That Sony rootkit – and its side effects

Filed under:Games,In the news,Music/MP3,Security — posted by Svein Kåre on 6 November 2005 @ 02:09

Not many days have passed since Sony got negative attention for its DRM protection of Copy Protected CDs, to which they were quickly issuing an update to remove it.Or – did they? The update is 3.5 MB, seems to update all the files, and leaves some more files there, according to Ed Felten, who had looked a bit closer at it:

The update is more than 3.5 megabytes in size, and it appears to contain new versions of almost all the files included in the initial installation of the entire DRM system, as well as creating some new files. In short, they’re not just taking away the rootkit-like function — they’re almost certainly adding things to the system as well. And once again, they’re not disclosing what they’re doing.

No doubt they’ll ask us to just trust them. I wouldn’t. The companies still assert — falsely — that the original rootkit-like software “does not compromise security” and “[t]here should be no concern” about it. So I wouldn’t put much faith in any claim that the new update is harmless. And the companies claim to have developed “new ways of cloaking files on a hard drive”. So I wouldn’t derive much comfort from carefully worded assertions that they have removed “the … component .. that has been discussed”.

But, there’s more – related to the rootkit, unrelated to the “fix”.

Use the rootkit to cheat other companies

Players of World of Warcraft don’t like the game makers, and the controversial tactics to avoid cheating in the game. (To my limited understanding – I don’t play it myself.) The program ‘Warden’ scans the players’ PCs, to make sure there’s no processes running tohelp cheating in the game.

Sony to the rescue – their rootkit DRM helps War of Worldcraft hackers to fool the Warden. After all, with the DRM rootkit installed, all that is needed to hide a process is to start the filename with $sys$ – right?

Blocking Opera and Firefox: Yet another silly webmaster

Filed under:Browsers — posted by Svein Kåre on 4 November 2005 @ 18:54

There are webmasters out there who don’t like that the ads they’re showing on their web pages can be blocked. Which is understandable, of course – ads give them a revenue so that they can keep on doing what they do. How webmasters react to this possibility however, vary, as I learned from an article by Pallab. Here Smileygenerator.us poses as an example of a silly way to react and “solve” the problem.

The web master seems to believe that Opera and Firefox includes adblocking as part of the browser – and thus he blocks those browsers. Well – as long as they identify themselves as what they are. Also, he does it in a silly way. If you visit the link above with Opera or Firefox, you’re being redirected to a different site, smileygenerator.com. No explaination, and if you’re not observant enough, you may thing that it’s the same site, just with two different URIs. It’s silly.

Back when Environmantalchemistry blocked Opera, you were at least told that you were blocked, and after some consideration given full access to the pages that told you why. Then you could take appropriate action, if you wanted access. Not so here, at least if you happen upon the index-page. If you’re an Opera or Firefox user looking forward to spending some money at the smileygenerator, the web master may have lost some sales outright.

According to a thread on the forum there, it seems that it is possible for anyone, no matter what browser they use, to browse the paid content. But – how will Opera and Firefox users learn that, when they’re sent away before they’re told this?

But that’s just one part of it, the reactions towards two browsers due to not knowing much about them. Neither of them includes ad blocking as part of the browser. You have to go to a third party to achieve that – and if you go to a third party, there’s also lot tho choose from for IE, too. There may be more people blocking ads in IE than ther are users of Opera/Firefox together, for all I know. This of course makes the whole business of blocking the two browsers even more silly.

An example of reacting before thinking.

DRM – what’s the point?

Filed under:Music/MP3 — posted by Svein Kåre on 3 November 2005 @ 16:32

The industry calls DRM a way to prevent their content from being illegaly copied and spread. Ignoring the other problems arising, concerning the rights of the consumers, this may not sound too unreasonable. The artists should get paid for their work. However – what if the artists themselves don’t want the DRM on their albums? It should be easy enough not to release the album with DRM then. Or – are there other reasons for implementing DRM?

In “DRM Crippled CD: A bizarre tale in 4 parts” it looks like caring for the customers is not important. Blaming the competition for the problems their customers get is.

Does anyone wonder why so many shows distrust in DRM?

Sony apologises – not!

Filed under:In the news,Music/MP3,Security — posted by Svein Kåre on @ 16:05

When it was discovered that Sony took its DRM-implementation too far it was something that didn’t escape the news. It was discussed all over the place, and didn’t give Sony high thoughts.

Sony has reacted, and posted a service pack/update that removes the cloaking technology. But does it apologise? No – instead it downplays the problems, saying it wasn’t malicious and didn’t compromise security.

Funny. I thought the previous article showed how easy security could be compromised…

Bad move, not to apologise. If Sony doesn’t regret the actions, what can we expect from the company later?

Digital Rights Mismanagement: Sony takes it a step too far

Filed under:In the news,Music/MP3,Security — posted by Svein Kåre on 1 November 2005 @ 22:46

Today I was made aware of an article called Sony, Rootkits and Digital Rights Management Gone Too Far by Mark Russinovich – and it’s scary news. Mark had bought a Copy Controlled CD made by Sony, and as a result from playing it on his PC, Sony had taken the liberty to install software on his computer – and hidden it.

One thing is to try to limit what can be done with the music on the CD, but trying to hide that you’ve installed software, and make it very difficult to uninstall, that’s going too far. Especially as the software in question takes up resources, poses a security risk, and may also be unstable in itself. This sounds too much alike what is commonly known as malware.

Another question that begs to be asked is: Is what Sony has done here legal? Sony may write about this in their EULA, (but it is not certain that they actually do this, even after they updated it after the fact,) but an EULA can’t override laws – not everywhere at least – and may even be known before the product is bought to be valid.

Maybe it’s time for consumers to sue?



image: detail of installation by Bronwyn Lace