Another reason to play vinyl (CDR)

DORDOR Two Ron Toe 9,905 Posts
edited November 2005 in Strut Central
I know I know.. "Use something other than M$..." Which I do, but prefer M$.

Anyways.. Make sure you disable autoplay on ur puter.

Just the fact that this is Sony and where it could head is kinda scary.

http://www.bit-tech.net/news/2005/11/01/sony_hidden_malware/


Sony installs hidden malware on your machine


An enterprising tech writer has discovered a bundle of info about the DRM that Sony installs on your PC with the new Van Zant CD.

The information is disassembled, literally, here .

The nutshell is this: Sony releases the new Van Zant CD. On the computer, it only plays within its own executable, not via Windows Media Player or any other software. You are allowed to burn three copies of the CD, and then it's done with.

Well, it appears that, to enforce this DRM, Sony are installing device drivers, DLLs and registry hacks, then running a Rootkit process to mask their installation. If you attempt to uninstall the playing software, the device drivers are left installed, and are left active. Trying to delete the drivers manually - providing you can even find them - can leave your PC crippled. The code is programmed so badly, you can be losing 1-2% of your CPU time even when the CD isn't in the drive, as the DRM software is searching your machine to check nothing is going on that it should know about.

This technique of masking files and folders to prevent detection is commonly used by malware and spyware to prevent uninstallation. Only by using a RKT detector can you see the processes running and from there, it's an incredibly complicated process to break down the inbuilt protections in the software. The author of the article linked spends a lot of time disassembling hex entries and C code to try and get to the bottom of what on earth the Sony code is doing. It's an enlightening read in to how this stuff gets cracked. Here's a quick quote:

"I deleted the entry, but got an access-denied error. Those keys have security permissions that only allow the Local System account to modify them, so I relaunched Regedit in the Local System account using PsExec: psexec ???s ???i ???d regedit.exe. I retried the delete, succeeded, and searched for $sys$ again. Next I found an entry configuring another one of the drivers, Cor.sys (internally named Corvus), as an upper filter for the IDE channel device and also deleted it. I rebooted and my CD was back."

All in all, if you care about digital rights mis-management, this article is a great read. Go take a look, then tell us what you think about the whole shenanigans in this thread in the News Forum.

  Comments


  • bull_oxbull_ox 5,056 Posts
    fuuuuuuuuuck

    I (apprehensively) allowed the Amerie CD to install this shit on my work PC last week

    I can't remember what happened after but I didn't even end up being able to listen to the CD anyway

    So there's no way to remove this shit without intensive programming skills???

  • when you buy a CD with this technology embedded in it is there a sticker or anything on the outside that lets you know it's copy protected or whatever?

  • gloomgloom 2,765 Posts
    wont this just drive people to NEVER buy cds?

  • bull_oxbull_ox 5,056 Posts
    when you buy a CD with this technology embedded in it is there a sticker or anything on the outside that lets you know it's copy protected or whatever?

    There's a bunch of little notes next to the FBI warning on the back of the case

    It directs you here for details

    It brings up this menu when you put the disc in your PC and will ask you to let it install this software

  • DORDOR Two Ron Toe 9,905 Posts
    when you buy a CD with this technology embedded in it is there a sticker or anything on the outside that lets you know it's copy protected or whatever?

    There's a bunch of little notes next to the FBI warning on the back of the case

    It directs you here for details

    It brings up this menu when you put the disc in your PC and will ask you to let it install this software

    I don't think it asks if you have autoplay on. And no where does it tell you any of the stuff it really does...

  • SwayzeSwayze 14,705 Posts
    # One of the following operating systems

    * Windows 98SE
    * Windows ME
    * Windows 2000 SP4
    * Windows XP Home
    * Windows XP Pro


    another reason to get a mac

  • gambitgambit 906 Posts
    Well, it appears that, to enforce this DRM, Sony are installing device drivers, DLLs and registry hacks, then running a Rootkit process to mask their installation. If you attempt to uninstall the playing software, the device drivers are left installed, and are left active. Trying to delete the drivers manually - providing you can even find them - can leave your PC crippled. The code is programmed so badly, you can be losing 1-2% of your CPU time even when the CD isn't in the drive, as the DRM software is searching your machine to check nothing is going on that it should know about.

