america... (Score:5, Insightful)
hrm, so much for humor. I don't find it funny at all
as if (Score:5, Insightful)
Anti-spyware Bill (Score:5, Insightful)
Anything running in the background, rootkits, and other forms of spyware (which generally rely on the user not knowing they're there) would immediately become illegal.
Is the EULA valid? (Score:5, Insightful)
Of course, Mark Russinovich did (inadvertantly) dissasemble content protected by the EULA.
Re:In democratic america... (Score:5, Insightful)
i don my tinfoil hat and robe...
Sony has gone too far... (Score:5, Insightful)
But... (Score:2, Insightful)
Re:OS's fault (Score:4, Insightful)
This has gone too far! (Score:5, Insightful)
As if spyware itself is miraculiously legal and now we have this? Rootkits and spyware programs that append to windows in the mbr so even a reinstall wont delete thim IS TOO FAR!
I agree with a previous poster that is should be a criminal offense the same catagory as spypainting someones house or breaking an entry. Why do we allow this crap to be legal?
Its time we wrote our elected officials and inform them about what is happening and about Sony's drm and demand civil and criminal responsibility for malware makers. I dont care if its the CEO of some company spraypainting my house vs a teenage kid. Its still illegal and Sony should be held accountable.
I was reading on cnn about the drop of ecommerce even though there is still a rise in internet usage. This is due to all the spyware/scams/malware that is infecting pc's at record rates. This is killing out economy and many companies such as Google, Amazon, and Ebay are already getting hit with their wallets over these scams.
Lets organize and make a difference. This is a slippery slope and I fear what is coming next.
Re:Anti-spyware Bill (Score:5, Insightful)
The bill would actually need a definition of "application software" so that anything that doesn't meet that definition would be automatically covered. e.g. "Application Software refers to a self-contained program that is installed on the consumer's computer. To be considered self-contained, it must not modify the operating system to execute any software at any time other than when the user runs the software in question."
what constituteds "agreed to"?
The courts do. Considering the difficulties they've been giving to the click-through licensers, I'm perfectly okay with that.
Re:Hmm (Score:4, Insightful)
Re:Is the EULA valid? (Score:3, Insightful)
If we had an eula where the user agreed to be held as a slave would that be legal too? I think not.
What part of protected == rootkit? (Score:2, Insightful)
Re:My question: (Score:3, Insightful)
AFAIK this is a rootkit in more ways than one.
-nB
Re:My question: (Score:3, Insightful)
It's obvious that a rootkit exists on the CD. It's quite likely that Sony purchased the DRM from First4Internet. It's not obvious that Sony asked First4Internet to include a rootkit in the product that was delivered to Sony.
Great corporate thinking (Score:3, Insightful)
Re:Thanks (Score:5, Insightful)
Awesome (Score:5, Insightful)
I think this is the way to fight DRM. When we complain about DRM rights, we're fighting a crusade on principle, and few people really get what's wrong. When you say, "This CD that I paid for can't be transferred to my iPod," people will see that it's outrageous. When people see that it's installing spyware on your computer, they'll flip. Cheers to whoever's left this feedback.
Re:OS's fault (Score:1, Insightful)
Have you any idea about the hidden data [fuckmicrosoft.com] Microsoft keeps on your windows machine right now?
Heh, don't worry, on Windows Vista you'll never see this thing happening. DRM will make it impossible for you to discover corporate rootkits. Enjoy your privacy.
Re:My question: (Score:5, Insightful)
I think it's far more likely that Sony knew what this software did, and chose to distribute it anyway. This could have been a result of incompetent testers, poor communication between QA and management, overbearing management anxious to get a product out on a strict deadline, or any number of other things.
