Golga Bolg wrote:
You guys rock! This situation came up in a meeting today and I was fully informed!!
I said, "the thingamabob screwed up the doohickey. Rootkit, cloaked malware, digital rights management, sis-boom-bah"
/ ok ok I didn't say EXACTLY that
Who do you work for, and how did it come up?
And Azz:
Sony release some software on their music CDs that when put in an optical drive with auto-run enabled (most PCs in the world) and with admin rights (even more PCs in the world) it installs a rootkit on the system as well as some other software. It does this without letting the user know it has been done, and it does it automatically as soon as the CD is put in the drive.
A rootkit is just a piece of software that hides itself on your system. You can't see it when you view all the running processes on your system utilizing task manager. This rootkit also hides the other software.
The other software prevents you from playing that particular CD with any other software except the Sony provided software. It also prevents ripping of the CD. The rootkit will also hide any running processes that begin with the marking "$sys$". This means anyone can make a virus or trojan that starts with those characters, and it will be hidden. Anti-virus programs won't be able to detect it.
All this was found out, and people rightly got very irritated at Sony. So Sony released a "patch" with the newest version of the software, and also made the software and the rootkit "visible" in the processes, but doesn't remove it. If you try to remove the software yourself, it will make your CD and DVD drives inoperable. They won't read any discs at all.
If you pester them and call them a bunch, they will eventually give you a tool to uninstall this malware, and I believe the tool has now been made available to anyone who goes to the site. The tool consists of downloading an ActiveX control for Internet Explorer. ActiveX stuff can do a lot of really neat things and make your webpages amazingly cool, but it also opens the door for security problems, and as a result most people in the know disable a lot of ActiveX stuff.
Anyway, to remove Sony's software and rootkit, you have to download this ActiveX control software. This software was so poorly written that once on your machine, it will allow any website you go to to run any code it wants on your machine. In short, anyone can put up any virus or malicious code on a website and if you go there, that software will automatically be downloaded and ran on your machine, without you knowing it. Its a completely wide-open door to your system, as long as the writer has it access Sony's ActiveX control.
So now to help prevent your machine from being vulnerable due to Sony's incompetence, you have to make your machine more vulnerable.
Its a huge problem for Sony, and there are likely to be many and numerous lawsuits against them for it. There my also be criminal suits against them as well.
The very best part of all of this, is that the software vendor who wrote the program for Sony actually broke copyright law with the software, and ripped parts of it off. So they have copyright violating software that opens up your PC to all kinds of security risks to prevent you from violating their copyright.
Login
Register
FAQ
Search
"Game development stuff" is pro-bono, "inciting techno-revolts against software made by huge media companies to destroy your computer if it thinks you are pirating music" is still $360.
