People Don't Trust Web Companies To Keep Their Info Safe -- Gee, Wonder Why...
Lego Learns It Doesn't Get A Monopoly On Toy Building Blocks In Canada

Yes, Again. Another Vulnerability In A Sony BMG Offering

(Mis)Uses of Technology

from the make-it-stop dept

Thu, Nov 17th 2005 4:32pmMike Masnick
How much do you think Sony BMG dislikes Alex Halderman? Halderman, a graduate student working under Ed Felten at Princeton, became quite well known to the recording industry two years ago after publicizing how the copy protection scheme being used by what was then just BMG, supplied by SunnComm, could be defeated by holding down the shift key as you inserted the disc. This wasn't a high tech solution. The software needed to run to be installed, and it would run automatically if you had autorun enabled, which most people do. Holding down the shift key just overrides autorun. Nothing special -- but Halderman made sure that blocked the copy protection and (more importantly) got that information out. That eventually meant that SunnComm even thought about suing Halderman for publishing a way to circumvent copyright protection, in violation of the DMCA. After realizing how stupid this idea was, SunnComm backed down on the lawsuit threats, leaving Halderman and Felten (who has been threatened with plenty of lawsuits himself) to continue their work. And, in the last couple of weeks, the two of them have been pretty damn busy investigating the whole Sony rootkit thing. Their big find, earlier this week, was how the uninstaller for the rootkit opened up new security holes. The rootkit, though, comes from First4Internet, not SunnComm. Sony BMG still does use SunnComm's copy protection on other CDs, and over the weekend Halderman pointed out why SunnComm's technology might not be a rootkit, but certainly fit the definition of spyware. To make things even better, Halderman has just published another post noting that SunnComm's uninstaller is just as bad as the XCP uninstaller for the rootkit. In other words, if you've used SunnComm's uninstaller to get rid of their copy protection, you've left your computer incredibly vulnerable to malicious attacks. Yes, the saga continues...
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

8 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Steve, 17 Nov 2005 @ 6:02pm

    Appreciate

    Hi Mike,
    Your columns are great, thanks!
    Steve

    link to this | view in chronology ]

  • identicon
    arcfixer, 17 Nov 2005 @ 6:40pm

    No Subject Given

    Agreed. Keep it coming.
    .
    (Next to last sentence: "incredibly" for "incredible"?)

    link to this | view in chronology ]

    • icon
      Mike (profile), 17 Nov 2005 @ 7:08pm

      Re: No Subject Given

      (Next to last sentence: "incredibly" for "incredible"?)

      Whoops. Sorry. Thanks for pointing that out. Fixed now.

      link to this | view in chronology ]

      • identicon
        Happy user, 17 Nov 2005 @ 10:05pm

        Re: No Subject Given

        I'm much agreed with the above replies -- thanks for all the great postings Mike!

        link to this | view in chronology ]

  • identicon
    Y Pennog Coch, 18 Nov 2005 @ 5:53am

    One good thing did arise from this mess...

    >>> The saga continues
    [...]
    >>> Yes, Again.

    Second all the above posts - ongoing coverage much appreciated. This is one of those stories where even the tiniest new detail changes who is vulnerable to what, and that makes every last bit important to know.

    Meanwhile, some good news. Thanks to Mark Russinovich's original post at sysinternals.com, I now know what a filter driver is, how to find them on your PC and how to remove one safely (it wasn't a Sony thing in my case, I think pxhelp20.sys came with WinAmp). My ancient CD-writer drive now burns CD's again.

    BTW, if you find pxhelp20.sys on your system, don't just delete the file, your CD drive will probably become unusable in Windows.

    link to this | view in chronology ]

  • identicon
    Fundriving, 18 Nov 2005 @ 8:14am

    Sony

    The sad part of this story is us techies are all a flutter and in an uproar about this story, but sadly, I think the general public doesn't have a clue.

    I have talked to clerks at local retail stores and students on the college campus I work on and there is no idea about the seriousness of this transgression. No outrage, no...nothing. Out of six people I have talked with 5 didn't even know about the story.

    My point is. How do we really send a strong message to Sony and big companies if the majority of consumers stay oblivious?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Nov 2005 @ 8:50am

    No Subject Given

    Mike, do you or any of your readers know of a site that has a comprehensive list of CD copy-protection-related malware? I know all eyes are on Sony right now, but I doubt they are the only company that First4Internet deals with. I would bet that all the other major labels include similar software... in which case, they ought to get a share of the scorn. There's plenty to go around.

    link to this | view in chronology ]


People Don't Trust Web Companies To Keep Their Info Safe -- Gee, Wonder Why...
Lego Learns It Doesn't Get A Monopoly On Toy Building Blocks In Canada
Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

Friday

19:39 Important Announcement: Techdirt Is Migrating To A New Platform (0)
More arrow

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.