Re:OS's fault (Score:4, Insightful)
Come on, man. It's 2006 already
Re:My question: (Score:5, Insightful)
Comment removed (Score:2, Insightful)
Wouldn't happen if you dont run MainstreamOS. (Score:2, Insightful)
Well if the reader base of Slashdot alone used a non-mainstream OS, Google statistics would shold an increase in the number of alternative OS's, and this would in a round-about way remove this root-kit problem all together, since at the end of the day, there would be no financial incentive by Sony (or others) to finance a DRM and copy protection scheme which would only be effective for
Want to stop this nonsense from happening in the future? Actually run a non-mainstream OS. That shouldn't be hard for most of the visitors of this website, shouldn't it?
Re:My question: (Score:2, Insightful)
Re:My question: (Score:5, Insightful)
Simple solution (Score:3, Insightful)
This should be done not because "information wants to be free", but rather because businesses who engage in these sorts of practices should be made to fail financially.
When the labels have their annual shareholders luncheon and are forced to show the fancy Powerpoint presentation entitled "Effectiveness of DRM Solutions at Limiting Piracy", the graphs should be embarrassingly skewed in the wrong direction.
The only thing that works is money. So make sure they, and the band, see none.
"The band?! Surely you can't be serious?! They're probably just innocent victims." Bullshit. No one forced them to sign away their souls like whores. It doesn't take a rocket scientist to know that Sony and all others of their kind are customer hostile. Take your music elsewhere. Because that's what I'm doing with my money. And if you're only in it for the money, then you don't get to have any.
Re:Anti-spyware Bill (Score:5, Insightful)
Problem #2 - Mr. Identity Theif in wierd 3rd world country where such things are illegal but are tactitly condoned by local authority as long as its not someone from their country
Problem #3 - Mr Corporate Lobbyist - RIAA & MPAA ring any bells????
Problem #4 - Your privacy has been dead for decades. The sad part is that people are just now starting to smell the rotting corpse.
Passing a bill here in the USA will only do what CAN-SPAM did - drive them off shore to less regulated places. What's really needed is the ability to establish peering points that co-incide with national borders. Then we can pass a law that says that if we don't like your data integrity laws, we don't pass traffic to/from you.
See if that doesn't actually accomplish what you're looking for.
2 cents,
Queen B
Re:Sony is protected by the DMCA (Score:5, Insightful)
I can disable a copy protection system on my own computer - specifically removing it. They didn't have permission to put it there, and I think it would be a tough case to prosecute me for repairing my own computer. My computer is not Sony's medium to do with as they please - it's MINE - I paid for it, and I licensed the software.
Now, removing the protection from their media - or extracing the content and freeing it from the DRM, yes, that's circumvention, and probably prosecutable under the DMCA.
But my computer is MINE and they don't have the right to secretly fuck with it.
Answer: This is truly evil (Score:5, Insightful)
Seriously speaking, this shows two things. One is yet another demonstration of the fundamental evil of Microsoft's "security" model. Even if you weren't running as root/Administrator (and everyone does, don't they?), then the "reputable" installation from the "reputable" company would just ask you to elevate your privileges.
The other thing is that power is always abused. If not now and by Sony, then tomorrow by some other "reputable" company. (Or put on your tin hat and say "Yesterday by the NSA.")
I hope they track this story, and if it is not another misguided /. rumor, I certainly hope that Sony repudiates the technique and the software. Soon.
Then they should apologize.
Then sack the person responsible.
Then sack the person responsible for not sacking the responsible person earlier.
[Infinite loop warning.]
Re:But... (Score:3, Insightful)
This is an audio CD but It's not a CD-audio though, this is just a CD-ROM with DRM'ed audio data on it. This means if I've understood correctly that you cannot even play this CD in your hifi, only on your computer, and only if it's running Windows.
And i also don't understand, to quote you, "Why anyone would purchase a CD under those terms to begin with ?". A possible reason is "by mistake". People aren't careful enough and then buy those copy protected "audio-CDs", then later complain the CD doesn't play correctly on their car CD player, if it plays at all.
I have also been tricked into buying copy protected CDs, not much but still too much. Now when I consider buying a CD, I'm very careful not to buy that crap. If everybody does the same, majors will see immediately the impact of DRM on their sales and stop using it. It has worked for me. I was buying every releases of "Solid Sounds", a belgian techno compilation. I stopped buying thoses CD when they introduced a copy protection mechaninsm. I suppose I wasn't the only one to do that because later they stopped protecting their CDs.
