[BC] Re: [Pubtech] [Fwd: newest Sony DRM has a hidden rootkit]
Barry Rueger
rueger
Tue Nov 1 10:33:56 CST 2005
Mike quoted:
> Quick summary, the newest Sony attempt at DRM on audio cd's ...
> installs > a "rootkit" that attempts to hide itself from detection and intercepts all
> calls to the cd drive of your PC.
Perhaps more importantly, as reported at The Register:
http://www.theregister.co.uk/2005/11/01/sony_rootkit_drm/
"What makes Sony's CD digital media software particularly nasty is that
using expert tools for removing the parasite risks leaving you with a
Windows PC that's useless, and that requires a full reformat and reinstall."
"The Sony CD creates a hidden directory and installs several of its own
device drivers, and then reroutes Windows systems calls to its own
routines. It intercepts kernel-level APIs, but then attempts to disguise
its presence, using a crude cloaking technique.
Disingenuously, the copy restriction binaries were labelled "Essential
System Tools".
But the most disturbing part of the tale came when Russinovich ran his
standard rootkit-removal tool on the post-Sony PC.
"Users that stumble across the cloaked files with a RKR scan will
cripple their computer if they attempt the obvious step of deleting the
cloaked files," he writes."
===================================
Barry Rueger
Community-Media.com
PO Box 91205
350 King Street East, Hamilton ON L8N1C0
Phone: 905-522-9544 Cel: 905-966-6498
http://www.community-media.com
AIM/MSN ID: AppalBarry
Blog: http://www.threesquirrels.com
More information about the Broadcast
mailing list