×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Trojan Using Sony DRM Rootkit Spotted

Zonk posted more than 8 years ago | from the gift-from-sony-to-you dept.

Security 597

Analise writes "The Register reports on the first trojan using Sony's DRM rootkit. A newly discovered variant of the Breplibot trojan makes use of the way Sony's rootkit masks files whose filenames begin with '$sys$'. This means that any files renamed this way by the trojan are effectively invisible to the average user. The malware is distributed via an email supposedly from a reputable business magazing requesting that the businessperson verify his/her attached 'picture' to be used for an upcoming issue. Once the payload is executed, the trojan then installs an IRC backdoor on affected Windows systems."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

597 comments

Rant Time... (2, Interesting)

Anonymous Coward | more than 8 years ago | (#13998911)

Sony, you are despicable loathing scum who will no longer get another penny from me. For deliberately putting computers I maintain at risk to save a penny on your end, I find you guilty as charged. Microsoft should be suing you for such as well. In fact everyone just gang up on Sony and charge with those attorneys. Burn in hell bastards...

Re:Rant Time... (5, Funny)

freedom_india (780002) | more than 8 years ago | (#13998982)

With California filing a class-action suit, i think more states and consumers should file suits NOT just for damaging their computers, but delibrate unauthorized entry into another person's property which is a crime.

Seriously i wish some Sony officials got what Worldcomm's Ebbers got: 25 years for entering into another property without permission, vandalism, etc. The less privileged have got far worse sentences for lesser crimes all along

And more so, Sony should replace EVERY affected computer with a brand new Vaio.

Re:Rant Time... (5, Funny)

xlr8ed (726203) | more than 8 years ago | (#13999026)

Sony should replace EVERY affected computer with a brand new Vaio



That would be a crime in itself...

Re:Rant Time... (3, Insightful)

PeteDotNu (689884) | more than 8 years ago | (#13999049)

"And more so, Sony should replace EVERY affected computer with a brand new Vaio"

I'd prefer the cash alternative.

Re:Rant Time... (4, Funny)

mmzplanet (904697) | more than 8 years ago | (#13999069)

"And more so, Sony should replace EVERY affected computer with a brand new Vaio." Upon the annoucement of this, Sony sees record sales of its DRM'd CDs.

Re:Rant Time... (1)

Indiana Joe (715695) | more than 8 years ago | (#13999091)

Sony should replace EVERY affected computer with a brand new Vaio

... that is free of this or any other malware, to the best of Sony's ability.

Re:Rant Time... (1)

xs650 (741277) | more than 8 years ago | (#13999179)

And more so, Sony should replace EVERY affected computer with a brand new Vaio.

Only with the condition that there not be a single bit of Sony software on it. I have a Vaio Notebook. It's a good solid computer but the Sony crap that comes installed on it and entwined into Widows sucks.

Their customer supports blows big chunks too.

Jobseekers rejoice! (5, Funny)

Ooblek (544753) | more than 8 years ago | (#13998912)

It's just a rumor, but Sony should have some Engineering and Executive positions open in 3....2....1...

Re:Jobseekers rejoice! (1)

jzeejunk (878194) | more than 8 years ago | (#13999007)

they probably made engineers the scapegoats and might be looking to hire lawyers instead

Re:Jobseekers rejoice! (1)

voice_of_all_reason (926702) | more than 8 years ago | (#13999037)

Um, sounds... great?

Assuming Sony is like any other corporation, you'll just can canned too in a few years when your boneheaded pointy-haired-box orders you to design something you know is shoddy/dangerous/illegal.

Re:Jobseekers rejoice! (5, Insightful)

Daniel_Staal (609844) | more than 8 years ago | (#13999058)

Remember: Sony didn't write the rootkit. They bought it from someone else.

Now, the question is, what department thought it was a good idea? Sales and Marketing? Legal? Somebody had to think it was worth the money...

Re:Jobseekers rejoice! (4, Funny)

Guppy06 (410832) | more than 8 years ago | (#13999227)

" Remember: Sony didn't write the rootkit. They bought it from someone else."

