It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

SCI/TECH: 'Bots' for Sony CD Software Spotted Online

page: 1
5

log in

join
share:

posted on Nov, 10 2005 @ 04:23 PM
link   
A trojan horse has been found on the internet that exploits the "rootkit" that is installed by Sony's copy-protected CDs. One version of the trojan is distributed by email and entices users to click on a picture that contains the trojan. The trojan provides the attacker with complete control over the users infected PC.
 



news.zdnet.com
A first wave of malicious software written to piggyback on Sony BMG Music Entertainment CD copy protection tools has been spotted online, computer security companies said Thursday.

Sony's software, installed when playing one of the record label's recent copy-protected CDs in a computer, hides itself on hard drives using a powerful programming tool called a "rootkit." But the tool leaves the door open behind it, allowing other software--including viruses--to be deeply hidden behind the rootkit cloak.

The first version of a Trojan horse spotted early Thursday, which aims to give an attacker complete remote control over an infected computer, didn't work well. But over the course of the day, several others emerged that apparently fixed early flaws.

"This is no longer a theoretical vulnerability, it is a real vulnerability," said Sam Curry, vice president of Computer Associates' eTrust Security Management division. "This is no longer about digital rights management or content protection, this is about people having their PCs taken over."

Sony's use of the rootkit software has sparked a firestorm of criticism online and off over the company's techniques, highlighting concerns that remain over record labels' increasingly ambitious attempts to control the ways consumers can use purchased music.




Please visit the link provided for the complete story.


I think this has to be the lowest effort yet in the music industry's effort to curb piracy and the fact that it is now being exploited by malware writers is going to leave Sony vulnerable to a huge backlash. A class-action lawsuit has already been filed in Los Angeles claiming "fraud, trespass and false advertising." Sony issued a patch that allows consumers to locate the rootkit, but the consumer must contact Sony customer service to learn how to remove the program. Fortunately, virus software companies are addressing the problem.

cp.sonybmg.com...
cp.sonybmg.com...

Related News Links:
www.msnbc.msn.com
en.wikinews.org...'s_DRM_protected_CDs_install_Windows_rootkits
blogs.washingtonpost.com...
www.sfgate.com.../news/archive/2005/11/02/financial/f160614S41.DTL

Related AboveTopSecret.com Discussion Threads:

www.atsnn.com...


[edit on 2005/11/10 by GradyPhilpott]




posted on Nov, 10 2005 @ 04:26 PM
link   
I can smell the law suits coming to sony very soon, this is obviously an attack to the consumer, because is targeting the consumer.

Sony CD software is never going to be use in my computer and that is my choice.

Actually is a law suit right now agains the BMG because the software from sony is corrupting the hard drives.

[edit on 10-11-2005 by marg6043]



posted on Nov, 10 2005 @ 04:36 PM
link   
For everyone interested into this matter I advise to read this article and succesive postings. Its from the guy who made the whole Sony "rootkit" affair public, and also shows the poor reaction of Sony. It shows gow incredibly easy it is for EVERYONE to hide processes, registry entries and data on computers infected by this "spyware" (Data is sent to Sony every time a Sony DRM protected CD is loaded), by simply adding a 5-letter-string in front of the to-hide program files.

I can only imagine how the Sony Music staff is getting more desperate by the minute, there is sort of an avalanche of problems coming and they know they cannot stop it anymore... and it serves them right for secretly manipulating private property, the customer PCs.



posted on Nov, 10 2005 @ 04:43 PM
link   
Hmm...

Now, where are my Sony C.Ds... I've not seen a law suit in the U.K. filled yet.



posted on Nov, 10 2005 @ 04:44 PM
link   
Thank you Grady for this item. You just knew there would be more from this. No more anything Sony in our home.



posted on Nov, 10 2005 @ 04:49 PM
link   
I found this interesting side that have a littler program that can detect Rootkit, and revealed to you, I am running it now in my computer very interesting information.

www.sysinternals.com...



posted on Nov, 10 2005 @ 05:37 PM
link   
computer terrorism, i hope all sony execs get to visit gtmo.



posted on Nov, 10 2005 @ 06:19 PM
link   
Did u guys also see that every game on the new PS3 is going to have its own password. So when u pop it in the console you enter the game password and only 1 person can play the game at a time. So u can't burn the cd's or let your friends borrow them. I saw it on G4 t.v its a gaming channel.

