The Sony DRM Scandal And Howto Detect Sony Rootkit Installations




2005 was the year the Sony scandal erupted, prompting huge numbers of people to ask howto detect Sony rootkit installations. What was it that took millions of consumers -- and Sony -- by surprise?

The scandal followed Sony's strategic decision to aggressively pursue Digital Rights Management (DRM), a form of copyright protection. But their mistake was to install the Sony DRM rootkit on their audio CDs, causing worldwide condemnation when it was discovered.

We'll be looking at the Sony debacle in more detail, as well as talking about how to guard privacy and security against this root-kit...

  1. How it all started
  2. The problems caused
  3. Detection and removal of the rootkit

1. Howto Detect Sony Rootkit...
How It All Started

The idea of ensuring strict copyright measures has always been present with corporations, such as Sony.

However, the trampling on the individual's rights to guard privacy adopted by Sony was foretold in a speech at the Americas Conference on Information Systems. Mr. Steve Heckler, Senior VP for Sony Pictures Entertainment, said...

"The industry will take whatever steps it needs to protect itself and protect its revenue streams...It will not lose that revenue stream, no matter what... Sony is going to take aggressive steps to stop this.

We will develop technology that transcends the individual user. We will firewall Napster at source -- we will block it at your cable company, we will block it at your phone company, we will block it at your ISP. We will firewall it at your PC..."

This speech was merely something to prepare us for the scandal that followed the public revelation of the DRM rootkit by outside sources... and which culminated in world-wide demand for howto detect Sony rootkit installations.

After this speech, Sony took copy protection measures for installation on their audio CDs...

Sony's Copy Protection Measures

There were two forms of copy protection taken by Sony...

  1. The XCP software (Extended Copy Protection), which was installed on 52 albums
  2. The MediaMax CD3 software, which was installed on 50 music albums

In total, about 4.7 million CDs were affected. The rootkit, known as 'Aries', was developed by First4Internet to hide Sony's DRM protection software.

Each of the two copy protection measures caused the Sony DRM rootkit to be installed on each computer that played the CD. It was essentially spyware in its purest form... it was hidden and was monitoring the user on their computer.

The DRM root kit also interfered with the normal operation of the Mac operating system (OS) and the Microsoft Windows OS by opening security holes and increasing the potential of malware infections -- more of this in the next section.

Not only that, it made users feel like they couldn't guard privacy on their own computers. Many computer users and companies accused Sony of violating their privacy and exposing them and their computers to risk.

Of course, the company defended its actions claiming the rootkit was only a method of preventing illegal copies of their audio products being made. Many ethical questions were raised in the debate, but the general public was 100% against the spying techniques employed by Sony.

Eventually, Sony was taken to court by several parties and the company forced to recall the CDs.


2. Howto Detect Sony Rootkit...
The Problems Caused

There were several security issues that made the DRM root kit so problematic. Most of them were caused by flaws in the design of the programs which were easily transformed into security holes, allowing easier access for viruses and worms.

There were a few other issues...

  • The XCP software was installed before the End User License appeared, giving the user no chance to refuse installation
  • There was no uninstall for the rootkit
  • Resource draining was another problem. As the program runs in the background, it does take it's share of the system resources. While there were no accurate measurements to support this, the fact that background running programs slow down a computer is well known
  • One final major argument against the technical design of the Sony DRM rootkit was that its start and stop procedures were not safe and they could lead to system crashes

3. Howto Detect Sony Rootkit...
Detection And Prevention

I. The Sony Rootkit Uninstall

Sensing the gathering forces of a public scandal and demands for howto detect Sony rootkit installations, Sony released a software program that was meant to remove the Extended Copy Protection software.

However, some security experts noticed that the rootkit removal software did nothing more than to aggravate the same problems that the rootkit had. In fact, the removal software only unmasked the hidden files of the rootkit and didn't remove them.

II. Manual Prevention

  • One obvious way of protecting your system from the Sony DRM rootkit is to purchase CDs that are not copy-protected
  • Another method is to disable the autorun function of the system (hold the SHIFT key as the CD is slotted in to the drive)
  • Use the CD on a limited user account... the software won't have enough rights to install itself
  • If you're using a Linux system, the Sony DRM rootkit does not get automatically installed

III. Software Programs

Software programs for specifically howto detect Sony rootkit installations have been developed. The program I'd recommend is the Lavasoft Aries Rootkit Remover.

As Lavasoft claims, "This stand-alone tool is a reliable, trustworthy, and safe way of removing the rootkit -- unlike Sony's own rootkit remover that has been known to cause blue screens."

This software removes the Aries rootkit only. It does not affect the DRM software. Once the rootkit is removed, you can listen to the CD on your computer without the Aries rootkit installing. To download, click here Lavasoft Aries Rootkit Remover

Due to the raising of public awareness about rootkits, there are now software programs that will detect and remove rootkits in general, rather than a program for each rootkit. For more information on these programs, just click on the article link in the section below...


1. Howto Detect Sony Rootkit...
Other Rootkit Articles

  1. How To Defeat A Rootkit... What Is A Rootkit?
  2. How To Defeat A Rootkit... How To Manually Detect A Rootkit
  3. Commercial And Free Rootkit Scanner Downloads
  4. HowTo Detect Sony Rootkit Installations

Google
Webwww.guard-privacy-and-online-security.com

New! Comments

Have your say about what you just read! Leave me a comment in the box below.