« The handheld street directory | Main | The new cave »

November 01, 2005

The consumer: Sony's cannon fodder

You may have thought, because you paid them for that music CD, that Sony would respect you enough to leave you to enjoy it, unmolested. But no, it turns out that Sony doesn't really think you've made a purchase. It thinks you've volunteered to join their nasty little commercial war with Apple over whose Digital Rights Management software will prevail.

First we came upon this disturbing little story about a music lover who discovered that Sony had crippled a CD he'd wanted to buy with Sunncomm's latest DRM software, which meant it wouldn't play directly on the iPod. Nor could you easily make a backup copy, or travel discs. That makes it, for most of Sony's potential customers, practically useless.

It's useless for the artists too, and their label, none of whom was apparently aware that Sony, as distributor, had unilaterally co-opted them into their army, without their knowlege and approval. Consequently, the label is giving fans some clues on how to get around the DRM.

Then we got an email [thanks Matt D.] referring us to Mark Russinovich's Sysinternals blog, which detailed his discovery that a Sony BMG CD had infected his system with a Rootkit - a piece of cloaking technology that is generally used by the malware industry - to mask installation of the software equivalent of a pair of jackboots. It not only limits what owners can do with their purchase, it's also poorly written, provides no means for uninstall, and is likely to cripple a user's computer if he were to attempt to delete the files.

Bleeding Edge think that this fits the definition of malware. Consequently, we've decided to institute an immediate blackban on all Sony BMG music. We suggest you might like to do likewise.

Posted by cw at November 1, 2005 04:38 PM


The new 'Blu-Ray' high definition DVD even adds the ability for companies to remotely disable the device. Not surprisingly, this is a Sony invention.

The thing is, that as company's make it more and more dangerous to use their products, they encourage consumers to instead download from the internet. They need to be making it easier to buy and use legitimate products, not harder!

Posted by: Jeremy Howard at November 1, 2005 06:44 PM

The EULA (the thing you have to agree to to use the CD) clearly states that the CD installs software that stops you copying it, etc.

It couldn't stop you doing anything if you could easily get around it now, could it?

I'd say you're skirting pretty close to the line calling this "malware". It's certainly not an accurate description (ie not the truth), you actually state that your actions are intended to harm Sony's commercial reputation, and there is no "public interest" defense -- people agree to the EULA when they install the CD.

So, all up, pretty much textbook libel, but then IANAL.

Posted by: Fred Nerk at November 2, 2005 12:26 AM

Yet another reason not to buy anything from Sony, Mr Nerk: it reserves the right to change its EULA at any time, without your knowledge and consent. And in this case, apparently, it has done just that. Scarcely any consumers are aware of the effect of EULAs, and companies are aware of that, and try to take advantage of it. They routinely attempt through these so-called agreements to remove the legal rights of consumers. The fact is, they do not over-ride consumer legislation. Consumers have rights, and they should be far more aggressive in asserting them.

As for your pronouncements that my comments are defamatory: I'm glad you're not my lawyer. Let me say it again: the characteristics of this software, and the method of its deployment, are in my view indistinguishable from malware. Sony should not have adopted it. It should recall it immediately. Until it does so, consumers should not buy the company's products.

Posted by: cw at November 2, 2005 08:25 AM

well, well, well, seems like it's back to 'taping' the cd (in this instance playing on a stand-alone cd player and recording in real-time using third party software to create a .wav file and converting with the same software to .mp3 with NO DRM issues - just like the old cassette) to get full use of the product which I (may) own.

It may be more time-consuming and a little inconvenient, but once done, you have full use of the product for re-transcription to archive, copy for use in vehicle or download to player. T

here is also apparently some software which can disable the DRM but have not tried it so-far. Now that I know that SonyBMG have egged their cds I will also boycott their products, I didn't agree to having the music company install software on my machine, I only agreed to let Bill do that for updating purposes.

Posted by: thewolf at November 2, 2005 08:55 AM

cw, glad you pointed out the consumer legislation since Fred is far from the first person to place weight on 'fluid' EULAs while displaying total ignorance of genuine consumer legislation that is there to protect consumers from exactly this kind of action.

The real test is to ask yourself, did you get what you paid for? If not then you have recourse. In my view, anyone feeling stung by actions such as the ones taken by Sony should refer the matter to their State consumer body with a formal complaint.

Posted by: ajm at November 2, 2005 11:26 AM

That Sony is even allowed to distribute CDs containing this malware in Australia is yet another example of our pathetic regulation with regard to the market. It makes a joke of the pretensions of the Liberal party to be a party of capitalism (of course this is no surprise, it's always obviously been the party of wealthy vested interests, it just uses pro market propaganda when it suits).

