Comments on: Sony to patch copy-protected CD

Facing fears that its piracy-proofed CDs could help virus writers, record label is working closely with antivirus companies to offer patch.

[panderso]

What other Music Companies have similar Copy Protection??

The CEO of First 4 Internet, Mathew Gilliat Smith, boasted to a European IT website -- "IT Enquirer" in July 2005, that their XCP-1 copy protection software is now in use by "most of the large record labels around the world" ( http://www.it-enquirer.com/main/ite/more/digital_rights_management/ ). Is Sony just one of many companies that have been doing this??? It looks like maybe people who have the skills to follow Mark Russinovich's lead may need to start searching for rootkits on their machines if they have used any music CD's from any number of companies that are known to have, or might be suspected to have, copy protection.
Note that this Wired article http://www.wired.com/news/digiwood/0,1412,67696,00.html from May reported that First 4 Internet's clients include Universal Music Group, Warner Music Group and EMI, in addition to Sony/BMG.

BTW-- If you want to send your opinion directly to First 4 Internet, here is how to contact Mr. Mathew Gilliat Smith.
info@first4internet.co.uk subject='attn: Mathew' -

[PCCRomeo]

Only Sony and BMG I believe....

I'm pretty sure that Sony and BMG (when the were both seperate companies) are the only 2 that have ever attempted to mass market copy-protected CD's and they always flop.....People might as well not talk about American's being greedy, this shows that the foreigners are just as bad!

Re: Copy-Protected CD

Apparently the patch download weblink uses Active X, It will only work If you use IE. I tried with Firefox (1.0.7) & Mozilla, to no avail. As I do not use IE, it will not download unless I reinstall IE (which I do not plan on doing). Does anyone have a workaround method to remedy this...Regards: dejc...

[lamaslany]

How would you know you needed to remove it?

If it is not stated that the software is installed and the the EULA doesn't mention it how would a user know that they need to remove it?

[thedreaming]

like all malware...

You would notice a degration in system performance, not to mention that the moment you try to rip a sony music cd, your cd would eject without any indication as to why.

Don't know about you, but that would clue me in that something was running around in the darkest parts of my machine, doing who knows what.

In the end, I don't hate them for trying to install DRM. I hate them for installing it without telling you, then lying about it.

If they were open about it and told everyone, "If you want to play our cd, you have to have DRM installed, otherwise take the cd back to the store and get your money back."

This disclaimer should be posted at the store for everyone to read, not just on the start screen of the cd.

[wtortorici]

Luke, the patch will iform you if...

has the rootkit on your computer. go to

http://updates.xcp-aurora.com/

to download the program.

[sitinsprinter]

What are Sony On

I bought Good Sharlete CD recently, only to find I could not put it onto my mp3!! What are they doing ? Result was I gave it to a friend who was able to copy it using a cd to cd music mixing unit ( not PC ) so its easy to copy so why bother. I bought the CD in good faith now I will source copies in future for these so called pre ripped CD ( what a laugh sony )

[wtortorici]

I just downloaded patch from...

http://updates.xcp-aurora.com/

I put on my desktop for future use.

[Mark Donovan]

Sony offers non-rootkit DRM

A new development? If you fill out the remove request at
http://cp.sonybmg.com/xcp/english/form14.html

an e-mail reply offers non-rootkit DRM to replace the rootkit version. The e-mail includes the following gag order.

"This message and any attachments are solely for the use of intended recipients. They may contain privileged and/or confidential information. If you are not the intended recipient, you are hereby notified that you received this email in error, and that any review, dissemination, distribution or copying of this email and any attachment is strictly prohibited. If you receive this email in error please contact the sender and delete the message and any attachments associated therewith from your computer. Your cooperation in this matter is appreciated."

[jetbatt]

Is This a Mac problem?

Is this a mac problem too?

[Mark Donovan]

Sony says, "No."

Sony's FAQ says:
http://cp.sonybmg.com/xcp/english/faq.html#compatibility

1. Will this disc play on my computer?

Mac Users: This disc will behave like a traditional CD in a Mac.

[J. Warren]

Sony CD Copy Protection Relies On Hacker Rootkit

Now that we have your attention (using the headline from TechWeb ( http://www.techweb.com/article/printableArticle.jhtml?articleID=173402272&site_section= ), a few facts from other news sites:

'Don't know that I would trust Sony to remove it, since they're the ones who installed it surreptiously... ya' know?

- http://www.theinquirer.net/?article=27426
3 November 2005
"...This is the service pack from hell... These are scary times people, and if we let Sony get away with this now, it will only get worse and harder to stop later."

- http://www.theregister.com/2005/11/03/sony_rootkit_drm/
"...The patch that Sony will offer doesn't remove the 'rootkit' DRM: it only makes the hidden files visible..."

So folks, if this issue doesn't get at least a small rise out of you, you must be numb from the neck up...

[SeizeCTRL]

Sysinternal's deep scoop...

Sysinternal did a deep investigation into Sony's rootkit. Read all about it here:
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html

[rond36]

It all started there

That blog is where this snowball started.
Fsecure's Blacklight software found the rootkit first but Fsecure sat on the news while asking for an explanation from Sony/BMG. Sysinternals found it and went public with the news. Fsecure went public with it shortly after Sysinternals. After that it went to the PC help forums and security help forums. Fsecure now has it listed as a virus!

[betolima64]

Sony... Be shame of your acts!

Wow, that's great!!!

