Sony loads spyware on CDs....


Jam Piper Jam

Truth Seeker
Sony-BMG has been using copy-protection technology called XCP in its recent CDs. You insert your CD into your Windows PC, click "agree" in the pop up window, and the CD automatically installs software that uses rootkit techniques to cloak itself from you. Sony-BMG has released a "patch" that supposedly "uncloaks" the XCP software, but it creates new problems.
The following are CDs with the spyware:

Trey Anastasio, Shine (Columbia)
Celine Dion, On ne Change Pas (Epic)
Neil Diamond, 12 Songs (Columbia)
Our Lady Peace, Healthy in Paranoid Times (Columbia)
Chris Botti, To Love Again (Columbia)
Van Zant, Get Right with the Man (Columbia)
Switchfoot, Nothing is Sound (Columbia)
The Coral, The Invisible Invasion (Columbia)
Acceptance, Phantoms (Columbia)
Susie Suh, Susie Suh (Epic)
Amerie, Touch (Columbia)
Life of Agony, Broken Valley (Epic)
Horace Silver Quintet, Silver's Blue (Epic Legacy)
Gerry Mulligan, Jeru (Columbia Legacy)
Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
The Bad Plus, Suspicious Activity (Columbia)
The Dead 60s, The Dead 60s (Epic)
Dion, The Essential Dion (Columbia Legacy)
Natasha Bedingfield, Unwritten (Epic)
Ricky Martin, Life (Columbia) (labeled as XCP, but, oddly, our disc had no protection)
read more
 



It also mean is a target for the virus writers --- the sony software was hit hard this week with viruses. Sony has pulled the plug on the software. Any CD / DVD that comes with software - I DONT install it. If my PC cant use it - it goes back to the store. I DONT let them get away with that crap - most people are sheep and go along with it - I wont.

http://blogs.zdnet.com/Spyware/index.php?p=701
 
How to tell whether the rootkit is on your computer: On the Start menu, choose Run. In the box that pops up, type this command:

cmd /k sc query $sys$aries

and hit the Enter key. If the response includes ?STATE: 4 RUNNING?, then your machine is infected with the rootkit. If the response includes ?The specified service does not exist as an installed service?, then your machine is not infected with the rootkit.

How to disable the rootkit: On the Start menu, choose Run. In the box that pops up, type this command:

cmd /k sc delete $sys$aries

and hit the Enter key. Then reboot your system, and the rootkit will be permanently disabled.
http://www.freedom-to-tinker.com/?p=924
 
Got from our IT group here at work:

'Many of you have probably read news reports in the past couple of weeks about the "Sony rootkit" software found on certain CDs from Sony's various recording labels. In a nutshell, Sony copy-protects these CDs by installing DRM (Digital Rights Management) software when they are inserted into a Windows PC. They also install a type of software called a "rootkit", which effectively hides the DRM software and makes it nearly impossible to uninstall. Rootkit technology has heretofore only been used by hackers attempting to cloak malicious software. It has been shown by analysts that Sony's rootkit can be used by authors of malicious software to hide their viruses as well as Sony's DRM software. Even though Sony has since announced that they will be removing this type of protection from their CDs, this is obviously a very dangerous situation.

In order to get their software installed on users' PCs, Sony takes advantage of the AutoPlay feature in Windows. This is the feature that automatically starts some software when a CD is inserted into the drive (usually the CD player or an install program). In the case of these Sony CDs, an End User License Agreement (EULA) is popped up. Most users see these and just click "Yes", and the software is installed (the Sony EULA gives no notice of what's actually being installed on the PC'
 
http://news.yahoo.com/s/ap/20051121...nXJ2sUA;_ylu=X3oDMTBiMW04NW9mBHNlYwMlJVRPUCUl



Texas Sues Sony Under Anti-Spyware Law


AUSTIN, Texas - The state sued Sony BMG Music Entertainment on Monday under its new anti-spyware law, saying anti-piracy technology the company slipped into music CDs leaves huge security holes on consumers' computers.
ADVERTISEMENT
[-78161]

The lawsuit is over the so-called XCP technology that Sony had added to more than 50 CDs to restrict to three the number of times a single disc could be copied.

After a storm of criticism, Sony recalled the discs last week.

To enforce the restrictions, the CD automatically installed the copy-protection program when discs were put into a PC ? a necessary step for transferring music to iPods and other portable music players.

Attorney General Greg Abbott accused Sony BMG of surreptitiously installing "spyware" in the form of files that mask other files Sony installed as part of XCP.
 
^^^^^^some other states or groups should join in. I don't know what Sony was thinking when they installed that spyware on the CDs.
 
Back
Top