Remember: your Friendly Neighborhood Crack Dealer didn't grow the coca. They bought it from someone else.

Re:Jobseekers rejoice! (3, Interesting)

Fx.Dr (915071) | more than 8 years ago | (#13999164)

Does this now mean that Sony is open to criminal negligence lawsuits as well?

Suprise suprise (1)

RingDev (879105) | more than 8 years ago | (#13998921)

Couldn't see this one coming from day one or anything.

-Rick

Re:Suprise suprise (0, Offtopic)

Spazntwich (208070) | more than 8 years ago | (#13999102)

Mr Emory Barr
Abbey National PLC
Bromley Rd Branch
London
BW1 3AN

Dear Friend,

I am Mr.Emory Barr, Accounts Manager, of Abbey National PLC
Bromley Rd Branch. I have an important business proposition for you.

On December 12th, 2001, a German contractor with the British Pertroleum co-orporation, United Kingdom ,Mr. Olaf Partetzke made a numbered time (Fixed) Deposit for twelve calendar months, valued at US$ 17,350,000.00 (Seventeen Million Three Hundred Hundred and fifty Thousand Dollars only) in my branch.
Upon maturity,I sent a routine notification to his forwarding address but got no reply. After a month, we sent a reminder and finally we discovered from his contract employers, the British Pertroleum co-orporation that Mr.Olaf Partetzke died from an Automobile accident further investigation,
I found out that he died without making a WILL,and all attempts to trace his next of kin was fruitless.

I therefore made further investigation and discovered that Mr. Olaf Partetzke did not declare any kin or relations in
all his official documents, including his Bank Deposit paperwork in my Bank. This sum of US$ 17,350,000.00 is still sitting in my Bank and the interest is being rolled over with the principal sum at the end of each year. No one will ever come forward to claim it. According to inheritance Laws of the United Kingdom, at the expiration of 5 (five) years, the money will revert to the ownership of the Local Government Authorities here in Wales, United Kingdom, if nobody applies to claim the fund.

Consequently, my proposal is that I will like you to stand in as the next of kin to Mr. Olaf Partetzke
so that the fruits of this old man's labor will not get into the hands of some corrupt government officials.This is simple, I will like you to provide immediately your full names and address so that the attorney will prepare the necessary documents and affidavits that will put you in place as the next of kin. We shall employ the services of an attorney for drafting and notarization of the WILL and to obtain the necessary documents and letter of probate/administration in your favor for the transfer. The money will be paid into your account for us to share in the ratio of 60% for me and 35% for you and 5% for Expenses Incurred in the course of the transaction .

There is no risk at all as all the paperwork for this transaction will be done by the attorney and with my position as the Manager with my bank will guarantees the successful execution of this transaction. If you are interested, please reply immediately to my private email
box : emory400@xasamail.com

Upon your response, I shall then provide you with more details and relevant documents that will help you understand the transaction. You should observe utmost confidentiality, and rest assured that this transaction would be most profitable for both of us because I shall require your assistance to invest my share in your country.

Awaiting your urgent reply.

Thanks and regards.

Emory Barr

Inevitable... (0)

Anonymous Coward | more than 8 years ago | (#13998922)

...but wow, sucks for Sony!

Re:Inevitable... (0)

Anonymous Coward | more than 8 years ago | (#13999033)

Possibly the first trojan I've ever been happy to hear about.

Companies need to understand that fooling with customer's computers this way is NOT acceptable, and that they will be liable for any future damage caused by their inept managerial decisions.

Boycott Sony (5, Interesting)

Winckle (870180) | more than 8 years ago | (#13998924)

I reccomend voting with our wallets, and not purchasing Sony/BMG products. Also see here [boycottsony.us]

Also here [first4internet.com] is the company that created the DRM technology.

