Beware Sony CDs on your PCs


From a buddy:

There have been some threads about this on Audio Asylum and the Washington Post has an excellent article on this abomination. It's serious; Sony CDs install a poorly written piece of malware on your computer without telling you (the incompetent jackass who seems to have written it, one Ceri Coburn of First4Internet, had to ask for help from a Windows programming email list last year). The DRM malware uses CPU resources all the time even when you're
not playing the Sony CD, and it cloaks itself so deep in Windows that anti - virus software can't find it. Even worse, the trick it uses to hide itself opens up an avenue for viruses to hide from anti - virus tools too. One post
on CNet sums up the issue this way: "Highly invasive software that can corrupt Windows was installed by Sony without the user's knowledge or permission. The software is hidden, extremely low level, and impossible to remove by any malware tools. Normal use of the computer can cause Windows' devices to become inaccessible, forcing the user to reformat and reinstall Windows." Sony's "fix" is merely a patch that uncloaks the DRM code so it shows up in your registry, but doesn't remove the damn thing or fix its defects. And the DRM code blows up the beta test version of the next generation of Windows. Its completely unconscionable for Sony to have done this.
128x128nsgarch
Required reading on how it was discovered and what the a rootkit allows for....

http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html

How to remove it, not just patch it to make it visible! Removal is not for the faint at heart.. Sony is offering a removal Active X component if you go to their site and request removal but you have to provide your email address, product you bought, and where.

Also in the long thread users of AnyDVD software prevents the infections. Disable autostart on your CD/DVD players.

Isobuster was also mentioned.. I wonder whether EAC would do the same thing... for free???

For Linux users cdParanoia http://www.xiph.org/paranoia/ can extract out the audio tracts so you can play your music you bought without installing device drivers..

Sony artists won't be getting my $$$
It doesn't install the DRM or the RootKit unless you execute the data software that comes with the CD. I think this is the same sort of copy protection that Sony has on the recently released Chris Botti. For computer users that take proper precautions the RootKit won't be able to install. I've never had a copy protected CD that I couldn't rip but the first one will be the last one.
More follow up, including a response purportedly from F4I, the creators of the rootkit. And possible legal actions.

http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html

Apparently this DRM has been around a while. I ran RKR on my computer and came up clean, a recommended step if you run Windows...
Sony really screwed itself on this one. Here's a link to a good article giving and overview and an update of the situation. Several class action lawsuits are in the works.