Sony has vertically integrated its business, producing both entertainment product and the means to use it. It thus has two interests in using its market power to subvert the market and disadvantage consumers. First, it wants to completely control and extract as much rent as possible from consumers who wish to use its product (and it wants to do so while mantaining the fiction that you are "buying the product"). Second it wishes to knock out competition from product that plays the music and video(such as ipod), since this equals higher profits in terms of control over the entertainment product, and in terms of units of Sony entertainment playing equipment sold. As such its strategy is a clear abuse of market power in an attempt to create a monopoly position. Any halfway decent market regulatory regime would make this illegal.

I concur with you Charles in terms of boycotting Sony. I would suggest (a) don't buy their equipment, CD and DVD Roms and Writers, and other home and mobile equipment. If you do you are buying product hard wired by design to make you pay rent for Sony entertainment product, basically paying them to apply means to squeeze more money from you. (b) if you want to listen/watch Sony products seek out ones from which this type of malware has been removed. And make an effort not to pass it on by removing it yourself.

Posted by: tflip at November 2, 2005 11:43 AM

I just checked the new CD from Xavier Rudd that I purchased two days ago to ensure it was not Sony. As if that was the case I would have started the march back to the shop with it and let them know that I came here to purchase my favourite artist's new CD 'Food in the Belly', I most certainly did not come in for the title ‘Rootkit Malware for PC' title.

‘First4Internet’ really lives up to the company name. I would think that they are the first company to manufacture a rootkit/malware and distribute it with the backing of a global company such as Sony. The spin that will follow this in the near future will be very interesting. I cannot think of any term or spin that can be put on the fact you are trying to install a darn rootkit on my PC. It is far worse than anything that Napster or Kazza did online. At least with those we knew to run antivirus and other protection as the chance of getting infected by something there was very high. But to get it from Sony on a company issued and sanctioned CD is truly mind-boggling. I wonder if in the press release that Sony will be releasing soon that they will publicly recall the 1 million CD’s that have a rootkit on them and apologise to the music listeners of the world for trying to ‘Root’ them.

‘Sony’ DRM (Darn Rootkit Mungrel)

Posted by: Stephen at November 2, 2005 03:38 PM

First4Internet's other clients -- who include Universal Music Group, Warner Music Group and EMI -- are using XCP for prerelease material.

from Cnet

Posted by: Stephen at November 2, 2005 03:42 PM

So much whining! You'd think this was a British blog!

Get over yourself Stephen, you HAVE purchased a "SomeArtistName" CD.

Play it on your CD player, and nothing installs at all.

Stick it into your (Windows) computer, and it tries to protect itself, in line with the agreement you came to with the owner of the music about how you would use it.

If you don't like the agreement - don't stick it into your (Windows) PC, or don't buy it at all.

It's NOT just Sony -- if you think that you are kidding yourself.

Just as store owners will continue to invest in technology to stop theft, content owners will continue to invest in technology to try and stop theft.

"Allowing your bags to be searched is a condition of entry to this store."

"Allowing a small program to be installed on your PC is a condition of using this product with your PC."

There is _absolutely no difference_ between those two statements morally, ethically, or legally.

Posted by: Fred Nerk at November 2, 2005 05:50 PM

The software installed by this CD is not just any old software. It is a rootkit, under any definition of the term. It installs system files that change the working of the PC to hide its operation. It opens backdoors that other software can then use to cause you further problems - in this case, any virus can create a file with a special name, and it will be invisible to you.

Furthermore, I do not expect it is reasonable to assume that someone who simply listens to a CD, would read a legal agreement to determine whether listening to music will cause their operating system to be hacked to remove their ability to use it fully (in this case, to be able to see all the files on their system).

Posted by: Jeremy Howard at November 2, 2005 06:34 PM

LOL Fred, don't let facts get in the way of making a weak argument be it about libel, contracts or legislation.

The store analogy is a strange one to use since neither the bag check nor the EULA hold any real legal weight whatsoever. Stores get away with it because people generally want to do the right thing and there's a good deal of bluff involved. If you think otherwise then you're truly kidding yourself.

The real difference though is that the store doesn't change this policy while you're in the middle of the store. They don't insist you wear a tracking device while you're there and they don't hide the signs under pages of legal jargon.

I think the whole "don't buy it at all" argument was the one CW started the whole blog with in the first place. Methinks you don't actually have a point and you're just in it for the argument now.

Posted by: ajm at November 2, 2005 07:24 PM

Posted by: Ananda Sim at November 2, 2005 07:51 PM

A root kit - for f***'s sake...

Who do they think they are?

Posted by: Raoul at November 2, 2005 09:39 PM

Unfortunately Fred, and Sony, you have to stick in in your computer to first of all read, and then acknowledge, the agreement. But, fortunately, for research purposes, you can go read it here. I did. It took me 30 minutes to read and absorb it. You might do it quicker, particularly if you wish to make fun of me in a rebuttal.