Re:Boycott Sony (1)

FudRucker (866063) | more than 8 years ago | (#13998992)

this definitly made my next purchase of a DVD Burner change i was thinking of getting Sony's but that has changed now i will buy one from another mfg

Notice (1)

Mark_MF-WN (678030) | more than 8 years ago | (#13999166)

Notice how it's always the most pathetically shitty little software companies that make these things? You'd think Sony could field a good programming team to develop their DRM software. Instead, they subcontract to the worst that the field has to offer.

They probably thought they could save some money, and are now facing class-action lawsuits. A classic example of penny-wise pound-foolish, as the Brits used to say.

3x number who sign up (0)

Anonymous Coward | more than 8 years ago | (#13999194)

One of the things learned from boycotting GE (for making nuclear weapons) is that three times as many people actualy boycott as the number who sign-up.

Nice Job Sony (5, Funny)

xlr8ed (726203) | more than 8 years ago | (#13998925)

You might want to add a couple of more zeros to the settlement check you are thinking about

A Natural Rights perspective (5, Insightful)

dada21 (163177) | more than 8 years ago | (#13998926)

Irregardless of the existence of government, the natural rights of an individual cannot be given away (you can't sell yourself into slavery, you can't tell a higher power that it's ok to kill you). One such right is the right to private property, closed to others' prying eyes or presence.

One great force behind this right is that past acts bear no allowances for future acts. If I let you into my house yesterday, you have no right to be here today. I may contractually allow you to come and go as you please, but I have to willfully sign the contract with witnesses noting the act.

Sony's DRM uses government force (through copyright provisions) to settle its legality. They say that by using their property, you have to permanently give up your natural right to private property (free speech Statists wrongfully call it Right to Privacy). Sony is wrong.

By violating numerous natural rights, Sony has opened itself to a demand for restitution. I wholeheartedly believe that corporate protections are wrong, as is copyright. My solution? Go after Sony through the shareholders directly (they own the business and allowed the breach of a basic human right). Demand restitution for the trojan if you receive it.

Imagine if you buy a Saab and Saab has an agreement stating "If you turn the car on, you allow two Saab employees to ride in your trunk and search your house for proof you might install a non-Saab oil filter." You've signed nothing. The two Saab employees open your house door, take up residence and leave the door wide open. Two typical pro-copyright arguments: You're not allowed to install non-Saab oil filters or how else would Saab make money? Why would they design cars?

This is the problem with copyright. Instead of individuals protecting proprietary information of value (books, music, etc) and producing it in the best way over anyone else (live shows, subscriptions to new music, etc), they say "copy us and government will use force against you."

It's all wrong. Don't publicly say anything valuable to you. Don't think you can come in my home because you did once before. Don't think you can rape me because a note in your pocket says you're allowed to, and I let you in without checking your pockets.

Re:A Natural Rights perspective (2, Insightful)

GungaDan (195739) | more than 8 years ago | (#13999006)

A natural right to private property??? No. This is a LEGAL right - an artificial construct of an organized society. Interesting post all around. You had me right up until you said "irregardless."

Re:A Natural Rights perspective (1)

mekkab (133181) | more than 8 years ago | (#13999083)

Interesting post all around. You had me right up until you said "irregardless."


I'm thinkin' the product of a third-tier law school. Or even more likely, a "pre-law" undergrad.

Re:A Natural Rights perspective (2, Interesting)

dada21 (163177) | more than 8 years ago | (#13999086)

The natural right to private property that you take an active role in maintaining and upgrading has been recognized for hundreds of years. Locke, George, and dozens of others have successfully debated it.

Google [google.com] for some great links.

Re:A Natural Rights perspective (4, Insightful)

jotok (728554) | more than 8 years ago | (#13999053)

I am with you on almost everything except this:

One such right is the right to private property, closed to others' prying eyes or presence.

To me, this doesn't seem as "self-evident" as the other rights (Life, Liberty, freedom to pursue happiness, etc.) in the D of C. But it does seem to make sense as a possible necessary qualification to achieve the other three: I could live, be free, and try to be happy without owning anything, but it might be exceedingly difficult.

Just sayin'.

