funsec mailing list archives
Re: Sony, Rootkits and Digital Rights Management Gone Too Far
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Wed, 02 Nov 2005 15:36:00 +1300
Florian Weimer wrote:
The really interesting question is if you can legally publish software which removes such rootkits. Even detection is a tricky subject.
When first discovered, there was some concern that researching the thing may leave one liable to allegations under the DMCA because this "rootkit" is part of a copy-protection mechanism. My personal opinion on this is that such an accusation is baseless, as the "rootkit" functionality is instaleld without permission, is unremovable and deliverately compromises the security of its "victims" machines (it hides directories, files and reg keys (values?) whose names start with "$sys$ -- it will probably be a few weeks before we see a bot, virus or worm incorporating this "for the hell of it", but it's almost sure to happen now the sloppy design of this crap-ware has been publicized). The "required media player" (it clearly isn't -- the company behind this copy protection program is proud of the fact that discs made using their protection scheme are legitimate Red Book discs and thus may rightly claim them to be "CDs", and inserting the discs in a Mac or Linux machine, or a Winbloze box with autorun disabled or not running as a user with admin privs leaves the disc totally usable by other mainstream audio CD player sofwtare, as it is a Red Book audio disc) does not need to be so heavily protected (and if hadn't been, it wouldn't have raised such a stink). Worse, the EULA does not mention the rootkit functionality and that functionality is not a necessary part of the media player. Even worse yet, the sofwtare is not uninstallable. The previous two points mean that Sony (through its bundling of this third-party application) are in direct breach of several already, or about to be, enacted "anti-spyware" regulations. I believe that California already has such regulations and although New York doesn't have specifically "anti-spyware" regulations, the DA's office there has been actively persuing some "anti-spyware" cases through its existing computer crime/misuse regulations. Savvy CA and NY lawyers should start class-action suits against Sony BMG... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far, (continued)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Rob Thompson (Nov 01)
- RE: Sony, Rootkits and Digital Rights Management Gone Too Far Aditya Deshmukh (Nov 01)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Craig Webster (Nov 01)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Valdis . Kletnieks (Nov 01)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Craig Webster (Nov 01)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Nick FitzGerald (Nov 01)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Valdis . Kletnieks (Nov 01)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Nick FitzGerald (Nov 02)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Dude VanWinkle (Nov 01)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Drsolly (Nov 02)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Nick FitzGerald (Nov 01)
- Re[2]: Sony, Rootkits and Digital Rights Management Gone Too Far Pierre Vandevenne (Nov 01)
- Re: Sony, Rootkits and Digital Rights Management Gone Too Far Valdis . Kletnieks (Nov 03)
- RE: Sony, Rootkits and Digital Rights Management Gone Too Far Larry Seltzer (Nov 01)