#269599 - 15/11/2005 14:38
Sony DRM woes get worse
|
addict
Registered: 23/09/2000
Posts: 498
Loc: Virginia, USA
|
Unbelievable. The uninstaller for the rootkit uses an ActiveX control that leaves an even greater security risk. The ActiveX control is marked to allow any script to be run from any website without needing user permission. This includes downloading and executing code behind the scenes. http://www.freedom-to-tinker.com/What an amazing mess. I don't know who's more to blame: 1. Sony for distributing this software 2. First4Internet for being utterly incompetent 3. Microsoft for allowing such things to be installed without your knowledge
|
Top
|
|
|
|
#269600 - 15/11/2005 16:23
Re: Sony DRM woes get worse
[Re: Dylan]
|
addict
Registered: 23/09/2000
Posts: 498
Loc: Virginia, USA
|
Quote: It now appears that at least 568,200 nameservers have witnessed DNS queries related to the rootkit. How many hosts does this correspond to? Only Sony (and First4Internet) knows...unsurprisingly, they are not particularly communicative. But at that scale, it doesn't take much to make this a multi-million host, worm-scale Incident.
http://www.doxpara.com/
Is it wrong that I'm enjoying this train wreck so much?
|
Top
|
|
|
|
#269601 - 15/11/2005 18:43
Re: Sony DRM woes get worse
[Re: Dylan]
|
pooh-bah
Registered: 25/08/2000
Posts: 2413
Loc: NH USA
|
I'm with you. This is great fun, especially since it in no way affects me personally (I own none of the affected CD's).
-Zeke
_________________________
WWFSMD?
|
Top
|
|
|
|
#269602 - 15/11/2005 19:03
Re: Sony DRM woes get worse
[Re: Ezekiel]
|
addict
Registered: 24/07/2003
Posts: 500
Loc: Colorado, N.A.
|
And where would I find a list of the affected CDs, btw? Anybody? Quote: I'm with you. This is great fun, especially since it in no way affects me personally (I own none of the affected CD's).
-Zeke
_________________________
-- DLF
|
Top
|
|
|
|
#269603 - 15/11/2005 19:30
Re: Sony DRM woes get worse
[Re: DLF]
|
carpal tunnel
Registered: 13/07/2000
Posts: 4180
Loc: Cambridge, England
|
Quote: And where would I find a list of the affected CDs, btw? Anybody?
There's one here, but not all the CDs they list come with rootkits in all versions. I've got (the UK version of) the Kasabian album listed, and while it has some "copy-protection" on, including an unacknowledged and sourceless copy of lame_enc.dll, it doesn't have the rootkit.
Peter
|
Top
|
|
|
|
#269604 - 15/11/2005 19:38
Re: Sony DRM woes get worse
[Re: peter]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
I'll check my Kasabian and Foo Fighters CDs when I get home.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#269605 - 15/11/2005 20:34
Re: Sony DRM woes get worse
[Re: peter]
|
carpal tunnel
Registered: 30/04/2000
Posts: 3810
|
So why, exactly, are they including the lame DLL? What's it used for?
|
Top
|
|
|
|
#269606 - 15/11/2005 20:47
Re: Sony DRM woes get worse
[Re: DWallach]
|
carpal tunnel
Registered: 13/07/2000
Posts: 4180
Loc: Cambridge, England
|
Quote: So why, exactly, are they including the lame DLL? What's it used for?
Well, I didn't run the provided player binary, but reading the help file makes it appear to be all about creating protected "EMP" files based on the CD, which only it knows how to play. Why they bother to rip the CD (oh yeah, there's an ASPI driver on the CD too), encode to MP3, and encrypt, rather than just have the encrypted files on the CD in the first place, is beyond me -- even if they wanted to log the user's identity on their servers before allowing playback, they could do that before allowing access to the encrypted files. Maybe they're worried about people copying the CD -- in EMP form -- by copying the data session only.