(Also, "irregardless" is not a word)

Re:A Natural Rights perspective (1)

bjohnson (3225) | more than 8 years ago | (#13999218)

what's better is that he thinks it's a natural right to own property, but not intellectual property.

Re:A Natural Rights perspective (1, Informative)

Anonymous Coward | more than 8 years ago | (#13999126)

Go after Sony through the shareholders directly (they own the business and allowed the breach of a basic human right)

We meet again ;) Which shareholder wrote the DRM rootkit? Which one put it on the CD?

I agree that corporate protections have no right to exist, however mens rea dictates that only those who can be reasonably expected to know about this has any reason to feel guilty, or be guilty.

Attacking the shareholders of a corporation does nothing to change how the actual criminals behave, all it does is chill investment. Putting an end to the corporate veil will allow society to quickly weed out those who would prey on others, without having to resort to indirect attacks with collateral damage. It would also reduce the amount of damage that could be done... I suspect that for most people, if their manager instructed them to install a rootkit on every consumer's computer, they would rather polish their resume than look forward to jail time and fines out of their own pockets.

Besides, if shareholders did become culpable for the actions of every janitor and codemonkey in the corporation, and we assume that the stock market completely collapses due to this, and all companies switch to selling bonds for financing, how then would you proceed with the punishment?

Now if only this concept could apply to the repeated breaches of our Constitution by our government.

Re:A Natural Rights perspective (2, Interesting)

Surt (22457) | more than 8 years ago | (#13999161)

Who grants the natural right to property?

For example, I own the world. So I can go anywhere I please, including into 'your' home which is really mine.

You might suggest that the state decides who owns what, and the state says you own your home. But if so, then they also have the power to decide what the limits on that ownership are, including the powers of copyright.

If you rely on the force of the state to create property rights, then you pretty much have to go along with the whole legal system in determining who has what assorted rights. The state has decided that copyright and property rights are both to exist, and that it will offer to use its force in defending those rights in certain ways. You can live with the legal system, or you can work with others to change it, or you can resist it (though your odds of doing that effectively seem quite low).

Re:A Natural Rights perspective (5, Funny)

iambarry (134796) | more than 8 years ago | (#13999181)

If I let you into my house yesterday, you have no right to be here today
While you may be correct WRT US property laws, it seems to me that vampire rules call [imdb.com] for a vampire to have free reign over your house in perpetuity if they are ever invited in. Perhaps Sony is operating using Vapire law rather than US law?

BTW - irregardless [reference.com]

Re:A Natural Rights perspective (0)

Anonymous Coward | more than 8 years ago | (#13999232)

People who believe that natural rights are real things, and not a bunch of hogwash made up by 18th century dandies are funny.

No Technical Analysis?! (0)

Anonymous Coward | more than 8 years ago | (#13998933)

..the malware is in the wild but a full technical analysis of the Trojan is yet to be completed.

Alright damnit, who's got a copy?

From the article, virus firms response (2, Interesting)

matt me (850665) | more than 8 years ago | (#13998938)

"The response of anti-virus firms, some of which have only promised to flag up rather than block system changes made by Sony-BMG's rootkit, remains unclear. "
Ooh fun to be had here. Sony are gonig to love this publicity.

Ha ha. I have little respect for these companies who I see to be the same as those who four hundred years ago sold "herbs" to protect you from the plague. These ppl still profit from ppl's lack of knowledge.

Oh noes! (4, Funny)

taskforce (866056) | more than 8 years ago | (#13998939)

Early reports indicate the IRC backdoor is used by the propagator of the virus to bombard you with random chat messages from #windowshelp. So far the most common phrases appearing are "how do i reformat" and "how do i download the internet?"

Obligatory (1)

NelsonM (906317) | more than 8 years ago | (#13999244)

Penny Arcade [penny-arcade.com] on printing out the internet:

Gabe: You need to get some more print cartridges.

Tycho: What is all this shit?

G: The web.

T: Which Web?

G: The Internet Web.

T: The whole thing?

G: No, I'm at about B. You just ran out of ink. Look, we just went through this!