The EULA makes no reference to software that actively hides itself whilst running, stays resident and performs tasks that have no relation to digital rights management, and cripples a user's computer if that user attempts to remove it without taking the necessary, not to mention very complex, steps. In fact, by following the terms of the EULA, if the CD leaves the possession of the consumer (ie they sell it, lose it, or destroy it), the consumer is bound to take action that will result in a crippled PC - if they do not go about the action as the very experienced computer expert did in this page. From the EULA, Article 9, section 3: Upon the expiration or termination of this EULA, you shall immediately remove all of the LICENSED MATERIALS from your personal computer system and delete or destroy them, along with any related documentation (and any copies thereof) that you may have received or otherwise may possess.

All fine and good, but no uninstall tool or method is included with this particular piece of software. Let's put that bag-searching example in the same league:


"Allowing your bags to be searched is a condition of entry to this store. We will search your bags in any way we see fit, and continue searching them as you shop. We will stop searching your bags at a time nominated by us, and leave your bags unattended at the front of the shop. You will not hold us liable should your valuables be stolen. If, at any time, you decide to leave our store, you must stop us searching your bag if we are still doing so. Be warned that stopping a search before it is complete may damage your bag. You will not hold us liable for any damage your bag, or valuables, incur during searching."


I can see patronage skyrocketing there.


Important to note: The Sysinternals blog mentions steps to remove the software. At no point is DRM circumvention mentioned.


Sorry Fred. Leaping gallantly to Sony's defence is probably about as popular a post subject as regular bathing tips on that British blog you mentioned. You've gotta expect some backlash, and I know you do. For me, it's not about the law - it's wondering when Sony, and companies like Sony, are going to figure out that people basically want to do the right thing, but they just won't if it's too difficult or too expensive to do so. My wife sells beads on eBay. We don't employ marketing staff, analysts, expensive bead producers, there is no packaging, we don't hire lawyers. We simply buy beads wholesale, and sell them. If we price them too high, people won't buy them. It's as simple as that. My attitude to music is the same. If CDs are too expensive, or I cannot play them using the player of my choice, I won't buy them. So I'm already not buying those CDs that I know are copy protected. Unfortunately, Sony makes it very difficult for less computer literate people to make an equally informed choice. The CD in question has a total running time of about 41 minutes. The EULA takes 30 to read, at least. It's legal, but it's also unreasonable. And it is uninformative. The DRM software itself may even break some of Australia's cybercrime laws, which would make the agreement as unenforceable as if it stipulated that you kill someone before you start listening to the CD.

I'm with Bleeding Edge - I think this piece of software takes DRM too far, and I think it sits closer to the definition of malware than it does to the definition of DRM software. Sony may be negligent in letting this piece of software appear on products that they are selling to consumers. I have had a blackban on Sony for quite a while now, and I also suggest that others might do the same, if they liked. Instead of solving this with a libel suit, which would be unenforceable due to the fact that CW and myself are expressing our personal opinions on the matter, perhaps it could be solved by Sony taking steps such as properly testing a product before they put it on shelves, including tools and methods to remove software that they install, and putting clear, informative warnings on the CD cover itself regarding the nature of the DRM software on the CD. While they're there, dropping the price of their library of music in general, making more historical content available, and making their CDs easier to use in whatever way the buyer wishes might cause filesharing and piracy to drop, and net them more revenue. Just a thought.

Posted by: The Bairnsei at November 3, 2005 12:52 AM

Rootkit schmootkit.

"Rootkit" is nothing but a buzz word slapped onto this by a tech-head who tried to uninstall his own CD drivers. What a wally. I showed that page to a techie at work today, and he nearly cried laughing at the guy. "Classic script-kiddy" were his words, "tearing the guts out while the machine's still running, and wondering why it stops working."

Play games on your PC, do you? Do you use Microsoft Office? Have you downloaded a Windows update? Banked online and clicked "trust" when the warning window came up?

There are dozens of things you could _justifiably_ be paranoid about with relation to software installing "itself" (cue spooky music....IT'S ALIVE!) on your PC.

Getting wound into a knot over software you agreed to have installed on your PC as a condition of using this (or dozens, nay hundreds) of other CDs is pointless.

There is only one solution. If it bugs you, don't buy it.

Posted by: Fred Nerk at November 3, 2005 01:23 AM

"Allowing your bags to be searched is a condition of entry to this store."

Actually as far as I am aware this sign is meaningless, nobody except the police are entiitled to search your bags and they either have to have a warrant or reasonable suspicion.

Installing anything on my computer that I don't want is ethically wrong. As is Sony's stance against iTMS (not the stance itself but by conscripting its artists into the cause whether they like it or not).

Posted by: Chris at November 3, 2005 03:17 AM

Disable Auto-Run?

Posted by: Stuart at November 3, 2005 09:52 AM

A storm in a tea cup. Freds right, stop whining. A protest for the sake of protest.