I know, I'm going slightly off-topic here but this kind of attitude from big companies that earn way too much money really disgusts me.
Re:My question: (Score:3, Insightful)
Re:OS's fault (Score:2, Insightful)
Incentivising Piracy (Score:5, Insightful)
Welcome to a Brave New World: People who pay for their music get viruses, while people who download it at no cost from illegal sources get clean MP3s that they can freely copy and use on whatever devices they own.
Re:Sony is protected by the DMCA (Score:2, Insightful)
Re:Sony is protected by the DMCA (Score:2, Insightful)
Re:Anti-spyware Bill (Score:3, Insightful)
1. Buy spyware CD
2. Join class action lawsuit
3. Get $5 off next CD voucher
4 (valid only for lawyers): collect $$$M
Labels simply don't get it. (Score:2, Insightful)
And its in that respect that record companies simply don't get it. First of all, they're completely punishing their fans for purchasing their product. After all, how do these CD protections benefit the consumer in any way? The only thing that results is more nuissance for that consumer - thanks to Sony's protection, they aren't able to put the music they bought on an MP3 player for instance. They aren't able to put the MP3s on their computer so that they can listen it from there.
Do they not realise that people use their computers for music these days? Nearly every student I know has some kind of MP3 jukebox set on their machines, where they shift songs between their entire music collection. The companies have been operating on a basis that their products should not be compatible with computers at all, going so far as deceivingly installing these virus-like programs. They think that that will reduce piracy. Fact is: it hasn't, nor will it ever.
As the old addage goes: where there's a will, there's a way. And I've yet to see a CD where its contents could not be ripped. So this does not curb piracy in any way - meanwhile, it makes the CDs less appealing to the fans. Why spend $20 on a product that only half-works? A product that behaves like a computer worm and installs a rootkit?
Piracy doesn't exist because people can do with their CDs as they see fit. It exists because people are getting fooked around by the record industries left, right, and center. Infecting PCs with worms, preventing people to listen to music they legitimately purchased, are hardly steps forward to make the CD format more appealing.
The record labels simply do not get it.
Re:Anti-spyware Bill (Score:3, Insightful)
1. Buy spyware CD
2. Join class action lawsuit
3. Congress makes installing root kits on computers by Sony legal as part of omnibus NASA Barn Building and Stamp Price Commuter Shipping and Lawn Bowling Act.
4. (valid for crooked politicians only): Profit!
Re:In democratic america... (Score:4, Insightful)
Re:Is the EULA valid? (Score:2, Insightful)
Yeah, but it's not like there was a file listing that clearly identified which files were covered under the EULA. One can argue that licensors have a duty to identify their intellectual property.
Re:Sony is protected by the DMCA (Score:3, Insightful)
But then that brings up EULAs and is a horse of a whole different color.
Random predictions (Score:1, Insightful)
* Most of the people you know will keep buying CDs in stores without checking for the "CD digital audio" logo.
* Most of the people you know will keep doing business with such companies.
Can we do anything about any of it?
Re:Didn't Notice? (Score:3, Insightful)
Re:See this movie to see why AV is now outdated (Score:3, Insightful)
Especially considering I *AM* running Windows.
Yeah, sure.
(If it *IS* safe, though, sorry...)
Re:Sony is protected by the DMCA (Score:1, Insightful)
I doubt highly that there was a box saying "We would like to install a rootkit on your machine. Press OK to continue."
Re:Sony is protected by the DMCA (Score:5, Insightful)
Furthermore, your argument is simply insane, even if applied to software CDs. Do I give permission to any software vendor to install anything they want when I run the installer executable? Do I give them permission to wipe my hard drive? Install malicious, intentionally uninstallable programs? Monitor my activities when not using their software?