Really easy test to see if you're vulnerable (5, Interesting)

HMC CS Major (540987) | more than 8 years ago | (#13998940)

Since there was some confusion about how you can tell if this rootkit is installed, remember that it hides files beginning with '$sys$' -

1) If you're not using windows, you're fine.
2) Create a file on your desktop ('test.txt' should be fine). Rename the file to '$sys$test.txt'.

If the file is gone, you're vulnerable.

Lawsuits all around (1)

orderb13 (792382) | more than 8 years ago | (#13998945)

And let the firestorm or lawsuits increase.

Hopefully this will push a whole bunch of issues to the attention of people, such as EULA's and the like, and maybe, just maybe, we'll get some good case law on it that is in the interest of the consumer.

Re:Lawsuits all around (1)

dada21 (163177) | more than 8 years ago | (#13999015)

No. No lawsuits. Corporations don't do evi . CEOs aren't solely responsible for evil deeds. A corporation is a democracy of shareholders.

If I get this trojan, I will simply find Sony shareholders in my home town and sue them civilly. Or I might just verbally denounce them in public for violating my natural rights.

If you own Sony stock, you're liable in my opinion. Sell it.

Re:Lawsuits all around (1)

stinerman (812158) | more than 8 years ago | (#13999212)

Of course, you'll never win on those grounds since there is much case law dealing with the rights of corporations. I do agree with you, though. Corporations are not people, and therfore, are not entitled to any rights.

This type of fictious person along with limited liability of the shareholders makes for some fun scenarios:

1) I pay Steve to break in to your computer, plant a virus/trojan/rootkit which opens your computer up to other virus/trojans/etc. I'm a co-conspirator in this action and will probably get a similar amount of jail time.

2) I pay my corporation to break in to your computer, plant a virus ...
I'll never see legal proceedings because I'm not liable for what the corporation did.

Re:Lawsuits all around (1)

RobM9999 (191476) | more than 8 years ago | (#13999145)

1. Sell crappy CDs with the rootkit
2. Get mega publicity hoping the sheeple will think they must be good CDs for having this "security" on them
3. Profit

I wonder if I can sue them for crappy music too.

That's not all (5, Funny)

JumperCable (673155) | more than 8 years ago | (#13998946)

I hear the trojan witter is also using an unusual distribution method. Ricky Martin CDs.

Re:That's not all (1)

falcon5768 (629591) | more than 8 years ago | (#13999080)

ahh see right there he is pretty much garenteeing no one will be infected.

Re:That's not all (0)

Anonymous Coward | more than 8 years ago | (#13999237)

That would be funny if Ricky Martin didn't sell millions and millions of copies of his CDs.... Let me guess you're one of those people that listens to Franz Ferdinand and has a barb wire tattoo on his right bicep. Way to be different, you're truly a rebel! Don't conform because you're truly sticking it to the man....

$sys$porn (2)

KinkoBlast (922676) | more than 8 years ago | (#13998957)

Evil? Yes. But there are uses! Not that it has any affect on my Mac or Ubuntu box...

Well, I was debating buying a PS3 instead of a Nintendo Revolution. Not anymore!

Serves you right, CD buyers (1)

Seth Finklestein (582901) | more than 8 years ago | (#13998962)

What kind of ignorant assmaster buys CDs any more? Don't you know you can get your music legally for pennies on the dollar from Allofmp3.com [allofmp3.com] ? Allofmp3.com [allofmp3.com] sold me more than 1000 MB of music for just $20, and it's all legit. Why, I can find more music on Allofmp3.com [allofmp3.com] than I can on iTunes, eMusic, and KaZaA combined -- and it's all legit. Just go to Allofmp3.com [allofmp3.com] in Internet Explorer, Firefox, or even Safari! Remember, Allofmp3.com [allofmp3.com] is completely legitimate and legal and contains no DRM.