Posted by: Stuart at November 3, 2005 10:24 AM

Fred, you need to get yourself a new techie. Any self-respecting geek knows Mark's name well - his brief bio is: "Mark Russinovich is a senior contributing editor for Windows IT Pro and chief software architect for Winternals Software. He is coauthor of Windows Internals, 3rd edition (Microsoft Press) and many popular Windows utilities, including Process Explorer, Filemon, and Regmon." His work at sysinternals is one of the most important sources of information and tools regarding the Windows operating system.

To call him a 'script kiddie' displays great ignorance. It provides a useful context for your comments in this thread.

Posted by: Jeremy Howard at November 3, 2005 10:59 AM

It is alright to say "If it bugs you, don't buy it." But 99% of thepeople who buy this CD would have no idea how much playing it on their computer will bugger it up.

The product isn't just music, it is the music from a particular artist you want to support. There is no other "equivalent" product available (unless you download from an illegal site).

Sony are b*!@#$d for doing this to the artists CD's and b*!@#$d for not making their music available online.

Download whatever you like. and if you feel guilty for not supporting the artist, buy some of their merchanidse off the web. They will get a bigger cut than do off the CD sales anyway.

Posted by: Jim Bob at November 3, 2005 11:05 AM

This highlights yet another example of what is wrong with today's society. Big business, aided by Bush and Howard governments, now tell us what we can do with a purchased product. It's like dealing with the mafia. Big business has it way too easy, being able to dictate to consumers. Like CW I believe it's time to fight back. Give very ceareful thought to what you purchase. Why encourage and reward these fascists?

Posted by: Peter at November 3, 2005 11:17 AM

Jeremy, when you sink to labelling others ignorant because you disagree, it demonstrates your weak argument because you resort to personal attacks. Mark would understand that he cannot label the use of Kernel mode device drivers as Malware. F-Secure certainly don't in the review(no threat). Sony has every right to use any technique publicly available (such as Callgates into RING 0) and I expect it will defend any accusations of Malware. If you don't get a legal notice to cease then it is probably because you are just an insigificant little fish.

Posted by: Stuart at November 3, 2005 11:47 AM

Sony and First4Internet gives in:

"We want to make sure we allay any unnecessary concerns," said Mathew Gilliat-Smith, CEO of First 4 Internet. "We think this is a pro-active step and common sense."

LOL! He was the guy who either authored or asked the rootkit to be authored in the first place.

Posted by: Ananda Sim at November 3, 2005 11:58 AM

Sony have replied...

Sony BMG Music Entertainment and a technology partner are working with antivirus companies on a fix for a potential security problem in some copy-protected CDs.

Here is the Sony update and the FAQ

Over at the FAQ at Sony

6. I have heard that the protection software is really malware/spyware. Could this be true?
Of course not. The protection software simply acts to prevent unlimited copying and ripping from discs featuring this protection solution. It is otherwise inactive. The software does not collect any personal information nor is it designed to be intrusive to your computer system. Also, the protection components are never installed without the consumer first accepting the End User License Agreement.

A legal point of view is posted here

Another security based review of what the main 'features' or this software are here

Here are some of the comments from the legal post above:-

If you'll read Mark Russinovich's blog entry, you'll notice several things that this XCP software does in addition to hiding itself like malware:

- scans the executables corresponding to the running processes on the system every two seconds

- degrades system performance 24/7 (not just when the media player is in use)

- uses misleading names such as "Plug and Play Device Manager" to deceive users into thinking it's a legitimate part of Windows

- tampers with the low-level operation of the system, causing stability and compatibility problems

- installs hooks and filters, making it difficult to uninstall without breaking Windows

If that's not malware, I don't know what is.

I think J. Stanley's comment starts to expose the real problem here, and why all the "nerds" are pissed.

This represents DRM gone too far. The techniques used with this DRM package are hacker (the malicious kind) techniques. There has got to be a point at which EULAs cannot protect companies from doing whatever they want.

Here is the Wikipedia entry for a rootkit

Fred you are a very simple minded creature and it is people like Mark
Russinovich that protect your PC and ensure that you have protection to your
computer and the data you have on it. Your Tech is also a very simple minded
creature and if that is the best technical reference you can get I would also
suggest a new tech, because if that is your security guy at your business you
have a GREAT deal to worry about.

Posted by: Stephen at November 3, 2005 12:26 PM

Many children are infected with bio-viruses for health reasons.Its compulsory in some places. Now examine the assault, the physical invasion, the risks of damage or death and what our response as a society. It's in the public healths best interest and you can be punished for not complying. In fact we euphamise this infection with biological virual agents as 'innoculation' or a protection from disease.

To innoculate or protect your P.C. from the threat of copyright violation and the implicit financial impact on the generators of music; Sony use a DRM technique that some priviledged 'geeks' may find disturbing - however it is in the authors, publishers, distributors, purchasers, listeners and public economic best interest.