  • well, if you got windows installed, and you want to circumvent this, usually all you have to do is hold down shift as you're loading the cd, to prevent autoplay from kicking in. or of course you can just turn off autoplay. this way, none of the software is installed, and you can load/rip it without any problems. at least it did the trick when i ripped my girl's foo fighter's cd. probably depends on the type of copy protection tho. the other trick is to cover the inner part of the cd with black marker, but that might have just been the first generation of copy protected cds... play at your own risk

  • when you buy a CD with this technology embedded in it is there a sticker or anything on the outside that lets you know it's copy protected or whatever?




    This is the logo you should see on a cd without copy protection, If a audio cd is tampered with in any way that you can't play it on your pc or in your car it doesn't get this logo.
    So if you just look at the cover and you don't see this baby just don't buy it.
    Correct me if I'm wrong

    more info
    here

  • bull_oxbull_ox 5,056 Posts
    macksteez- I've checked several recent CDs that DON'T have any copy-protection and they don't have the old CD logo...

    Like I said, the one I have has plenty of warnings on the outside of the case...

  • bull_oxbull_ox 5,056 Posts
    Can any tech-savvy Strutters give me an easier fix than the one in the link above?

    I'm VERY uncomfortable having this shit on my work PC (apparantly it even makes you vulnerable to attack by trojans etc) and the fix above was too involved for my puny brain...



  • BamboucheBambouche 1,484 Posts
    Can any tech-savvy Strutters give me an easier fix than the one in the link above?



    I'm VERY uncomfortable having this shit on my work PC (apparantly it even makes you vulnerable to attack by trojans etc) and the fix above was too involved for my puny brain...





    Consider this the perfect oppurtunity to switch to Linux and join the family of open source comrades who work in solidarity. You can use your command prompt to get that shit out of your run folder through Registry Edit:



    Command Prompt: Start/Run/ [type] "regedit"



    -- go to --



    HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun



    KILL

    THAT

    SHIT

    [/b]



    (If it doesn't work. Just give it a few months. Someone will write a hack.)







    If your not interested in learning new platforms, buy a Class A (aka, "Professional Studio") CD Burner/Player -- the HHB Burn-It, for example -- and it's damn near as simple as hitting the "Ignore Copyright" button. (Money talks.) This thing is like $800. But, I've bought one burner and 3 computers, so that should tell you which lasts longer. (Bullshit walks.) It's just a computer. It's just a CD.



    They keep making protections

    And we keep hacking them





    FUCK YOU SONY

    TRY AGAIN[/b]







    I'm reminded of a few moments in this nation's great history, and the power structure's reaction to those moments:





    * Sheet Music: The rich said, "Now peasants will know how to play!"



    * The phonograph: The wealthy said, "No one will go to the opera."



    * The cassette tape: The business monopoly said, "People will stop paying for music!"





    I back up all my CDs on punchcard anyway...

  • bull_oxbull_ox 5,056 Posts


    Thanks loads Bam, I was hoping you'd help me out here...

    I wonder if I can still use a stereo-system double burner to dub this thing? (Some of what I read indicates that its designed to be recognized as a CD-ROM so maybe not...)

  • DORDOR Two Ron Toe 9,905 Posts
    Update:



    They still have left some crap in there.. Read the other link.



    --------------------------------------------------------------------------------











    Sony says sorry... Well not really. But they give you a fix!





    http://cp.sonybmg.com/xcp/english/updates.html













    Some more info here





    http://www.boingboing.net/2005/11/03/sony_releases_deroot.html
Sign In or Register to comment.