Sincerely,
Seth Finklestein
Proud user, Allofmp3.com [allofmp3.com]

Back again to Windows Security (5, Interesting)

Tibor the Hun (143056) | more than 8 years ago | (#13998967)

Can anyone explain if this rootkit prompts for a password when installing (during the autorun, I presume)

As an OS X user, I'd find it slightly odd that my music CD is prompting me for an administrative password.

But to stay on topic, I'm sure this is but one of the many exploits that will be based on this rootkit.
Does anyone have a comprehensive list of CDs that install it, and is it true that Sony has been using it since April?

Re:Back again to Windows Security (3, Interesting)

danrik (568865) | more than 8 years ago | (#13999032)

No, because 99.975% of Windows users run as super users.

On OS X, accounts marked as Administrators are really regular users who happen to have sudo powers, so you have to type in your password.

Re:Back again to Windows Security (2, Informative)

JadeNB (784349) | more than 8 years ago | (#13999062)

Can anyone explain if this rootkit prompts for a password when installing (during the autorun, I presume)
Under Windows, when you're logged in as the administrator, you don't need any further password to proceed with, say, installing a rootkit. If you're a Home user, you can't give limited privileges, so you have no option, for the vast majority of crappily-written software, but to install it as an administrator (albeit with Spybot S&D and StartupMonitor running in the background to catch the seventeen start-up items it thinks you now need).

Re:Back again to Windows Security (2, Interesting)

Tibor the Hun (143056) | more than 8 years ago | (#13999202)

OK, I've found a partial list, but according to the article SONY/BMG are not releasing a complete list:

Trey Anastasio, Shine (Columbia)
Celine Dion, On ne Change Pas (Epic)
Neil Diamond, 12 Songs (Columbia)
Our Lady Peace, Healthy in Paranoid Times (Columbia)
Chris Botti, To Love Again (Columbia)
Van Zant, Get Right with the Man (Columbia)
Switchfoot, Nothing is Sound (Columbia)
The Coral, The Invisible Invasion (Columbia)
Acceptance, Phantoms (Columbia)
Susie Suh, Susie Suh (Epic)
Amerie, Touch (Columbia)
Life of Agony, Broken Valley (Epic)
Horace Silver Quintet, Silver's Blue (Epic Legacy)
Gerry Mulligan, Jeru (Columbia Legacy)
Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
The Bad Plus, Suspicious Activity (Columbia)
The Dead 60s, The Dead 60s (Epic)
Dion, The Essential Dion (Columbia Legacy)
Natasha Bedingfield, Unwritten (Epic)

Re:Back again to Windows Security (4, Funny)

jcostantino (585892) | more than 8 years ago | (#13999241)

The delicious irony in that is that titles like, "Healthy in Paranoid Times," "Get Right With the Man," "Nothing is Sound," "The Invisible Invasion," "Phantoms," "Life in Agony," and "Suspicious Activity" all install the rootkit and compromise your computer.

Sony can't deny this (1)

mmzplanet (904697) | more than 8 years ago | (#13998974)

This just added evidence to the California lawsuit. Let's see how Sony backs up its security claims now. How many more lawsuits will we see before all is said and done.

We all knew the rootkit was a security issue. Is it really a shock that theres a trojan taking advantage?

Re:Sony can't deny this (1)

xmas2003 (739875) | more than 8 years ago | (#13999243)

I predict a LOT of lawsuits ... while I'm not fan of lawyers, Sony is going to get (rightfully so) hammered on this one.

p33 (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#13998977)

eat a p33 bomb

On what platforms does Sony DRM rootkit work? (1)

UR30 (603039) | more than 8 years ago | (#13998990)

What versions of Windows? Linux? Mac OS X? - Yet another reason to switch?

Re:On what platforms does Sony DRM rootkit work? (1)

Frankie70 (803801) | more than 8 years ago | (#13999192)


  What versions of Windows? Linux? Mac OS X? - Yet another reason to switch?


Why do you think sony has a rootkit for Windows - only because
it's the most dominant OS.

Do you think it's difficult to write a rootkit for Linux or Mac OSX?

Rootkits aren't exploits or security holes.

