# The Lasting Impact of Sony's Rootkit



## Andrew Green (Nov 21, 2005)

The Lasting Impact of Sony's Rootkit
http://www.michaelgeist.ca/index.php?option=com_content&task=view&id=1015

Gives a good summary of what happened, and what the effects are.

Worst part is, this is likely only the begining, Microsoft's up to similar ideas for Vista, Intel has there "trusted computing chips".

Oh well, Viva la penguin!

I figure a couple more years of this and I should be able to make a good living teaching people about a wonderful "new" product called "Linux" that is open sourced and doesn't have these problems...


----------



## arnisador (Nov 21, 2005)

I think trusted computing chips of some sort will be necessary in the long run. Mass piracy will kill innovation. Software will need to be tied to hardware somehow. It's the only way! I don't believe serial numbers for software are enough--codes can always be cracked. But if the cost of a piece of hardware to circumvent the chip is high enough, honesty becomes the best policy once again.


----------



## Andrew Green (Nov 21, 2005)

I'd think the other way around, trusted computing will increase piracy.

Whatever they put in place can and will be cracked.  And if a cracked version is easier to work with, more secure and doesn't make you "prove yourself" constantly, a lot of people will be tempeted to just skip the hassle and get the illegal version.

This sort of thing definately does not make me favor buying CD's over illegal downloads, other way around.  Get it off a peer to peer network and its mine, I can copy it, burn it, play it off any device, etc.  Buy the cd and I loose fair use rights, open up my system to security holes and give up my own privacy.

I'm failing to see how this will help things?


----------



## arnisador (Nov 21, 2005)

I'm thinking of a chip in the machine that verifies your license. Cracking that would presumably require a piece of hardware--not so cheap, and you can't just download it off the Net. If any hardware hack to that is expensive...buying software that'll run on it becomes feasible again.

I wouldn't want such a chip sitting on my machine, but I do foresee things going that way.


----------



## Ping898 (Nov 21, 2005)

Personally I just love that now Texas is suing Sony under the Anti-Spyware laws.  I image the case will get settled with Sony "admitting to no wrong doing" and paying a large fee....


----------



## Bob Hubbard (Nov 21, 2005)

It's especially interesting as Sony's so-called "protection" is easily defeated by some tape, and doesn't actually stop anyone from copying the disk.

It just screws up your PC.

How has this effected me?
Easy. I will not be buying any future products that bear the SONY name.


----------



## arnisador (Nov 21, 2005)

Ping898 said:
			
		

> Personally I just love that now Texas is suing Sony under the Anti-Spyware laws.


 
Ditto. I hope it costs them.

Yes, I too would be rather less likely to buy from people who intentionally try to screw with my computer. If nothing else...anyone with any sense knows how something like that, in a complex system like a computer, can have unintended consequences!


----------



## Andrew Green (Nov 21, 2005)

Article on Texas suing them:

http://news.yahoo.com/s/nm/20051121/tc_nm/sony_texas_dc



> Texas is seeking civil penalties of $100,000 per violation of the state's Consumer Protection Against Computer Spyware Act, which was enacted earlier this year.


----------



## bignick (Nov 21, 2005)

There's a lot more as well, like the fact that the software actually makes it possible to bypass SONY's own protection scheme, or that it allows people to cheat on online multiplayer gaming, or that viruses and trojans that exploit the cloaking of the rootkit have already been developed...


----------



## Andrew Green (Nov 22, 2005)

Or that they used open source code and violated the GPL in creating it.  In an attempt to protect their licenses they violated other peoples.


----------



## bignick (Nov 22, 2005)

Oops, forgot that one

That, along with the rootkit providing ability to bypass the copy protection scheme are my two favorite side notes in the story...it's like watching a giant train wreck


----------



## bignick (Nov 22, 2005)

One more, the posts they found on a message board by one of the programmers from the company that wrote the software....asking for help on how to do it...


----------



## Cryozombie (Nov 22, 2005)

Yeah... as if I didnt need another excuse to buy an Xbox 360... No FREAKING WAY Sony will get ANY of my cash when PS3 comes out...

Maybe they should pack it in now...


----------



## bignick (Nov 22, 2005)

Somebody did raise a good point, if they do this to their CD's....imagine what comes preloaded on their computers?  It would probably be pretty tempting to slip some monitoring software to make sure that no one is using P2P, etc...

Oops, there goes my tinfoil hat again....


----------



## Ping898 (Nov 22, 2005)

bignick said:
			
		

> Somebody did raise a good point, if they do this to their CD's....imagine what comes preloaded on their computers? It would probably be pretty tempting to slip some monitoring software to make sure that no one is using P2P, etc...
> 
> Oops, there goes my tinfoil hat again....


That is why I format any new computer I buy that is pre-built and load my own copy of the software I want on it....

I read somewhere, I think slashdot, that Sony actually used some of the code that guy DVD Jon developed that bypasses DVD security in their rootkit.


----------



## Ping898 (Nov 22, 2005)

http://www.informationweek.com/story/showArticle.jhtml?articleID=174400748 

Sony BMG Music's controversial copy-protection scheme can be defeated with a small piece of tape, a research firm said Monday in a demonstration of the futility of digital rights management (DRM). 

According to Gartner analysts Martin Reynolds and Mike McGuire, Sony's XCP technology is stymied by sticking a fingernail-size piece of opaque tape on the outer edge of the CD. 
That, the pair said in a brief posted online, renders "session 2 -- which contains the self-loading DRM software  unreadable. The PC then treats the CD as an ordinary single-session music CD, and the commonly used CD 'rip' programs continue to work as usual." 
Such simple work-arounds, said Reynolds and McGuire, make Sony's decision to copy protect is music CDs an even bigger mistake. "Sony BMG's DRM technology will prevent neither informed casual copiers nor high-volume 'pirates' from doing whatever they like with the content the disc," the analysts continued. "It does, however, load 'stealth' software  software that has been demonstrated to have suspect effects  on uninformed users' machines. "The bottom line: Sony BMG has created serious public-relations and legal issues for itself, and for no good reason."


----------



## arnisador (Nov 22, 2005)

Andrew Green said:
			
		

> Or that they used open source code and violated the GPL in creating it. In an attempt to protect their licenses they violated other peoples.


 
Sheesh. I hadn't realized this. What hypocrites.


----------