Even the most ardent proponent of EULAs couldn't make the claim that you give such permissions by default. Unless they specifically ask, they don't have permission to do anything that isn't specifically part of the product as a reasonable person would perceive it to be.
Re:Britain's Computer Misuse Act... (Score:4, Insightful)
Since I did *not* authorize Sony to install a rootkit (authorisation to play a CD won't stretch that far) they have broken the law, and should be prosecuted.
Luckily we have corporate legal liability in this country too...
Re:Simple solution (Score:2, Insightful)
Re:In democratic america... (Score:5, Insightful)
I've read two relevant quotes.
"Democracy is the theory that the people know what they want and deserve to get it good and hard."
"In communism, man exploits man. In capitalism, it's the other way around."
Well, well, well... (Score:5, Insightful)
I'd like to take this opportunity to dissect the article in question here, to point out just how positively obscene this is. There are a few key points I'd like to highlight that I feel we should all take into consideration.
It would appear that Sony has deliberately begun shipping rootkits with its DRM protected CDs. According to the article - and this is a pretty good definition, by the way - "Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden." In a nutshell, this means that the program shipped with the CD in question here - and possibly other Sony CDs - is designed to hide itself and other programs from view. In other words, once installed, it will allow Sony and any other interested party familiar with this particular rootkit to operate programs on a compromised system without the user knowing it.
Let's take a step back here to consider the implications of this. Sony is distributing a rootkit, but what does this have to do with DRM? Well, if you really think about it, it has everything to do with DRM. A DRM program that cannot be seen or easily accessed can operate secretly, monitoring and manipulating the system behind the user's back. Any future DRM software Sony distributes could infiltrate a computer secretly, and burrow deep into the system files of said computer.
According to the article, the rootkit was produced by First 4 Internet. Upon investigating the company itself and the products and services it offers, the author dredged up this lovely little nugget of joy: "... However, the fact that the company sells a technology called XCP made me think that maybe the files I'd found were part of some content protection scheme. I Googled the company name and came across this article, confirming the fact that they have deals with several record companies, including Sony, to implement Digital Rights Management (DRM) software for CDs." That right there should be proof enough that this is no accident, and anything but legitimate DRM. Not only does having a rootkit handy make the DRM difficult to thwart, but also allows it to operate secretly.
Now, you'd think that you could just remove this software, right? Wrong. Dead wrong, as a matter of fact. The author of the article had a hell of a time removing the rootkit, actually, and not only that, at any given time, it was consuming between one and two percent of the CPU's power - a small 'penalty' for even having it. (And any programs it's hiding would also have to leech off the CPU and RAM as well.) As he attempted to remove this shit, he discovered even more about the software: "As I was deleting the driver Registry keys under HKLM\System\CurrentControlSet\Services I noted that they were either configured as boot-start drivers or members of groups listed by name in the HKLM\System\CurrentControlSet\SafeBoot subkeys, which means that they load even in Safe Mode, making system recovery extremely difficult if any of them have a bug that prevents the system from booting." Suddenly, this is more than a performance issue. This software could theoretically disable a system should it break or be manipulated by the software it's hiding. It would appear, however, it is possible to remove, but only after eviscerating a handful of driver files, registry entries and keys, and other lovely goodies from your system. The rootkit and the DRM attached to it do not have an uninstaller, and unless you take the same steps the author took to remove this flaming pile of garbage from your system... Well, he puts it pretty well:
"The entire experience was frustrating and irritating. Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files wit
Re:Alternative OS users (Score:5, Insightful)
Re:You just helped with my PSP/PS3 decision (Score:2, Insightful)
>> No PSP for Christmas!
>> No PS3 next year!
Firstly: Sony DADC and Sony Computer Entertainment have barely anything to do with each other apart from the similarity in the name; so that alone is just rediculous.
Apart from that: Do you really think Microsoft is any better than Sony in this respect? Both the PS3 and the XBox360 will rely heavily on their internet connection, meaning that both companies will spy on you just as badly as Valve is doing with PC gamers right now.
Re:My question: (Score:3, Insightful)
How? If you've ever worked in a software engineering team, you'd know that the chances of a software tester even knowing what to look for are slim at best. They'd test that it performed as it was supposed to do ("Does it let me copy the CD? No. Looks good to me"). They won't have checked for unexpected side effects, and even had they done so, they almost certainly wouldn't have know the inner workings of Windows well enough to detect software like this. There's an argument for Sony's purchasing guys not doing sufficient due diligence before buying the product, but blaming the testers? That's just not really reasonable.
Re:Answer: This is truly evil (Score:3, Insightful)
This goes for *nix just as much as any other OS. Microsoft just makes it easier and more lethal. I help loads of people making the "switch" and their biggest beef until recently was that it didn't have autorun. What happened recently? You guessed it! Most distors instituted automount/autorun.
As to this topic, any program that is NOT specifically run by the user is by default not agreed to. Just ask the spyware folk who just recently lost a case (can't recall where but it was covered by
The US Congress / Courts are so busy protecting the rights of corporations they have completely forgotten the rights of people. It is a sad commentary on the times we live in.
B.
Re:My question: (Score:5, Insightful)
Re:My question: (Score:2, Insightful)
The fact that a root-kit was installed on the computer to protect music shows that privacy now takes a second place seat to some one-else's property rights
Sony have no property rights here. "Intellectual property" is nothing more than a buzzword. Copyrights aren't property. Patents aren't property. Trademarks aren't property. They are all limited privileges granted by the government to further particular social goals.
Once you fall into the trap of thinking "intellectual property" is property, the ideas that it's Sony's choice how to manage "their property" spring naturally from it. Why do you think you hear the phrase being pushed so much? Don't help them in their goal by referring to copyright as "property rights". It's not true, it's never been true, and (hopefully) never will be true.
Re:Sony is protected by the DMCA (Score:5, Insightful)
When I buy a CD, I shouldn't have to expect it to install a rootkit, and have to check the included materials to see if it does; it's Sony's responsibility to tell me they're messing with my software, and ask for consent...
Re:*phew* (Score:3, Insightful)
i trust the pirate groups more than i trust the companies.
Re:Sony is protected by the DMCA (Score:2, Insightful)
As for removing it being a breach of DMCA, the DMCA makes it illegal to disable or circumvent the DRM measures for the purpose of copying the content, doesn't it? If you simply remove the unwanted software, you are not "disabling or circumventing," because it will be reinstalled every time you attempt to use that CD in your system. The only thing that would make removing it completely illegal is--as someone else mentioned--copying the CD and removing the rootkit from it, thereby allowing you to use the CD without
(re)installing the malware with it.
Hmm... (Score:2, Insightful)
But now the legitimate users are getting rootkits installed while the pirates can download a DRM-free version of the album? I'd rather take the chance on an illegal download than put something in my computer that I know will install a rootkit on my system.
If Sony's DRM ever gets popular enough (and I hope to god it won't) then what's to stop virus makers using the cloaking abilities of a rootkit ALREADY INSTALLED for nefarious puposes? Sony is bound by their EULA not to collect information, although that EULA mentions nothing of removing the software. Hell, they could even claim under the "reverse engineering" clause of the DMCA that removing it requires disassembly and then sue you.
I really hope this goes to court and Sony gets handed their ass on a platter. Otherwise this will be a real blow to privacy and (even though corporations/government don't care about it any more), fair use.
Stay away from this Sony crap.
What a bunch of losers (Score:5, Insightful)
Sony is distributing this as part of some larger, possibly effective DRM system for music CDs.
What I see here is an endless amount of whining about how awful this is. You are overlooking the potential of this. The key here is that this is now out in the wild and can be exploited. The contest should be to come up with creative (and possibly destructive) things to do with these drivers when packaged with other software.
The result of this should be interesting. I think the responsiblity for all of this rests with Sony and First 4 Internet, but I would really like to see something creative done with this, such as an ActiveX control that disables the CD drive of anyone who visits a web site. The point is to make as much use of this as possible. Sony has provided the tool, it is now up to everyone to make as much use of this as possible.
