Sony audio cd's are now malware

Sony BMG is facing a cacophony of criticism this week following the revelation that some of its CDs are packed with special copy-protection software that conceals itself with an advanced hacker cloaking technique. We think the company is getting off easy.

The firestorm began when Mark Russinovich, a computer security expert with Sysinternals, discovered evidence of a "rootkit" on his Windows PC. Through heroic forensic work, he traced the code to First 4 Internet, a British provider of copy-restriction technology that has a deal with Sony to put digital rights management on its CDs. It turns out Russinovich was infected with the software when he played the Sony BMG CD Get Right With the Man by the Van Zant brothers.

A rootkit is a particularly insidious type of Trojan horse that hides its existence from users and programs by tampering with the operating system on the most fundamental level. Where normal malicious code might be content to choose a deceptive file name, a rootkit "hooks" operating system calls that might reveal its presence, and essentially reprograms them to lie -- like bribing the coroner to conceal a murder.

And the lie the First 4 Internet code tells is a whopper. Under the program's influence, Windows will deny the existence of any file, directory, process or registry key whose name begins with "$sys$." Russinovich verified this by making a copy of Notepad named "$sys$notepad.exe," which promptly vanished from view.

That means that any hacker who can gain even rudimentary access to a Windows machine infected with the program now has the power to hide anything he wants under the "$sys$" cloak of invisibility. Criticism of Sony has largely focused on this theoretical possibility -- that black hats might piggyback on the First 4 Internet software for their own ends.

On Wednesday, Sony answered its critics by promising to issue a patch that allows antivirus software to pierce First 4 Internet's cloaking function. But in our view, the hacker and virus threat is something of a red herring. The harm of the Sony DRM scheme is not that it enables evildoers, but that Sony itself did evil.

We needn't go skulking through the computer underground to find malicious action here. By deliberately corrupting the most basic functionality of their customers' computers, Sony broke the rules of fair play and crossed a bright line separating legitimate software from computer trespass. Their actions may be civilly actionable.

Sony may even have committed a crime under the U.S. Computer Fraud and Abuse Act, which can carry fines and prison terms for anyone who "knowingly causes the transmission of a program ... and as a result of such conduct, intentionally causes damage, without authorization, to a protected computer." Corrupting Windows so it misreports the contents of a hard drive sounds a lot like "damage," and the click-wrap license agreement on the Sony disk amounts to pretty thin "authorization" -- disclosing only that "this CD will automatically install a small proprietary software program ... intended to protect the audio files embodied on the CD."

Nor are we comforted by assurances from First 4 Internet's CEO Mathew Gilliat-Smith, who, in an interview with CNET's, defended his software this way: "For the eight months that these CDs have been out, we haven't had any comments about malware (malicious software) at all." Rootkits, like other cover-ups, rarely generate complaints before they're discovered.

Sony should immediately disclose the full details of its deployment of the First 4 Internet software, and assure the public that it will not use similar tactics in the future. Honest programs have no need to conceal themselves or their actions from users. Honest companies, too.
Unbelivable!!!!!!!!!!They are really pushing too far:mad:
Im gonna start filesharing one of these days couse i heard that you can find it on internet-will check and post about!!:) :) :)
I stopped buyin sony cd's months ago when they kept comin up with silly ways to protect the cd's, this time they have gone way too far & i hope that they get sued to hell & back, for too long the record companies complain about piracy while announcin record profits, why put up with it.

BaNzI :D


New member

Wow.. thats pretty clever! A bit harsh though, but shows how clever some people are... Won't hackers find some way of using the whole "$Sys$" thing to make money though?? I dont really use Sony products anyway.. apart from my Playstation 2..
xSlyPandax said:
Wow.. thats pretty clever! A bit harsh though, but shows how clever some people are... Won't hackers find some way of using the whole "$Sys$" thing to make money though?? I dont really use Sony products anyway.. apart from my Playstation 2..

they already do mate they already do .......... and a lot of them ALREADY work for the big companys that ACTUALLY make the anti virus programs! :eek: yes its true how else would they persuade thousands to part with their cash for paid subscription anti virus software :eek:

:) :D :p

We share the concerns of consumers regarding these discs, and we are instituting a program that will allow consumers to exchange any CD with XCP software for the same CD without copy protection. We also have asked our retail partners to remove all unsold CDs with XCP software from their store shelves and inventory. We will make further details of this program available shortly.
Last edited: