If you are a copyright owner and believe that your copyrighted works have been used in a way that constitutes copyright infringement, here is our DMCA Notice.

« Remixed Halloween Safety Soundtrack | Main | Air America's Next Big Mistake? »

November 01, 2005


TrackBack URL for this entry:

Listed below are links to weblogs that reference Sony CD's caught installing extremely well-hidden and sketchy DRM software:

» Sony Endorses P2P from Outtascope Musings
Apparently Sony execs got themselves a bad bag of whatever it is they are smoking. They apparently are working on a new slogan, Pirate Music or Well Hack Your Machine!. Makes P2P seem a hell of a lot safer than Best Buy. -OS ... [Read More]

» http://www.numberonehitsong.com/archives/001804.php from number one hit song
Excellent rundown of Sony's DRM malware... [Read More]

» Copyright protection f--kin s--t up from Giant Robot: Robot Lounge
so let me break it down. illegal free mp3s = dont break your computer. expensive legitimate CD = break your computer without your knowledge [Read More]

» On Music from For What It's Worth
...I am growing to hate the RIAA more and more as each day passes...I am definitely not buying something advertised as being a "Content / Copy-Proected CD" - no how, no way. I think the music industry is headed for an implosion... [Read More]

» Hey Sony! You gonna get JAILED! from A Shout Out to My Pepys
Thanks for installing malicious stealth software on people's computers when they play CDs....It would be a terrible shame if someone put one of their CDs into a machine that happened to control some part of the infrastructure here in the U.S. that is r... [Read More]

» Digital rights management: Mucking up the works from mister snitch!
We've seen a flurry of stuff lately on how Digital Rights Management (DRM) is stifling innovation, and even preventing CD's from being loaded into iTunes... [Read More]

» If a teenage kid had done this, they'd be up on charges from FFEJWORLD
...The Malware/worms/virii shitstorm from people who didn't know about the rootkit and loaded these CDs on their computers will take years to eradicate. Sony will probably get off scot free, and dump their surplus inventory on the third world to crippl... [Read More]

» WFMU's Beware of the Blog: Sony CD's caught installing extremely well-hidden and sketchy DRM software from The Far Traveler
So, it has finally come down to this, you don't have a choice about DRM, your rights are removed and there is no recourse. All of this to protect the profit margins of Sony, at your expense. If there was ever a good argument for piracy, to me, this is it. [Read More]

» Sony has finally crossed the line with their Digital Rights Management. from rambling on
This should be enough to start a class-action lawsuit against Sony - any takers? [Read More]

» A little late on this, but better late than never from MsGeek.Org
Sony has been two-faced in their dealings with technology ever since the technology company also became the owner of Big Media companies in their purchases of CBS/Columbia/Epic Music, RCA/BMG Music, Columbia Pictures, and Metro-Goldwyn-Mayer Pictures. [Read More]

» The Sony Music CD fiasco from FairUseLaw.com
I use the word fiasco because this reflects very badly on Sony Music and to a lesser extent the music industry in general... [Read More]

» More Info on Sony's CD Debacle from Enjoy Every Sandwich
...we Mac users are at risk, too. Sony has offered a "patch" that doesn't remove the malicious rootkit...That's a big "Fuck you!" to consumers if I ever saw one. Especially now that the first virus taking advantage of the planted rootkit has emerged... [Read More]

» Sony-BMG: They just don't get it from TeoZilla
...Sony-BMG is up to more of its old tricks....It seems to fit a pattern of Sony's...It goes back to the age-old business wisdom: a dissatisfied customer is the best advertising... [Read More]


Taso Stefanidis

I download a lot of stuff from itunes onto my mac. Is this really a bad thing? As a freeform supporter, should I be avoiding DRM music?

That whole sony business is bad though. Let's hope a big time lawsuit results. Anybody remember the kid who got in trouble because he figured out if you hold the shift key, the DRM blocker was disabled.


It's not "an extremely well hidden way"; a rather idiotic rootkit, in fact. What's hilarious and sad is how a complete beginner (judging by his posts asking for help) wrote a rootkit that will protect (read: cripple) all Sony CDs.


PS. I just noticed you require an email address to post. Besides immediately deluging the innocent poster with spam, what else does it accomplish? Have you heard of the "hide the poster's email" concept? (Hint: use a web form if someone wants to contact the poster.)


Taso - yes, DRM is bad - you shouldn't be using iTunes. Read the Cory Doctorow article linked in the blog entry for an excellent explanation of the general problem. iTunes is bad because they can change the restrictions at any time _retrospectively_. You could easily lose access to use that music the way you want to in the future. You can already only play it on a very limited selection of players (Itunes, iPods).

There are a host of sites that put out non-DRMed music, like magnatune.com, allofmp3.com, audiolunch.com, mp3tunes.com. The first three will give you oggs as well so you can avoid patent issues too. All but allofmp3 also pay the artists a decent share.


Alex - So the researcher only needed about five different reverse engineering tools (one he wrote himself) to find and remove this malware - but you don't consider that well hidden?

Also, I wouldn't call it idiotic, it's just pared down from what it could have been (and what it will probably evolve into). The malware could have scanned the entire contents of your drive for mp3s from Sony artists, videos of Sony movies, or some budget spreadsheet which shows how much money you spent on electronics last year (i.e. anything!). With some extra code, the program could have reported back to Sony everything that it found at which point they could a) delete what they thought was their property, b) sue you c) cripple your computer (you know, that box that you paid $2,000 for?). And all of this could be legitimately covered by a well crafted EULA that none of us would have read before popping in the CD.

So don't worry Alex, the next one will be better hidden and less idiotic.

Kenzo (lastever.org / kenzodb.com)

Actually, Russinovich used EIGHT tools to diagnose and identify this malware, seven of which he wrote himself (sometimes with his partner Bryce Cogswell).

I highly recommend the free Sysinternals tools they wrote: I have found many of them completely indispensible for years. I think I run Filemon and Process Explorer at least daily.

I also just found a reference online to someone having found this Rootkit and tracing it back to Sony on Aug. 25, 2005.

Alex: Yes, it's annoying that TypePad asks for an email address. It doesn't make you give a real one. Also, if you create a TypePad account before posting a comment, then your provided email address won't be posted with your comment (instead, a link to your "TypePad profile" will be provided).


When is the mainstream media gonna pick this up!!


If you want the convenience of iTunes without the restrictions of their DRM, you can buy songs and use this tool:


Legal disclaimer: I advise that you follow all laws.

Shawn Fumo

Magnatune is great (lots of audio formats and really supporting the artists). I wouldn't support allofmp3, as that seems like an illegal service which just exists in Russia due to loopholes in the laws there.

IMO, the best site all-around for non-DRM music is eMusic. Tons and tons of indy labels and only about 25 cents a song. It uses a subscription ($10 a month for 40 songs) instead of pay-as-you-go, which is kind of annoying, but it is great overall. I think $1 is too much to pay for a song, especially with DRM...

Omuf Nwahs

allofmp3.com is legal - in Russia. Unblocked loophole(if that's what you want to call it) = legal. If americans in the U.S. own a piece of it or do business with it, they are the ones who have to deal with any s-storm. But there will not any. The world doesn't rotate around the RIAA and the United States government.

Tom Ciarlone

Class Action Law Firm Investigating Sony CDs:
My law firm is investigating the situation surrounding “rootkits” on Sony-label CDs. In connection with our investigation, we are interested in learning more about the experiences consumers have had with those CDs. I can be contacted at (212) 239-4340 or, by e-mail, at tciarlone@lawssb.com.

The comments to this entry are closed.