Re:In democratic america... (Score:3, Insightful)
In soviet-style communism, the means of wealth production are commonly held and commonly shared. This is freedom, it protects the individual from being compelled to act against their will via threats of deprivation. However, that freedom is taken away by their totalitarian, non-representative political system where the laws, and thus control over common resources, are subject to the whim of the leader.
In american-style democracy, the political system is (somewhat) representative and transparent, and the population (via process) gets to be involved in the lawmaking and have certain freedoms. However, that freedom is then taken away by their capitalistic economy, which is structured to consolidate control over the means of production and communication into the hands of the few, keep it there, and place the rest of society in a position where they must obey or die of starvation and exposure. Contemplate the term "artifical scarcity" for a moment.
They both suck. They're both political-economic structures based around the few maintaining control over the masses without accountability. It was inevitable that they would have to be enemies and that they would have to heavily propagandise their population towards a blind negative reaction. If people ever actually stopped to think about it, they might realize that by pairing a communal economic structure with a democratic political structure they could finally stop being slaves living in fear. Dangerous stuff if you're the Master.
Re:Sony is protected by the DMCA (Score:2, Insightful)
Re:Sony is protected by the DMCA (Score:5, Insightful)
They'd better hope it's them, because if it's us, then it's not circumventing their copy protection scheme to hold down shift while I load the CD, is it?
On the other hand, if it's them and they install software on my PC without my permission in the UK, my lawyer would like to talk to them about the Computer Misuse Act.
Oh dear. This sounds like a lose-lose proposition for Sony. That's really, y'know, too bad and all. :-)
Re:Awesome (Score:2, Insightful)
seems strange that most of those kinds of reviews are currently all being modded down
Re:What a bunch of losers (Score:2, Insightful)
You're also hitting the nail right on the head.
This -is- out in the wild. This -is- on other CDs and is almost certainly embedded in other products. It's hard to say how long Sony has been doing this, or how many systems have been compromised by this rootkit, but one thing is certain: they did a horrible job of making sure other programs stay out of it, and chances are the damage is already very widespread.
According to the article, any process prefixed with $Sys$ will be hidden. This is so easy to exploit it's not even funny. The author of the article went out of his way to figure out what the rootkit was, where it came from, and how to get rid of it, but what else does this rootkit do besides hide files? Are there other complimentary or supplimentary programs available that already exploit this rootkit not listed in the article? This should be investigated heavily. Once we all figure out the full potential of this rootkit, we'll know the extent of the damage done, and what can be done with this software on machines that have already been compromised.
Hackers will have a field day with this one. It's just too bad that Sony and F41 likely won't be held accountable if their DRM software makes it possible for a highly destructive virus to take advantage of several thousand - if not more - compromised systems here in the U.S. (And worldwide, that number will only grow, of course.)
Props for stating what should be the obvious. The real reason this should be considered 'awful' is because it can blow your machine wide open to attack, over everything else that's horribly wrong with this.
Re:Sony is protected by the DMCA (Score:3, Insightful)
Re:Sony is protected by the DMCA (Score:5, Insightful)
He didn't remove the DRM for access to songs.
He removed the DRM from his computer (effectively
a manual uninstall). They did imply in the document that he was allowed to uninstall it.
Re:Sony is protected by the DMCA (Score:3, Insightful)
Re:Answer: This is truly evil (Score:3, Insightful)
So should I sell all of my Sony stock, or buy more?
It was only after I wrote a scathing response that I realized that you were joking. And yet, for that I think I can be forgiven because I can't help but think that some people, upon hearing about this, were asking themselves just that question.
Sometimes the acerbity of feeling like the only sane man left in an insane world rushes over me when I see how people treat and speak of the stock market. It's not some game to be played. It's not some magical money generator without cause or consequence. And just in case anyone had forgotten, we always have moral obligations to one another--even in situations of diffused responsibility (yes, this includes investing).
