Jeremy's almost but not quite entirely moribund blog

Tuesday, November 01, 2005

Sony music CD installs malware

I've always thought copy protection on music CDs was counterproductive. It makes no sense if you think about it--the labels hope to increase CD sales by producing broken CDs that won't play in your computer or iPod.

Well, in the music industry's latest efforts to prevent people from buying CDs, Sony sells CDs that install malware on your computer. In this article, Windows guru Mark Russinovich describes a rootkit he found on his computer and eventually traced to software installed by a CD sold by Sony BMG and ironically entitled "Get Right with the Man". He describes what this Sony Spyware does--queries all process on your computer several times per second, consuming 1-2% of your CPU even when you're not playing a CD--and how it uses techniques commonly associated with malware to hide itself from the user--as well as antivirus software.

Way to reward your customers for being honest, Sony. A Slashdot post puts it eloquently:

The people being hurt by this DRM software are people who have already communicated their intent to do the right thing by purchasing the CD. Sony has just guaranteed that a lot of people will never make that mistake again.

Welcome to a Brave New World: People who pay for their music get viruses, while people who download it at no cost from illegal sources get clean MP3s that they can freely copy and use on whatever devices they own.

So what happens next?

Will the media pick up on this? Will antivirus and antispyware programs detect and remove Sony's rootkit? Or will they all turn a blind eye to it for fear of being sued under the DMCA?

The best thing for Sony to do at this point would be to apologize publicly and issue a recall on all malware-infested CDs. Otherwise they'll never live this down.


  • This isn't just a customer service issue. This is a grave security threat. Sony's Trojan will hide any malware that puts $sys$ in its filename from antivirus/antispyware software. If Sony does not immediately recall all XCP'd CDs and publish a removal tool, they're giving script kiddies a nice present.

    By Anonymous Anonymous, at 1:43 PM  

Post a Comment

<< Home