[edit on 10-11-2005 by drex4ever]



posted on Nov, 11 2005 @ 12:44 AM
link   
Second trojan found.

securityresponse.symantec.com...



posted on Nov, 11 2005 @ 10:04 AM
link   
Sophos has a removal tool available to remove the Sony DRM
www.sophos.com...



posted on Nov, 13 2005 @ 11:44 AM
link   
What I want to know is when you develop these sorts of things, especially the really powerful dev tools, how do you not find a backdoor?! At the very least, get a bunch of teenagers from their parents' basement and pay them to find 'em for you. They're programmers and engineers, they should be finding this sort of thing.

I simply cannot comprehend.



posted on Nov, 16 2005 @ 01:27 PM
link   
Amorymeltzer,
Speaking from experience, it is not necessarily the programmer / developer's fault. Much of the time such holes are identified during the alpha and beta test phases and they are set to be fixed. unfortunately, the money mavens start jumping in to get the product out the door before testing (and fixes) are put into place.
The people who handle the finances, who do not understand the ramifications of an early release and only see the money that they will get for being the first has caused so many problems that it is not even funny.
I used to work in programming as well as the QA testing and I was over rulled so many times that I left the field because I did not want my name on shoddy software.
Blame it on the finance department and sales, not on the developers



posted on Nov, 16 2005 @ 05:36 PM
link   
Sony's gone insane i reckon and now it appears they have been caught price fixing.



THE electrical giant Sony has been accused of price-fixing in an attempt to curb internet bargains and send online prices soaring, it emerged yesterday.

Source

I was actually favourable to the Sony name until all these stunt's heres another intresting read



More than half a million networks, including military and government sites, were likely infected by copy-restriction software distributed by Sony on a handful of its CDs, according to a statistical analysis of domain servers conducted by a well-respected security researcher and confirmed by independent experts Tuesday

Source

It's amazing how far companys will go they really should be punished Legally.



posted on Nov, 16 2005 @ 06:00 PM
link   
All I can say is stop buying crap from sony...
They're the root of all the music industry/piracy problems anyway IMHO.

Boycot them, buy your music from independant distributers. There's lots of good music not released by sony.



posted on Nov, 16 2005 @ 08:03 PM
link   

Originally posted by Teknikal
I was actually favourable to the Sony name until all these stunt's heres another intresting read


There was a time when all I would buy was Sony electronics and I was still partial to them. As far as music goes, I've never paid much attention to whose label who is on, I just bought what I like. No more. Sony can rot in hell for all I care.

[edit on 2005/11/16 by GradyPhilpott]



posted on Nov, 21 2005 @ 06:42 PM
link   
Texas will be taking Sony BMG to court with new legislation that makes spyware makers liable for damages of up to $100,000. per violation. This is the second lawsuit that has been filed against Sony, who denies that the root-kit that is embedded in some fifty CDs is actually spyware. Whatever it is, it is clear that the public doesn't want their music CDs loading software on their computers, especially when that software is unannouced, hard to remove, and creates vulnerabilties that compromise security.




msnbc.msn.com...

Sony BMG Music Entertainment’s troubles over anti-piracy technology on music CDs deepened Monday as Texas’ attorney general and a California-based digital rights group said they were suing the music company under new state anti-spyware laws.

The Texas lawsuit said the so-called XCP technology that Sony BMG had quietly included on more than 50 CD titles leaves computers vulnerable to hackers. Sony BMG had added the technology to restrict to three the number of times a single disc could be copied, but agreed to recall the discs last week after a storm of criticism.

The Electronic Frontier Foundation said Sony BMG needs to further publicize the recall and compensate consumers for costs associated with removing the software, an onerous process. It was filing a lawsuit in California Superior Court in Los Angeles.

When XCP-enabled discs are loaded into a computer — a necessary step for transferring music to Apple Computer Inc.’s iPods and other portable music players — the CD installs a program that restricts copying and makes it extremely inconvenient to transfer songs into the format used by iPods. Critics say consumers aren’t adequately told what the program actually does.



Please visit the link provided for the complete story.


msnbc.msn.com...

msnbc.msn.com...

msnbc.msn.com...

msnbc.msn.com...

msnbc.msn.com...

[edit on 2005/11/21 by GradyPhilpott]



new topics

top topics



 
5

log in

join