Author Topic: Rootkit by Sony  (Read 37395 times)

0 Members and 1 Guest are viewing this topic.

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11808
    • AVAST Software
Rootkit by Sony
« on: October 31, 2005, 11:09:34 PM »
Now this is incredible - Sony BMG copy-protected audio-CDs installing rootkits in your system...

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 46295
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Rootkit by Sony
« Reply #1 on: October 31, 2005, 11:41:49 PM »
I wonder if people who belong to the BMG Music Service are automatically fed this trash when they sign up for the service???
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, AvastOmni 21.6, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85959
  • No support PMs thanks
Re: Rootkit by Sony
« Reply #2 on: October 31, 2005, 11:51:33 PM »
This has got to be at best a breach of privacy and at worst computer misuse. They probably have something buried in their T&C/EULA.

Yes they have a right to try to prevent piracy but this is ridiculous.
« Last Edit: October 31, 2005, 11:58:12 PM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.9.2494 (build 21.9.6698.703) UI 1.0.672/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 46295
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Rootkit by Sony
« Reply #3 on: November 01, 2005, 12:03:35 AM »
Quote
Yes they have a right to try to prevent piracy but this is ridiculous.
Actually, This is RIAA  ;D
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, AvastOmni 21.6, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Cloussau

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 897
  • AVAST! antivirus with balls
Re: Rootkit by Sony
« Reply #4 on: November 01, 2005, 12:29:51 AM »
Except from the EULA
(d)       You may not decompile, reverse engineer or disassemble any of the LICENSED MATERIALS, in whole or in part.
Thats the rootkit  they are referring to. >:(
sys- p4  3.0D ,  1024mb ddram ;arsenal :Avast IS 5.0 pro / Firefox / adblock /noscript : win xp/pro/sp3 32 bit

Offline Yinyang4evry1

  • Full Member
  • ***
  • Posts: 189
  • I won't be a memory.
Re: Rootkit by Sony
« Reply #5 on: November 01, 2005, 12:40:25 AM »
does this explain why trials can be used once and only once?

because i was wondering there had to be something...
plus hp offered in their brochure to put some "hidden" software into the laptop for an extra fee and if someone stole your laptop, you can call to hp and they have a center that will track it down...
but gee...do you guys think some spyware use this too?

tim ;)

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33374
  • malware fighter
Re: Rootkit by Sony
« Reply #6 on: November 01, 2005, 03:29:48 PM »
Yes it is true,

Sony DMR installs a rootkit: Just a summary for the quick readers- the investigation was done by Mark Russinovich. The rootkit is installed with a DRM-encumbered music CD, Van Zant's "Get Right with the Man" (how ironical). The rootkit introduces various security holes into the system to be exploited by others, such as hiding any executable with "SsysS". Programming bugs in the hook system calls method make it develish to "exorcise thisdaeom" from your system.
We know that the music industry and Big Media scan computers for illegal content all the time (browser like bots), but that they reach for these means to make their statement is a bit over the top. And here a link for a further exposé:
http://www.f-secure.com/weblog/#00000675
Important to know is, do not try to get it from your system yourself, this could result in trouble with your CD drive recognition, go contact Sony and ask them for removal instructions or at the maker of the software: http://www.first4internet.com/


greets,

polonus
« Last Edit: November 01, 2005, 09:18:07 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Cloussau

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 897
  • AVAST! antivirus with balls
Re: Rootkit by Sony
« Reply #7 on: November 02, 2005, 11:48:23 AM »
there can be only one response  ;D ;D ;D
sys- p4  3.0D ,  1024mb ddram ;arsenal :Avast IS 5.0 pro / Firefox / adblock /noscript : win xp/pro/sp3 32 bit

Offline Iso-G

  • Avast translator
  • Full Member
  • ***
  • Posts: 141
  • I'm a llama!
    • Grandpa's Notebook
Re: Rootkit by Sony
« Reply #8 on: November 02, 2005, 04:29:02 PM »
Does avast! detect this rootkit ?
Windows XP Home SP3 / avast! 6.0 Free Antivirus (Japanese) / Microsoft Security  Essentials(v2,Japanese) / COMODO Firewall 5.3 (D+(full),English) / Secunia Personal Software Inspector (v2,English) / Opera / Thunderbird 3 / Open Office 3

Offline Spyros

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1139
Re: Rootkit by Sony
« Reply #9 on: November 03, 2005, 10:10:57 AM »
Sony to offer patch for 'rootkit' DRM
Fix removes cloaking, but not the 'rootkit'
http://www.theregister.com/2005/11/03/sony_rootkit_drm/

Offline PigDog

  • Full Member
  • ***
  • Posts: 133
Re: Rootkit by Sony
« Reply #10 on: November 03, 2005, 12:23:58 PM »

Offline Mastertech

  • Sr. Member
  • ****
  • Posts: 282
    • Optimize Guides
Re: Rootkit by Sony
« Reply #11 on: November 03, 2005, 01:10:28 PM »
Simple solution to all these problems = Disable Autorun in Windows! ;)

Offline Umath

  • Sr. Member
  • ****
  • Posts: 204
Re: Rootkit by Sony
« Reply #12 on: November 03, 2005, 01:18:04 PM »
Simple solution to all these problems = Disable Autorun in Windows! ;)

It seems that even Mark Russinovich didn't do that.  For research purpose, presumably? ???

Is there possibility that Sony "bundles" the rootkit in their product such as VAIO and other apps?

Offline Mastertech

  • Sr. Member
  • ****
  • Posts: 282
    • Optimize Guides
Re: Rootkit by Sony
« Reply #13 on: November 03, 2005, 01:24:05 PM »
He probably didn't disable it like most Windows users including myself who would not expect getting infected with a Rootkit from a retail music CD. It is disabled on my PC now and I will be making immediate changes to all my policies. Disabling Autorun in Windows effectively blocks this from happening. You can still listen to music you just have to manually open the CD in Windows Media player or Winamp ect...

Not to mention it stops alot of DVD software installs when watching movies.

Offline Umath

  • Sr. Member
  • ****
  • Posts: 204
Re: Rootkit by Sony
« Reply #14 on: November 03, 2005, 01:34:27 PM »
Thanx for the explanation, mastertech.  ;) Although I am much less knowledgeable of computer than many users here not to mention Russinovich, I disabled autorun long time ago.  It is my habit to rip CDs first before listening it on my PC.

I lost my trust on Sony long time ago and wasn't surprised by this incident, though.