A small group of outraged techies that don't get the big picture. You can't see the Yarra from the window but you should know its there.

Posted by: Stuart at November 3, 2005 12:32 PM

cw - A few will return the CD's with confused outrage. To the others I say go ahead and install this Sony DRM software. It will help protect you from unlawful use of your P.C. by others (or inadvertently yourself).
Sony provide added features for hiding files and directories from prying eyes and prevent easy uninstall by guests or intruders.

This beneficial software from a reputable supplier is a must have for your home P.C.

Fair enough I guess, considering the extreme opposing views.

Still - a storm in a teacup.

Posted by: Stuart at November 3, 2005 12:54 PM

If you don't like the agreement - don't stick it into your (Windows) PC, or don't buy it at all.
What agreement ? A federally legislated fair use agreement (the US has this, even if Australia doesn't) ?

Razor's initial point ...

Sony had crippled a CD he'd wanted to buy with Sunncomm's latest DRM software, which meant it wouldn't play directly on the iPod.

was about how Sony have got the snots with Apple over licencing. In this case, Sony are implementing DRM (without any agreement or EULA) to get back at Apple.

Not to prevent casual copying, not to prevent copying for cash (i.e. "piracy"), not to protect the artist....

Posted by: magoo at November 3, 2005 12:58 PM

it looks like Malware, and it smells like malware, it is malware I would say. It may be legal but the law on copyrite is an ass. It's loaded up with protection for powerful vested interests such as Sony. Therefore to say Sony is doing something legal is a matter of almost no import in terms of what is an ethical debate in a social context about best practice within that society, what we will agree to tolerate and what we will resist.

Incidently one might note that stealth marketing and undergroung marketing are growing areas of corporate PR as well as advertising. Basically companies release PR people into the wild to pose as "ordinary joes". This provides more credibility as they spin the company line or product. Think about that re some Sony lovin' posts.

If this is so I don't mind since in this case, it only creates an even greater body of arguments and condemnations against the corporation.

The message is simple - don't buy Sony

Posted by: tflip at November 3, 2005 01:43 PM

Your Tech is also a very simple minded creature and if that is the best technical reference you can get I would also suggest a new tech, because if that is your security guy at your business you have a GREAT deal to worry about.

Thanks for your "concern" -- but I'd stack our guy against a roomful of Mark Russinovitches any day.

The tech I showed this to writes complex device drivers for a living - he's got nothing "invested" in this besides giving an honest and expert opinion.

Mark, on the other hand, like our good friend Charles, runs a blog, and their business is making a fuss, facts or no facts.

I mean, for an example of "blog truth" Charles featured that compulsive liar Alex Malik (sp?) on his SMH blog! First Malik lied _for_ the music industry when he worked with ARIA, now he's lying _about_ the music industry after ARIA let him go. Zero credibility, but he spawned a lot of blog posts...

I guess at the end of the day everyone has to decide who they believe. I'll continue to believe the people _without_ vested interests --- you lot can believe whomever you like.

Posted by: Fred Nerk at November 3, 2005 01:56 PM

(the bright side of life).

SONY release Advanced Home PC Music protection.

In a direct move to provide consumers with a Music delivery vehicle that addresses some failures in Apple Digital Rights Management that
threatened financial viability for composers and performers; SONY Music have developed a system that provides seemless protection for the majority of the music industry stakeholders.The new DRM R-Kit software will enable the secure and safe delivery of music on CD/DVD to home P.C users, does not affect CD/DVD players and is easy to install and use.

Available on SONY Music CD's the DRM RootKit.

Insist on SONY MUSIC for your P.C security.

Posted by: Stuart at November 3, 2005 01:59 PM

Methinks, Fred, that you protest too much. Now I must ask - given tflip's comment - whose payroll are you on?

Posted by: cw at November 3, 2005 03:19 PM

i'm not particularly sure about the semantics of what malware is or isn't, but it is interesting to note that the ppl in the above thread who are happy to trust big corporations to do the right thing are also the same people who resort to many logical fallacies:

attacking the person:
- "script kiddie"...
- "insignificant little fish"
- "geeks"

exaggeration or setting up a strawman:
- analogies about shops and bags
- children with viruses (??)
- pondering the Yarra even though you can't see it

I'm not even sure what this is:
- "rootkit schmootkit" or some such

at least we have blogs, newspaper editorial pages often might only publish junk letters to engage/enrage readers but at least above it is reassuring to see average concerned people who don't want to throw away freedoms (even electronic ones).

Posted by: Lockie at November 3, 2005 03:38 PM

Wow, all of this attention on what is essentially an old topic at heart.

While arguing the technicalities and legalities of Rootkits, DRM, EULAs etc is a great academic exercise, the greater picture of this debate should not be lost (in my view).

It's all about the consumer having accurate information before they make decisions.