I don't have this problem. (0)

Anonymous Coward | more than 8 years ago | (#13999004)

I don't have this problem. I choose to run Linux.

Re:I don't have this problem. (0)

Anonymous Coward | more than 8 years ago | (#13999149)

Sadly, no one on Earth chooses to care what you choose to run.

Sony's actions recently mean they've lost my money (3, Interesting)

hattig (47930) | more than 8 years ago | (#13999019)

I don't know if they are selling these DRM encrusted music discs in the UK, but if they are, each and every one of them will be breaching the 1990 Computer Misuse Act, and in a way that the act does cover - namely it alters the system without your approval or knowledge. What is doubly sad is that the software was written by a British company. Still, makes it easier to sue them.

Secondly, does this rootkit install even if you are logged in as a normal Windows user, not Administrator? That suggests a security hole in Windows. However I suspect the issue is Windows making users Administrator by default, which is a really dumb system, security wise.

Re:Sony's actions recently mean they've lost my mo (3, Informative)

Daedala (819156) | more than 8 years ago | (#13999140)

El Reg [theregister.co.uk] says that Sony UK says they are not selling them in the UK.

Ahhh, Sony (5, Funny)

PhilHibbs (4537) | more than 8 years ago | (#13999021)

It wouldn't be right if the day went by without a Sony Rootkit story on Slashdot. Seriously, I can't get enough of this story, it's what Slashdot was invented for.

SONY, redefining DRM (5, Funny)

Anonymous Coward | more than 8 years ago | (#13999041)

Disappearing Rootkit Malware

Fun with $sys$ (5, Funny)

Anonymous Coward | more than 8 years ago | (#13999081)

Sony just loves everyone $sys$anally. They are the greatest company ever when it comes to technology $sys$that $sys$sucks. Everyone is gonna love $sys$to $sys$hate Sony, and they will $sys$not buy any Sony product that they see. It's because Sony loves $sys$to $sys$fuck $sys$with their customers.

sony vs. microsoft (3, Interesting)

doyoulikegoatseeee (930088) | more than 8 years ago | (#13999095)

so does this at all put sony in hotwater with microsoft legally? perhaps this rootkit, trojan email or not, violates the windows eula.

This is why I don't like the "self-help" approach (0, Flamebait)

ShatteredDream (636520) | more than 8 years ago | (#13999104)

I am a hardcore libertarian on most political issues. My ideal society has no gun control except on those currently in a mental institute or a prison, almost no taxes, little regulation, nearly absolute property rights (including an elimination of eminent domain in most cases) and many of the other things you'd associate with the libertarian philosophy. I even support the RIAA suing the hell out of thousands of file sharers because I've lost all sympathy for people who want music but aren't willing to *gasp* pay for it.

What I cannot support is the poorly veiled vigilantism that passes for the concept of "self-help" in IP circles. It is not the same as sitting on your porch with a shotgun when looters are running rampant like in New Orleans, rather it's akin to hiring a private army to go through New Orleans and preemptively shoot anyone that looks like a looter without any sort of governmental or moral authority backing you. This is exactly what you get from that concept and it should now become apparent to everyone but the most academic copyright expansionists that "self-help" is anathema to a society that values the rule of law and private property rights.

It's also ironic that many supporters of this idea are enamored with John Locke who would have had a raving shit fit if someone tried to tie classical liberalism and "self-help." The very point of establishing a government in the first place according to classical liberal theory is "to make all men bound to one law." "Self-help," in liberal terms, is the opposite because it makes as Locke would have said, "every man a law unto himself."

