Sean Sperte

Rootkit 2: Doom and gloom

09 November 2005

A followup on my post yesterday about the Sony rootkit issue, and why the DRM war is everyone’s battle. Where do I begin with this? Sony has a massive PR mess on their hands, one that could potentially spell disaster for their BMG division.

I was, as confessed, a wee bit off on the details in my last post. After investigating further I now understand the rootkit nature and the [admitted] reason for the software in the first place. Let’s rehash (again), shall we:

  1. A rights-protected CD from Sony BMG is bought and placed in a computer CD drive
  2. The CD can be copied to three other “backup CD’s” but isn’t able to be played by Windows Media Player or any other CD player software but instead:
  3. Asks to install and use its own software to play the CD (see the ELA)
  4. The installer places more than the named player on the computer, but also installs a rootkit, which cloaks Sony’s DRM software and a process called Aries.sys
  5. Attempts to uncloak and unload the Sony DRM result in loss of CD drive operation (which can be restored with genius-like care and strategy)

Now here’s where it gets interesting because, as Mark points out, not only is this rootkit undisclosed, but there’s also no way to effectively uninstall the software. And Sony has yet to come clean about it!

Since the story broke Sony (or First 4 Internet, the developers of the Sony DRM) has released a “Service Pack 2” which claims to “patch” the problem, but it only updates the Sony DRM and can potentially crash the system when unloading the drivers. Yeah, nice fix. Most users don’t even know there’s a problem (since it’s a rootkit and hides every evidence of its existence).

And there’s still no uninstaller – at least not one readily available to the public!

So here we are, midway through November, and still no formal apology or fix from Sony or F4I. Here’s what Mark has to say (emphasis mine):

… the EULA does not disclose the software’s use of cloaking or the fact that it comes with no uninst facility. An end user is not only installing software when they agree to the EULA, they are losing control of part of the computer, which has both reliability and security implications. There’s no way to ensure that you have up-to-date security patches for software you don’t know you have and there’s no way to remove, update or even identify hidden software that’s crashing your computer.

Instead of admitting fault for installing a rootkit and installing it without proper disclosure, both Sony and First 4 Internet claim innocence. By not coming clean they are making clear to any potential customers that they are a not only technically incompetent, but also dishonest.

Then there’s the quote/soundbite from Sony Global Digital Business prez:

Most people, I think, don’t even know what a rootkit is, so why should they care about it?

As one commenter said, that’s like saying, “most people don’t even know what a thermite grenade is, so they won’t care if an active one is underneath their pillow.”

It gets even worse, though, because Sony is making this crap SOP before the end of the year, and others are following suit.

This gets back to my previous post regarding the nature of DRM and the war that’s brewing. Make no mistake, our freedoms, be they digital or otherwise, are being threatened. It goes beyond being able to burn our own CD’s or listen to music; it stems all the way to the way we interact with each other online, the ability to download files, and even ownership of content we’ve purchased.

Here’s the doom and gloom: The water’s already heating up, and if we’re not careful to take action, we’ll be boiling before we know it. We will be living in a rental world, where we own nothing and everything comes with a pricing scheme that rises and falls based on the whims of CEO’s and “creators” of content. The liberties we now have (to watch TV, record shows, buy and play movies, buy and play music, et al.) will be told of in stories, and remembered as the days of freedom and choice.

The possibilities go on, and get darker. Is DRM by nature evil? No. But just like money, what can come from the love of it, is evil. That is why this Sony thing scares me so much; and why I’m boycotting them. Once a company has become so paranoid about protecting their cash flow that they lower themselves to criminal-type methods of retaining control, they must be boycotted.