Sony BMG has released a patch to antivirus companies that will eliminate the copy-protection software's ability to hide.

Sony BMG should be shame to treat us as criminals. If I buy a CD, it's mine. I have the right to make copies to listen to in my car, walkman, etc. And that's not piracy!

The attitude of Sony BMG is above the Justice - which is (or should be) competent for these cases.

Sony has gone too far with its methods to combat piracy. Has the company already thought why piracy has been growing?

If Sony doesn't respect my rights as a consumer why should I do the same regarding to it?

[flashbanger]

I am sooo done with SONY

This company is going down the pot first with poor television
sales, second poor content sales, third poor player sales. This is
an attempt to scare consumers into re-purchasing content to
use on another device (what a scam). Well I was looking forward
to the release of the sought after PS3 but now the tides have
turned and I'm not buying into a spy ware hacking company
mixed up in their own greed. Sony you SUCK!

[greenwelling]

Investigating Sony's DRM

We would be interested in speaking to U.S. residents that have purchased any Sony BMG audio CD protected by the XCP copy protection scheme. We have looked at many DRM cases and Sony went too far with this particular scheme. You can contact us at gw@classcounsel.com.

[yrrahxob]

Lies Lies Lies

Ok Sony. I am tired of hearing all your lies about how you are going to supply so-called "Patches" to fix this problem. Now you are sweating because you got caught with your pants down. I was planning on buying my grandson a new PS3 for Christmas and a new 42" Sony plasma TV but now I'll go with the XBOX-360 and a Panasonic TV for myself. Way to go Sony. I'm sure all your stockholders are proud of you.

[jimmyirl]

What goes around comes around!!!

This process of hiding files on pc's is already in use. I have seen it on adware/malware/spyware for almost a year and even for protection of programs and games.

I find it laughable that all the big companies are trying to protect kazillionaire ceo's and boardmembers who, at the end of the day will sell their shares and have no dealings with the company whatsoever. And now they intend to do this by breaking the law and invading people's rights.

If ever there was an advertisement for p2p file sharing, this is it! Why should I, or anybody, obey copywright law when companies so blatantly ignore laws that are put in place to protect the security of the normal person?

Wouldn't it be very ironic if the big companies who use this rooktit system, were themselves, hit with the viruses that they "fear" could be created with their very own programs. And if it did happen, oh how I would laugh!

[don544]

Read The Patch

If I read the site correctly the patch installs the entire new drm scheme, it does not remove anything

[aabcdefghij987654321]

Those CDs are still Virulent!

Sony's offer to let you download a patch to their "rootkit" really is totally unacceptable. Those CDs are still out there and still virulent.

Years or decades from now (I've got lots of CDs over 10 years old) your grandchild is going to pop one of these carriers of the "Sony Flu" into their new computer running a still-to-come version of Windows and what do you think is going to happen?

Well, Mikko Hypponen of F-Secure found out when he popped it into a machine running Windows Vista that the Sony CD "breaks the operating system spectacularly." Who's going to know how to fix it in 2020? Already most of the "weblinks" on my so-called "Enhanced CDs" (provided by these same recording studios) get "404 Not Found" errors only a year or two after release.

Keeping these still-infectious CDs around on your shelf is like keeping a live hand-grenade as a WW2 souvenir. Just hope your kids don't play with it.

The only acceptable solution would be for Sony to recall every one of these virulent CDs out there and take them out of circulation.

Rootkit requires root...

...that's how it got its name.

Hmmm, so Windows user have to run as root to listen to a Sony
music CD?

What's that? 99% of them already are running as root? Then
how do they prevent rootkits from being installed?

You're kidding! They purchase additional software to hunt them
down and delete them?

You mean, all of this spyware/malware/adware/rootkit stuff get
written to their hard drive / registry only because they're
running as root all the time?

Aren't billions of dollars spent annually ridding people's
computer of this stuff?

Why don't Windows users stop running as root, and save some
money?

This whole Windows security thing is a total sham. Stop running
as root, and breath easy.

And please don't reply saying, "We have to run as root!". Sheep.

[catchall]

You have entirely missed the point

In your anti-MS fervor. Not surprising. Let?s take this from the viewpoint of the Mac.
Are there Root-Kits for the Mac? Yes. There are rootkits for every OS out there. The problem is delivery, as the Mac user is not normally Root. But, to install (much) software, you have to enter the root password. See my point yet?
Lets dumb it down further so you?ll get it. Lets take a company that is known for putting things in their code and not telling the users. Adobe. They put the ability to recognize (and block) scanning currency in Photoshop, without telling anyone. So they have precedence. Now, to install Photoshop on you Mac, you type the root password into the installer, yes? Do you think Adobe would install something else (as root, which they now have) on your system and not tell you? Until last week, I would not have believed Sony would have been so stupid?

[Mendz]

Sony's Appalling DRM!!!

Read this: http://www.grc.com/sn/SN-012.htm. Or listen to the podcast linked in the same page. Sony is agreeably appalling! They should've been more responsible.

[echo_320]

privacy

I have always bought Sony products but this will STOP. Never again. I bought XP. NOT SONY. IT ALL LEADS US CLOSER TO NO PRIVACY IN THIS WORLD.

[DianeST]

Sony LIES

I got the root kit on my machine and it caused me many problems. I waited for days to get the removal patch from Sony and foolishly believed it was removed. Imagine my surprise today when a spyware remover found the Sony Rootkit Trojan still on my machine. I am livid!