Peter
|
Top
|
|
|
|
#269607 - 15/11/2005 23:59
Re: Sony DRM woes get worse
[Re: wfaulk]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Both of them are SunnComm for me.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#269608 - 16/11/2005 03:29
Re: Sony DRM woes get worse
[Re: Dylan]
|
pooh-bah
Registered: 19/09/2002
Posts: 2494
Loc: East Coast, USA
|
This mess is quite good fun. I enjoy explaining it in plain english to my coworkers who've caught the news and ask me about it. "Forget CDs," I leave them with, "Try Rhapsody, Napster2Go, iTunes, satellite radio, cable digital music channels, etc." Unfortunately, I'm talking to a low bandwidth crowd, but I think it's helping to raise suspicion of the "big boys protecting their piggybanks."
_________________________
- FireFox31 110gig MKIIa (30+80), Eutronix lights, 32 meg stacked RAM, Filener orange gel lens, Greenlights Lit Buttons green set
|
Top
|
|
|
|
#269609 - 16/11/2005 03:30
Re: Sony DRM woes get worse
[Re: Ezekiel]
|
carpal tunnel
Registered: 13/02/2002
Posts: 3212
Loc: Portland, OR
|
Quote: I'm with you. This is great fun, especially since it in no way affects me personally (I own none of the affected CD's).
I'm also enjoying it. I neither own any of the affected CDs, nor do I run an affectable (by this DRM) OS, either.
|
Top
|
|
|
|
#269610 - 16/11/2005 06:22
Re: Sony DRM woes get worse
[Re: canuckInOR]
|
carpal tunnel
Registered: 18/01/2000
Posts: 5683
Loc: London, UK
|
Quote: nor do I run an affectable (by this DRM) OS, either.
Windows isn't affectable, either, if you're running without Admin privileges.
_________________________
-- roger
|
Top
|
|
|
|
#269611 - 16/11/2005 06:27
Re: Sony DRM woes get worse
[Re: Roger]
|
carpal tunnel
Registered: 10/06/1999
Posts: 5916
Loc: Wivenhoe, Essex, UK
|
Quote:
Windows isn't affectable, either, if you're running without Admin privileges.
...and if gaining admin rights in Windows when needed worked like it does in OSX then more people would actually use non-admin accounts on Windows machines...
(but then a large number of Windows people who already get hit with rootkits, spyware, malware, viri, trojans etc would just enter their admin password when asked by any random bit of code anyway)
Edit:
For those who haven't used OSX, when an app needs admin rights to do something (typically during install) a system dialog asks you to enter your admin password, to grant admin rights just to the process that asked for it. On Windows you would either have to temporarily change you account to have admin rights, or log on as a different user. In theory you could run installer/app in question as a different user, but I haven't ever had much success with that and installers.
Edited by andy (16/11/2005 06:30)
_________________________
Remind me to change my signature to something more interesting someday
|
Top
|
|
|
|
#269612 - 16/11/2005 06:27
Re: Sony DRM woes get worse
[Re: Roger]
|
pooh-bah
Registered: 13/09/1999
Posts: 2401
Loc: Croatia
|
Quote: Windows isn't affectable, either, if you're running without Admin privileges.
Hmm, good reminder. I would never dream of routinelly log into a Linux box, even a completely personal one, as root, and somehow I feel too lazy to run Windows as a user without any admin privileges. Time to change habits.
_________________________
Dragi "Bonzi" Raos
Q#5196
MkII #080000376, 18GB green
MkIIa #040103247, 60GB blue
|
Top
|
|
|
|
#269613 - 16/11/2005 07:55
Re: Sony DRM woes get worse
[Re: bonzi]
|
carpal tunnel
Registered: 18/01/2000
Posts: 5683
Loc: London, UK
|
Quote: Hmm, good reminder. I would never dream of routinelly log into a Linux box, even a completely personal one, as root, and somehow I feel too lazy to run Windows as a user without any admin privileges. Time to change habits.