Copyright holders and distributors are entitled to go about protecting their interest in anyway they see fit (within reason of course).

Just as the music industry is entitled to protect themselves, consumers should be aware of what they're buying before they buy it. The problem here is most non-tech savvy consumers are not aware of the limitations of the CDs they may buy and this, to me, is the issue.

Anyway my thoughts on the topic here - http://delicategeniusblog.com/?p=68


Posted by: Delicate Genius at November 3, 2005 04:09 PM

How happy I am playing my 12 inch LPs of REAL music! Not a care in the world.

Posted by: Duncan at November 3, 2005 04:23 PM

I usually choose my analogies with care, and the bag-search analogy was no exception.

While the store doesn't have the right to tear your bag from your hands and rifle through it -- if you refuse to allow them to search it (which is your right) they have a perfect legal right to deny you entry to the store.

Likewise, EULAs don't give the company the right look over your shoulder while you use the software -- like the bag search, you can't sign away your basic rights -- but EULAs do give them a perfect legal right to prevent you using the software should EULA conditions be breached.

How do you go about preventing someone from copying a CD more than the licenced number of times on a Windows machine without installing some pretty deep checking software? As long as the software does nothing else (and it doesn't) it's all covered in the EULA.

As I said previously, ANY bit of software that enables you to do anything complex on a PC will write all sorts of undisclosed-outside-the-manual dlls and device drivers onto your system. But no-one's suggesting a boycott of Microsoft Office. By the way, tried uninstalling Office recently? It can't be done. Likewise, almost all modern games CDs include some pretty heavy-duty DRM software that makes this Sony one look like kid's stuff.

It's all in the EULA. It's all legal. For people who know what a "rootkit" really is, calling this a rootkit is like calling a spoon a "lethal cutlery-drawer based weapons system".

Onto the other sub-topic: I am all for full disclosure and transparency.

Which is why, when I know that part of Mark Russinovitches paycheck comes from Microsoft, a company with their own designs on being "the standard" in DRM, I hesitate to go along with his hysteria about a bit of Sony DRM.

Which is why, when I know that part of Charles' paycheck is tied to how much "noise" his column makes, I hesitate to go along with his hysteria about, well, anything. Don't get me wrong, Charles, I love your work. Wouldn't be here otherwise!

Which is why you're demanding to know who I work for. Full disclosure! Transparency!

Except I'm not a public figure saying a CD is "practically useless" if someone can't rip it to their PC. So you've never heard of a CD player?

But fair enough - here's as clear as I can legally get: I work for a fairly big Australian entertainment software company. Which is why I'm confident posting about DRM, and confident repeating the opinions of our tech staff.

The rest of you? Qualified? Willing to put your cards on the table?

Or just noise?

Posted by: Fred Nerk at November 3, 2005 07:18 PM

Don't feed the trolls, people!

Fred, clearly as you've pointed out you work for a n entertainment software company, so obviously you have no agenda other than helpful, unbiased and independant advice concerning DRM. Good on you! No doubt many readers here are taking your platitudes onboard.

Disappointing, though, to note that you say (so it must be true) that CW's wage is based on how much of a stink he creates. Given his not-particularly-shock-jock manner, I'm terribly concerned he might be on the verge of bankruptcy.

Oh, and by the way - as an expert, perhaps you could share your methods for getting music from a CD player onto an Ipod? I've never actually tried, cos usually I just do it on my computer, but as you say in order to not infest my computer I should only use the CD on a stand-alone CD player.

Oh, and what IS a rootkit, in your expert definition? You forgot to mention that, when you laughed at people who (foolishly!) thought it was a method of cloaking files and processes! How CRAZY is that!

Oh damn - I think I just fed the troll.

The original point of this discussion? Someone bought a CD so he could listen to the music in the manner that he chooses - in this case, on his iPod. Sony has taken steps which severely limit his ability to do so. Phew! Lucky!

Oh - and for future reference, lots of people are boycotting Office. You might want to look at OpenOffice, which is as good as MS Office, a lot less bloated and - get this - Free!

So, we all know now to turn off autorun and look at other ways to get our music off XCP-infested CDs. Let's move on!

Posted by: Supastar at November 4, 2005 12:57 AM

It's worth noting that discussion has crossed a lot of topics and people have used phrases that invite flaming and when that happens logic goes out the window. Analogies dramatise one facet of a situation - however, they seriously become counter productive when respondents stretch the analogy to other aspects which are not at all relevant to the situation.

As I said previously, ANY bit of software that enables you to do anything complex on a PC will write all sorts of undisclosed-outside-the-manual dlls and device drivers onto your system. But no-one's suggesting a boycott of Microsoft Office. By the way, tried uninstalling Office recently? It can't be done. Likewise, almost all modern games CDs include some pretty heavy-duty DRM software that makes this Sony one look like kid's stuff.

