yo yo yo search it!

Thursday, November 10, 2005

even a commercial (NON PIRATED) cd has spyware on it

what is safe these days?

Spyware From A CD? Sony's Anti-Piracy `Rootkit' Secretly Monitors CD Use, Can Open Door To Hackers Or Disable Your Hardware
ADVERTISERS
By MATT BRADLEY
Christian Science Monitor
November 10 2005

Mark Russinovich, a software designer in Austin, Texas, wasn't too surprised to find something ghoulish lurking in his hard drive when he ran a routine virus check on Halloween. When he discovered it was a "rootkit" - a kind of software commonly used by viruses, spyware and other "malware" to mask themselves among normal files - he chalked it up to the usual aggravating tricksters.But when Russinovich, chief software architect for Winternals Software, did a thorough investigation, he was shocked to find the source of the rootkit: a commercially produced music CD from Sony BMG. Not only that, but when he manually tried to erase the program, it disabled his computer's CD drive.Russinovich posted his findings, in excruciating detail, on his weblog at sysinternals.com. His Van Zant album had automatically installed the rootkit to hide custom anti-piracy software when he played the CD on his computer. The blogosphere erupted with invective. They accused Sony of using "hacker ware" and programming computers to spy on their owners - and possibly opening a "backdoor" for hackers.Sony's software was designed by First 4 Internet, a British copyright-protection firm, which acknowledges a "theoretical" security risk posed by the rootkit. According to First 4 Internet CEO Matthew Gilliat-Smith, the rootkit application could create a secret back door for hackers. Sony has hastily posted a patch program to reveal the rootkit, but some say it doesn't go far enough."It definitely hit a nerve with a lot of people," says Russinovich. "I think part of it is the encroachment on our everyday lives, people being afraid that we're losing our right to privacy, our right to control our own property."The discovery highlights the music industry's growing concern, even desperation, in the face of increasing competition from digital music sources and loss of income from piracy."These companies are trying to - in their effort to reduce copying - erode users' control over their own computers," says Ed Felton, a professor of computer science and public affairs at Princeton University. "There are other companies that offer other kinds of copy-protection technologies, and there is a danger that they will stray across the line as well, or maybe even already have."Part of Sony's anti-pirating strategy is that some of its music will play only with media software included on the CD. When a user inserts the CD, he or she is asked to consent to an "end user licensing agreement" for a Digital Rights Management application. If the user agrees, the rootkit automatically installs and hides (or "cloaks") a suite of DRM software.........

1 comment:

Anonymous said...

i installed an AOHell 9.0 update from a disc last weekend, you know the kind that's mass produced and mailed, and the thing was viral. It was a REALLY HOT virus too! The entire machine had to be reformatted. How many people are going to enjoy that little jaunt?