Sony DRM Scheme=In-Security For All

Last week well known Windows analyst Mark Russovich (of http://www.sysinternals.com) published an article on a rootkit that he discovered on his system. Through his excellent investigation, he found that the malware had been installed on his system without his knowledge or consent by a music cd that he had purchased & played on his PC. This cd was published by Sony-BMG Music Inc. & the artist was the well known Van-Zant brothers of country music fame.

A rootkit by definition is:
a collection of tools (programs) that enable administrator-level access to a computer or computer network. Typically, a hacker installs a rootkit on a computer after first obtaining user-level access, either by exploiting a known vulnerability or cracking a password. Once the rootkit is installed, it allows the attacker to mask intrusion and gain root or privileged access to the computer and, possibly, other machines on the network. In other words, it is a way to hide not only files, but services, & activities as well. No legitimate program or file on your machine will ever be completely hidden from you. Under normal circumstances some "System" files are not shown by default, but they can still be viewed by changing the settings in the folder options. Rootkits hide files from ever being viewed, so they can never be deleted. It is as if they do not exist to the operating system. They may be just sitting there, or they may be running a virus, a keylogger, forwarding spam, or reporting back to someone on your activities, but you cannot see what they are doing.

Sony has published a patch that unhides the files, but still offers no way of removing the files. Mark reports that removing the files manually can cause all sorts of issues, like your cd drive disapperaing for good! Unfortunately many users have no internet access, so they know nothing of this issue, much less the patch. Several sites are reporting that they are seeing viruses that "use" the rootkit provided by Sony, to run undetected on users systems, & even Microsoft is investigating the issue to see if it warrants action on their part to help remove the rootkit, since it is a security issue for their operating system!

My opinion:
Follow this one closely in the news & on the web. Several lawsuits have already been filed, & I am sure more will follow. Stay away from the cd's that have anything like DRM, or Digital Rights Management. If you want to support these artists, buy their music online, & burn your own cd's. If you already have one of these cd's, return it & explain that you don't want to own anything that will break your pc, as these have been showm to do. If we all stop buying this junk, & hold the big labels responsible for their actions, this type of behavior on their part will prove to be too expensive & they will have to stop forcing this DRM stuff down our throats! This will be an issue even 20 years from now when someone pops one of these cd's in their pc & it installs itself, breaking the functionality of their drive. Sony has a long way to go to getting any of their credibility back as far as I am concerned. The first thing they need to do is recall all of the cd's that have been sold, & issue ones that do not install the rootkit, then help customers clean their machines up & get them working properly again, but it seems like they are going to have to be forced into doing anything. As far as I can tell on the web, they are still denying that there has been any wrongdoing on their part!