While this is not an analogy, it extends debate to a different tangent. And makes an offhand remark that uninstalling Microsoft Office "can't be done".

BTW, I have uninstalled Office '97 the standard way - via Add/Remove and I have uninstalled Office the hard way - via line by line extermination of files. Office '97 had supplementary "remove everything" executables. Office 2003 has more facilities for removal including Repair but I haven't needed to remove it.

It's all in the EULA. It's all legal. For people who know what a "rootkit" really is, calling this a rootkit is like calling a spoon a "lethal cutlery-drawer based weapons system".

The blog articles:

http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html />
http://www.f-secure.com/weblog/archives/archive-112005.html#00000691 />

term this a rootkit.

http://opera.answers.com/rootkit />



A type of Trojan that keeps itself, other files, registry keys and network connections hidden from detection. It runs at the lowest level of the machine and typically intercepts common API calls. For example, it can intercept requests to a file manager such as Explorer and cause it to keep certain files hidden from display, even reporting false file counts and sizes to the user.

Rootkits came from the Unix world and started out as a set of altered utilities such as the "ls" command that lists files. It enabled the attacker to have "root" access (lowest level access) to the computer.

http://www.f-secure.com/v-descs/xcp_drm.shtml />

reports that

The DRM software hides it information by modifying the execution path of several Native API functions.... These hooks are generally used to hide files, folders, registry keys, registry values and processes.

Posted by: anandasim at November 4, 2005 09:36 AM

Stephen, a minor correction to the SONY faq link

I'm planning on running some tests over the weekend - after making a ghost image. I have borrowed a fresh SonyBMG for the purpose.

I’ll report back with my results.

Posted by: Anonymous at November 4, 2005 11:15 AM

..the latest on this, reported today...is that Sony have backed down -see this Age link -

Posted by: Ian Smith at November 4, 2005 11:40 AM

What a 'rootkit' type of environment will do in this case (note; Now patched) is very simple. It does not matter what sort of content is on the CD/DVD from whatever the type of company may be.
It opens up a very well known exploit on a personal computer and in this case Microsoft Windows. By hiding files in this type of method gives all of the people that are out there writing malware, spyware, trojans or a virus is a very easy delivery mechanism. As all they need to do is have the file that they intend to get into your computer system to do whatever is in there mindset of evil is have the filename begin with $SYS$ and that is it.

The file is now hidden and protected from antivirus software detection and spyware monitoring. This results in the piece of software remaining undetected on a PC for a much longer time than what is considered safe. The offending piece of software can then access your personal data and transmit this information via an internet connection for whatever purpose they choose to use it.

By having a delivery mechanism like this the writer of such annoying and costly security breaches spreads across all forms of computing environments from individual, business and government sectors. It remains hidden and protected from detection as it is protected by a major corporation having the masking software on your pc for this case musical Digital Rights Management (DRM)

With the world climate that we live in today where computers are used as a tool for attack and defence of terrorism there can be no leaks of secure information. This issue greatly transcends well beyond the simple issue of musical DRM. This is a major breach of security that has ramifications at all upper echelons of society. A piece of software that is hidden behind such a product is a breach of any security policy of a country.

Posted by: Stephen at November 4, 2005 02:16 PM

As you can see in the above statement, this is what the real cause here is. I have no issues with any company such as Sony wanting to have DRM on their products. I thoroughly support it. In this case the methods that were used to implement this were just going too far. It is a matter of how and the way computers work at this current point of time in history. If this is the only way they can come up with to stop this then they simply have no other option to not do it. The other way is for them to have an audio format option that does not adhere to the ‘Red Book’ CD Audio standard. And release a propriety standard that that does not include a computer compatible player or if it is available within the personal computer it should have a standard that includes the protection & security that they are looking for. The music industry is using the personal computer world to give greater benefits to the end-user of their product. They must however understand that the computer is before the music experience and they must layer what they wish to achieve on top of the computer layer. If they try to engineer the computer layer in the way that they have attempted here they will loose every time, as it will be deemed illegal by all forms of government. They are very welcome to have the ability to play the audio content they sell on behalf of the musicians, but they will not do it on the premise that they can lower the security level of a very powerful tool down to the level of a portable audio device.

Posted by: Stephen at November 4, 2005 02:39 PM

Wired News have posted an article mentions many of the core problems with what Sony have done that they are also very close to having commited a criminal offense. It will not take long for the lawyers to look at this in detail and have an answer on that also. Remember this has only been online since Monday. Sony have a small window of oppurtunity to disclose everything and apologize before this really does turn into a PR disaster that will take a long time to fix.

Posted by: Anonymous at November 4, 2005 03:37 PM

One of my worthy colleagues highlights that those with initiative have already used the Sony rootkit for their own ends:

Stephen does bring up the point about the physical media - if the music industry - Sony, EMI etc... want to protect the general purpose audio CD, they will have to resort to all kinds of "bad" ways to effect this - because the general purpose audio CD is an "open" standard and PCs/Macs/*nix boxes are general purpose computation devices. It's conceptually difficult to hack these things to protect music or intellectual property.