To be fair, I still use my home PC with admin rights, because I've been too lazy to lose them.
At work, however, I run as non-Admin, ever since I managed to delete the content of my hard disk when running a script that had inadequate parameter validation before it executed "rd /s /q %1"
If you're interested in running non-Admin, check out Aaron Margosis' blog.
_________________________
-- roger
|
Top
|
|
|
|
#269614 - 16/11/2005 13:02
Re: Sony DRM woes get worse
[Re: Roger]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
It's still amazing that there has to be a list of tips and tricks for doing something the correct way. MS shouldn't have made it that hard.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#269615 - 16/11/2005 13:27
Re: Sony DRM woes get worse
[Re: wfaulk]
|
carpal tunnel
Registered: 18/01/2000
Posts: 5683
Loc: London, UK
|
Quote: MS shouldn't have made it that hard.
They screwed up way back when, and compatibility is king, so they're kinda reluctant to change anything too radically.
It's a vicious circle: until they make it easier to develop applications as non-Admin (and it does work now, but you have to jump through some hoops), developers won't realise that they're assuming the user has admin rights, and the user won't be able to run the software without admin rights, and so on...
_________________________
-- roger
|
Top
|
|
|
|
#269616 - 16/11/2005 13:40
Re: Sony DRM woes get worse
[Re: andy]
|
carpal tunnel
Registered: 29/08/2000
Posts: 14492
Loc: Canada
|
Quote:
For those who haven't used OSX, when an app needs admin rights to do something (typically during install) a system dialog asks you to enter your admin password
Hey, just Like (K)Ubuntu Linux does! Clever, those Mac folks!
|
Top
|
|
|
|
#269617 - 16/11/2005 14:05
Re: Sony DRM woes get worse
[Re: Roger]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Basically what you're saying is that it's such a pain in the ass that even people who know better regularly run as Admin.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#269618 - 16/11/2005 14:10
Re: Sony DRM woes get worse
[Re: wfaulk]
|
carpal tunnel
Registered: 18/01/2000
Posts: 5683
Loc: London, UK
|
Quote: Basically what you're saying is that it's such a pain in the ass that even people who know better regularly run as Admin.
Yep. It's a cultural thing. Although I'm not so sure that a large portion of Windows developers actually know better...
_________________________
-- roger
|
Top
|
|
|
|
#269619 - 16/11/2005 15:27
Re: Sony DRM woes get worse
[Re: andy]
|
carpal tunnel
Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
|
I run with an Admin account on my Mac all the time. What I don't run all the time is with a ROOT account. They're different. Admin on the Mac is not the be-all end-all. And while running an admin account it will still ask you for password validation whenever an application needs to do something that requires admin access. Or you do something like try to delete system files.
Bruno
|
Top
|
|
|
|
#269620 - 16/11/2005 22:01
Re: Sony DRM woes get worse
[Re: Roger]
|
pooh-bah
Registered: 13/09/1999
Posts: 2401
Loc: Croatia
|
Hey, I never noticed this "Run as..." (and certainly didn't know for shift-right click context menu trickery). Thanks for the link!
Edit: I think that one of the problems is that we who used PCs from DOS 1.0 tend not to read new documantation (such as it exists), and Windows is improving. Hey, I learned only few montsh ago (and forgot again, but now I will find it quickly) that one can do an equivalent or real hard link and filesystem mount in NTFS!
Edited by bonzi (16/11/2005 22:07)
_________________________
Dragi "Bonzi" Raos
Q#5196
MkII #080000376, 18GB green
MkIIa #040103247, 60GB blue
|
Top
|
|
|
|
#269621 - 16/11/2005 22:23
Re: Sony DRM woes get worse
[Re: bonzi]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Yup, but Microsoft doesn't give you any utility to make them. I've also heard that some programs will get confused, and it's best to avoid them for that reason. I don't really understand how they could get confused, but that's what I've heard.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#269622 - 16/11/2005 23:17
Re: Sony DRM woes get worse
[Re: Roger]
|
pooh-bah
Registered: 19/09/2002
Posts: 2494
Loc: East Coast, USA
|
I dunno, a lot of installers that I've seen have no problem running as (Windows 2000) Power User, much to my regret. Hopefully some swift Group Policy will take care of that.
