dave
Premium,MVM
join:2000-05-04
not in ohio
 ·Verizon Online DSL
 ·Verizon FIOS
| DRM implementors == black hats
In Mark Russinovich's blog, he describes how an implementation of DRM uses rootkit techniques to hide various kernel objects from view.
The DRM software from 'First 4 Internet' uses a kernel device driver to hide filename and registry names beginning with '$sys$'.
Attempts to remove the software resulted in Mark's CD being disabled.
This is loathesome and underhand.
It also introduces a gaping hole through which malware (or 'more malware', I suppose) can be introduced into a system.
The DRM system is used by Sony Music. |
|
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire
|  good read, thanks
"..
The entire experience was frustrating and irritating. Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files.
While I believe in the media industry’s right to use copy protection mechanisms to prevent illegal copying, I don’t think that we’ve found the right balance of fair use and copy protection, yet. This is a clear case of Sony taking DRM too far. ..."
Cudni
--
....nothing but a well informed optimistHelp yourself so God can help you |
|
B
Premium,MVM
join:2000-10-28
| reply to dave
Reminiscent of Intuit's use of virus-like seizing of the MBR/EMBR/boot sector with TurboTax. They paid dearly. Sony won't, at least for a long while yet.
»slashdot.org/article.pl?sid=03/0···&tid=185
-- B
--
In a realm outside causality and function |
|
ZOverLord
Premium
join:2003-10-20
Minneapolis, MN
1 edit | reply to dave
Yep,
The Amazing aspect of this is take your average DVD by these companies that are constantly complaining of their Product ("Music/Movies") being copied Illegally yet they seem to not be capable of being HONEST about what they are trying to install in their ADD-ONS ("In any Detail") on your computer when you wish to use what you purchased legally.
Go Figure.
--
Black, Grey and White Hats Unite here -> »testing.OnlyTheRightAnswers.com |
|
justin
Australian
join:1999-05-28
Brooklyn, NY
Host:
IPv6
Business Connectiv..
Home/Office setup ..
Console/Handheld g..
Console Tech
| reply to dave
I'm sure microsoft has a division that works with media companies to help with their DRM needs. Do you know for sure that microsoft recommends a different way to do DRM that is not so difficult to remove? perhaps they actively help companies do it the evil way. After all - their roadmap for DRM is to make it part and parcel with not just the OS but tbe silicon. Why would microsoft be interested in transparency on the subject? |
|
antiserious
The Future ain't what it used to be
Premium
join:2001-12-12
Scranton, PA | reply to dave
.. wow ... and this (DRM) is the future ? ...
... how's the average schmoo supposed to figure out how to clean up a mess like that ...
--
... "Do You Know Where Your Towel Is ?" ... |
|
Vig
Thread-safe since 1997
Premium
join:2004-03-23
San Diego, CA
| reply to dave
It will be interesting indeed to see where this leads if some kind of anti-spyware legislation ever comes about. Depending on how broadly terms are defined, it could end up making tactics like these actionable. Usually laws against things like spam, spyware etc. end up being unenforceable due to being unable to find or exercise jurisdiction over the perpetrator, but having a deep-pockets target like Sony to go after would make any law covering hostile software tactics like this a serious problem for them.
--
Visit the land of the never-setting sun |
|
dave
Premium,MVM
join:2000-05-04
not in ohio
·Verizon Online DSL
·Verizon FIOS
| reply to justin
I'm not sure what Microsoft has to do with this.
You'd hope that if Microsoft were somehow behind this, they'd use programmers who had more of a clue than those responsible for the mess that Russinovich ran into. I can't see anyone on the NT core team doing such a poor job. That "check every N seconds" nonsense smacks of someone whose expertise is in not-very-good user-mode apps.
You're right that Microsoft can of course implement irremovable DRM simply by, for example, embedding it in the kernel image. But that doesn't seem to be relevant to this case. |
|
John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England
| reply to dave
One thing you can be sure of: someone will find a way of getting around it. A company such as DVDIdle or AnyDVD, who are both used to getting around various protections.
--
Better to remain silent and be thought a fool, than to speak and remove all doubt. |
|
Michael Swallow
@pipex.com | reply to dave
You can't buck the market. People don't want spyware on their computers and they will prefer to do business with companies shrewd enough to realize this. |
|
ZOverLord
Premium
join:2003-10-20
Minneapolis, MN
| said by Michael Swallow :
You can't buck the market. People don't want spyware on their computers and they will prefer to do business with companies shrewd enough to realize this.
This ASSUMES that the average person can stumble on information like this, or has the ability to isolate where it came from, and on a DVD by DVD basis.
--
Black, Grey and White Hats Unite here -> »testing.OnlyTheRightAnswers.com |
|
jbob
Reach Out and Touch Someone
Premium
join:2004-04-26
Little Rock, AR | reply to dave
Is this one of those that can be avoided by having AutoRun disabled? I saw no mention of this. |
|
John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England
| said by jbob  :Is this one of those that can be avoided by having AutoRun disabled? I saw no mention of this. I expect so.
--
Better to remain silent and be thought a fool, than to speak and remove all doubt. |
|
Unregistered user
| reply to dave
Quick! Someone e-mail CNN!
Actually, I'm being serious. Just for fun, let's say CNN picked this up and ran it. Imagine the black eye Sony would end up getting. Spyware and viruses are a really hot topic right now, and the media loves stories about them.
And before someone says they'll never allow a story like this to run, they recently ran a story about artists being upset over their labels' use of DRM and them telling fans how to break it. |
|
antiserious
The Future ain't what it used to be
Premium
join:2001-12-12
Scranton, PA | reply to dave
Re: DRM implementors == black hats
... three different posters talked about DVD's, even though the original post referred to a copy-protected CD ...
... hmmm ...
--
... "Do You Know Where Your Towel Is ?" ... |
|
John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England
| said by antiserious :... three different posters talked about DVD's, even though the original post referred to a copy-protected CD ... ... hmmm ... That is because the same software that removes protection on DVDs, also removes the protection on CDs.
--
Better to remain silent and be thought a fool, than to speak and remove all doubt. |
|
antiserious
The Future ain't what it used to be
Premium
join:2001-12-12
Scranton, PA |
... I see ... not much consolation for someone that simply wanted to play the cd they bought, but good to know ...
--
... "Do You Know Where Your Towel Is ?" ... |
|
psloss
Premium
join:2002-02-24
Alpharetta, GA
| reply to dave
Sorry for the quick tangent, but I thought this was interesting in the "obscuring system call hooking" department:
quote:
They’ll have to come up with a new approach to their rootkit sooner or later anyway, since system call hooking does not work at all on 64-bit versions of Windows.
Philip Sloss
--
Feedback? e-mail: stuff@lupwa.org |
|
Khaine
join:2003-03-03
Australia | reply to dave
It would be nice to see a class action lawsuit brought against sony. This I'm sure is a violation of some law, or some tort. We need to take a stand, this action is vile, and frankly only encourages me more to not buy sony products. |
|
INHCNN
join:2001-12-15
Lansing, MI | reply to dave
The first question that comes to mind: How will AV companies respond to this?
--
"Pressure makes diamonds."
--General George S. Patton |
|