However, with the likes of Ken Kutaragi and his team of engineers Sony can make things like the MiniDisc (where digital output is made difficult regardless music ownership), the Playstation 2 (where you have to physically hack the hardware), the UMD and the Blu-Ray DVD. Or one could make the general PC less of a PC by implementing cooperative DRM components at the motherboard/chipset level.

Posted by: anandasim at November 4, 2005 03:41 PM

I noted on slashdot that a beneficial side effect of the rootkit could be to allow cheating on such games as World of Warcraft. Clearly, this is a fair and intentional move on Sony's part, as such a move could encourage the move to a much more open and effective gaming platform as the PS2. In fact it's quite feasible that Microsoft provided them with help in this area to promote the launch of the xbox 360 later this month.
(for those who missed it, the preceeding paragraph was sarcastic)

Oh and Supasta - correct me if I'm wrong, but I beleive it's actually still illegal in Australian law to use an ipod... one can't replicate copyrighted material (i.e. music) in any form I beleive! I beleive the iPod at one point had to be classified as a data storage device to actually be able to be sold! Though that could be just an urban legend.

Posted by: dkp at November 4, 2005 04:11 PM

Wired News have posted an article mentions many of the core problems with what Sony have done that they are also very close to having commited a criminal offense. It will not take long for the lawyers to look at this in detail and have an answer on that also. Remmember this has only been online since Monday. Sony have a small window of oppurtunity to disclose everything and apologize before this really does turn into a PR disaster that will take a long time to fix.

You can also follow the now two articles regarding the original issue and how they World of Warcraft hack at here

Posted by: Anonymous at November 4, 2005 04:32 PM

reminds me of a YOGO (kids food) free cd. it hijacked iexplorers home page and other nasty stuff (about 4 yrs ago)

Posted by: Anonymous at November 4, 2005 06:05 PM

Moving back to comments and powers of resistance to Sony and its hostile DRM people may be interested in the DVD Guide take on this. They note those with "any DVD" installed, a progam designed to circumvent that other piece of anti-market behaviour, regional DVD coding, have nothing to fear since it blocks it out.

However it does warn of real problems if the MS Vista system causes DRM to be built into motherboards.

Posted by: tflip at November 4, 2005 08:03 PM

rootkit: A type of Trojan...

As the software in question is, obviously, not a Trojan (ie. a program that "takes over" your pc for its own ends) the rest of the definition is totally irrelevant.

I know how much you love my analogies, so here's another one:

Dogs have teeth. Sharks have teeth. So dogs must be sharks. Forget that the description of "Sharks" begins "A type of fish..." it's only the teeth that interest you lot...


Posted by: Fred Nerk at November 4, 2005 10:03 PM

Methinks you like a good debate Fred. (huge grin)

The traditional definition of a Trojan is that wooden horse in Troy. By itself, it was harmless - it was made of wood. It was the nasties inside who destroyed the city.

This particular Sony Rootkit does in your own very words

a Trojan (ie. a program that "takes over" your pc for its own ends)

The Sony Rootkit implements measures to hide files to the objective that it can keep the DRM engine undeletable - "it's own ends". The DRM engine does not go out and trash your PC but the whole Rootkit is designed to subvert your attempts to regain control of your own PC. The DRM engine also advertises itself as "Plug and Play Device Manager" - which isn't what it is. A non Trojan would have simply called itself "Sony/First2Internet DRM engine".

Posted by: anandasim at November 5, 2005 11:09 AM

Question: Let's say I bought the CD a few weeks ago, as a number of people might have done. I pop it in, agree to the EULA, and install player & DRM software. So far so good. I then decide, after listening to the CD, that I don't want it any more. I dispose of it. I am then bound by the EULA to remove all licensed materials from my PC (article 9, section 3 as previously mentioned).

If the DRM software is masking itself using very sophisticated measures, how do I, an average PC user, honour the EULA?

Let's say I am slightly more than a novice. I happen to run RKR and /or other scanning software, and find the presence of the DRM software. I somehow determine that it's part of the licensed materials that I was supposed to remove upon finishing with the CD. I have found the software, so I simply remove it, because it offers no uninstall option. My PC is now either unbootable, and / or my CD drive is inaccessible.

Is Sony BMG responsible for the damage to my operating system, because I am attempting to honour the EULA?

More importantly, is this a fair and reasonable implementation of DRM?

Interested in answers from all sides, hopefully from someone with some legal background as well.

Posted by: The Bairnsei at November 5, 2005 01:02 PM


Did you realize the TypeKey service used to post on this blog as a recognized user also reserves the right to update its terms of service without notice?

Posted by: Michael Wardle at November 7, 2005 12:25 PM