_________________________
- FireFox31 110gig MKIIa (30+80), Eutronix lights, 32 meg stacked RAM, Filener orange gel lens, Greenlights Lit Buttons green set
|
Top
|
|
|
|
#269623 - 17/11/2005 09:30
Re: Sony DRM woes get worse
[Re: FireFox31]
|
carpal tunnel
Registered: 18/01/2000
Posts: 5683
Loc: London, UK
|
Quote: I dunno, a lot of installers that I've seen have no problem running as (Windows 2000) Power User, much to my regret. Hopefully some swift Group Policy will take care of that.
That'll be because 'Power Users' is a group with permission to run installers.
On my home PC, Jen gets to be in the 'Users' group, with minimal permissions. When I build my new PC, I'll probably do the same to my user account.
_________________________
-- roger
|
Top
|
|
|
|
#269624 - 17/11/2005 14:25
Re: Sony DRM woes get worse
[Re: DLF]
|
carpal tunnel
Registered: 13/07/2000
Posts: 4180
Loc: Cambridge, England
|
Quote: And where would I find a list of the affected CDs, btw? Anybody?
Sony's own list is here.
Peter
|
Top
|
|
|
|
#269625 - 17/11/2005 15:35
Re: Sony DRM woes get worse
[Re: peter]
|
carpal tunnel
Registered: 13/07/2000
Posts: 4180
Loc: Cambridge, England
|
Beyond weird.Not only does the rootkit apparently contain part of the GPL'd VLC project, not only does that include the part containing VLC's ability to remove DRM from Apple Itunes protected AAC, but according to TFA (search for "mystery line") the decoder actually copes with an additional, later version of Fairplay than the code in VLC svn does... Peter
|
Top
|
|
|
|
#269626 - 18/11/2005 02:15
Re: Sony DRM woes get worse
[Re: peter]
|
pooh-bah
Registered: 19/09/2002
Posts: 2494
Loc: East Coast, USA
|
So, F4I stole a whole bunch of code? I don't understand the whole GPL issue.
In other news, Microsoft deemed the rootkit as spyware, setting it to be removed by MS AntiSpyware, Malicious Software Removal Tool, and the Windows Live Safety Center.
_________________________
- FireFox31 110gig MKIIa (30+80), Eutronix lights, 32 meg stacked RAM, Filener orange gel lens, Greenlights Lit Buttons green set
|
Top
|
|
|
|
#269627 - 18/11/2005 08:23
Re: Sony DRM woes get worse
[Re: FireFox31]
|
carpal tunnel
Registered: 13/07/2000
Posts: 4180
Loc: Cambridge, England
|
Quote: So, F4I stole a whole bunch of code? I don't understand the whole GPL issue.
Well, "stole" is the wrong word, as the original authors still have their copies too. But F4I and Sony copied and distributed a whole bunch of code without the copyright holder's permission. Even among those who don't think that such copying is always immoral, many think that it's immoral when done for a commercial product. But the main issue is the hypocrisy of a record label -- a strident advocate of copyright -- completely ignoring the rights that the copyright regime they so love, gives to someone else.
Peter
|
Top
|
|
|
|
#269628 - 18/11/2005 09:00
Re: Sony DRM woes get worse
[Re: peter]
|
old hand
Registered: 14/04/2002
Posts: 1172
Loc: Hants, UK
|
Quote: But the main issue is the hypocrisy of a record label -- a strident advocate of copyright -- completely ignoring the rights that the copyright regime they so love, gives to someone else.
Even worse than that, some code was by DVD Jon, who was dragged through the courts by the MPAA, of which Sony is a member!
Gareth
|
Top
|
|
|
|
|
|