But more importantly:
What ever happened about being proud of how you got your money and where you spent it?
What ever happened to doing the right thing--even if it didn't maximize our individual profits?
What ever happened to our dignity?
-Grym
Re:This is as good as... (Score:3, Insightful)
Re:Not on my portion of the Internet (Score:4, Insightful)
Good question. Because without Internet access to renew its keys it will simply stop working. Welcome to the DRM future.
_WHAT_ EULA?!?! (Score:5, Insightful)
Re:This is excellent news! (Score:3, Insightful)
-adnans
Re:This has gone too far! (Score:1, Insightful)
This will depress you to no end. You'll go back to your basement and never come out again.
BTW, truth be told it's hard for me to have an issue with a DVD player that prevents tinkering - I don't EXPECT to crack open my DVD player and muck with it. Very small minority of people being affected here.
Re:Sony is protected by the DMCA (Score:4, Insightful)
Upon the expiration or termination of this EULA, you shall immediately remove all of the LICENSED MATERIALS from your personal computer system and delete or destroy them, along with any related documentation (and any copies thereof) that you may have received or otherwise may possess
So, pretty much what they want me to do is, if I decide to terminate the agreement I have to re-format my system.
Why Sony WILL Get Sued! (Score:2, Insightful)
When Sony Installed this Root kit according to mark's Sysinternals Blog - http://www.sysinternals.com/blog/ [sysinternals.com]
I quote:
I studied the driver's initialization function, confirmed that it patches several functions via the system call table and saw that its cloaking code hides any file, directory, Registry key or process whose name begins with "$sys$".
To verify that I made a copy of Notepad.exe named $sys$notepad.exe and it disappeared from view.
This means that ANYONE who has this ("Sony Root Kit") installed ("And not looking for Root Kits 24/7, The person that found it, Mark, did not even know it was there, and would have not found it had he not been testing the latest version of RootkitRevealer") CANNOT view ANY file, directory, Registry key or process whose name begins with "$sys$" in Windows Explorer or the registry, or process viewer and actually files and directories may not be seen from the command prompt as well, in some cases, I quote from Mark's Blog:
I therefore checked to see if I could examine the files within the hidden directory by opening a command prompt and changing into the hidden directory. Sure enough, I was able to enter and access MOST of the hidden files
From the Sony EULA, the ONLY reference to any software being installed http://www.sysinternals.com/blog/sony-eula.htm [sysinternals.com] I quote:
As soon as you have agreed to be bound by the terms and conditions of the EULA, this CD will automatically install a small proprietary software program (the "SOFTWARE") onto YOUR COMPUTER. The SOFTWARE is intended to protect the audio files embodied on the CD, and it may also facilitate your use of the DIGITAL CONTENT. Once installed, the SOFTWARE will reside on YOUR COMPUTER until removed or deleted. However, the SOFTWARE will not be used at any time to collect any personal information from you, whether stored on YOUR COMPUTER or otherwise
Hmmm, well they just created a BACK-DOOR for anyone who has this root kit of theirs to get ("Personal Information").
Sony even made sure the Root Kit would Load in Safe Mode as well, I quote from Mark's Blog:
As I was deleting the driver Registry keys under HKLM\System\CurrentControlSet\Services I noted that they were either configured as boot-start drivers or members of groups listed by name in the HKLM\System\CurrentControlSet\Control\SafeBoot subkeys, which means that they load even in Safe Mode, making system recovery extremely difficult if any of them have a bug that prevents the system from booting.
For all Practical purposes Sony has disabled ALL protection from Viri, Spyware, Trojans and Root Kits on the computers that installed their Root Kit IF that Malware uses a $sys$ cloak! for the vast majority of Microsoft Windows computer users.
So IF/WHEN someone creates OTHER Root kits, Viri, Trojans, Spyware that uses this $sys$ cloaking ("Installed Courtesy of Sony") and ANY damage is done to a system because of it, who is responsible for said damage?
Any comments?