Then again this is what happens when people limit themselves to voting for the corporatist party (Republicans) versus the socialist party (Democrats). Either way you get a system where big institutions are allowed to become laws unto themselves. *Cue some leftist to come tell me how socialism works, how no American understands Real Socialism(tm) and why Capitalism is absolutely identical in practice to Italian Fascism*

Slashdotters heads to explode (1, Troll)

Prince Vegeta SSJ4 (718736) | more than 8 years ago | (#13999113)

IBM, Sony, and Philips are creating a Linux adoption..

wohoooooooo Evil Sony DRM

noooooooooo IBM, Sony, and Philips are creating a Linux adoption..

wohoooooooo Evil Sony DRM

noooooooooo IBM, Sony, and Philips are creating a Linux adoption..

wohoooooooo Evil Sony DRM

infinite loop, brain shu u ut ing d o wwwwn

noooooooooo IBM, Sony, and Philips are creating a Linux adoption..

wohoooooooo Evil Sony DRM

noooooooooo

Lawsuits if this thing DDoSes the net (3, Interesting)

G4from128k (686170) | more than 8 years ago | (#13999118)

I've often wondered if non-users of product X can sue the maker of product X if said product causes a major disruption of the internet.


If someone creates a worm that exploits a negligent design flaw in Sony's DRM or Microsoft Windows, then couldn't the affected sue Sony or Microsoft? This would include non-users of these products whose internet usage was disrupted. And as someone who does NOT use DRMed Sony CDs or Microsoft Windows, I have NOT agreed to these company's EULAs with all their legalese of limited liability. Thus non-users may have more rights to sue than users of these products.

IANAL. Any thoughts?

Which IRC servers? (1)

Smidge204 (605297) | more than 8 years ago | (#13999124)

Are the IRC servers the bot connects to public? If so, has the staff of those networks been informed so that can prevent the zombies from connecting? (Presumably by blocking port 8080 and/or gline anyone joining #sony)

If the IRC servers are private, will the owners be investigated?

Can we be just a little proactive in containing this?
=Smidge=

Infected with DRM (4, Interesting)

saskboy (600063) | more than 8 years ago | (#13999131)

Here's the Slashdot crowd's chance to get the phrase invented by a Slashdotter out in the public eye. It's important that the public learn that DRM is a bad thing, and this is simply one way to tell them plainly how it is bad. DRM breaks their computer, or makes their life more difficult.

"Infected with DRM"
        Sony's rootkit has also been linked to Windows crashes, which isn't surprising to me. Most spyware causes instability in Windows because it is poorly written and designed to break parts of Windows to protect itself from removal. Sony writes, "This component is not malicious and does not compromise security. However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers."
The incongruence of their words, is not startling to me, as they are playing a PR game to hide the fact that they messed up people's computers, and made them vulnerable to an attack that hasn't gained popularity yet, but now surely will. Virus writers will be able to easily hide their virus files using programs like Sony's cloaking DRM. Sony is lying that their cloaking DRM does not compromise security of an infected computer.
http://www.informationweek.com/story/showArticle.j html?articleID=173601122 [informationweek.com]

Current windows versions... (1)

Aggressiva (883402) | more than 8 years ago | (#13999134)

Don't allow the user to execute email attachments. You know if this was a virus/worm/trojan for linux slashdot would be pretty quick to write up that current versions aren't affected. But they get off on the 500 "oh noes I'm going to switch right now" posts, which if half were true, Mac and linux wouldn't be at 3 and 1 percent market share..

This might be a good thing (1)

Robber Baron (112304) | more than 8 years ago | (#13999153)

because it should force the antivirus companies to release a rootkit removal tool/virus definition update covering this little bit of nastiness.

I blame the Windoze users (-1, Troll)

Anonymous Coward | more than 8 years ago | (#13999168)

How many times are you Windoze users going to allow yourselves to get raped? When will you learn that using Micro$oft's spawn is the equivalent of spreading your legs in public? The broken architecture of Windoze is the problem here. Quit wallowing in your victimhood and use a free, secure *nix, whether it's GNU/Linux or BSD. At least you'll preserve your dignity in the face of withering corporate rape attempts.

Why class action? (0)

Anonymous Coward | more than 8 years ago | (#13999182)

Sue them in small claim court, tie up their resource (lawyer)

Perfect recipe for a successful trojan. (1)

Caspian (99221) | more than 8 years ago | (#13999190)

Well, almost perfect.

This is a great recipe for a successful trojan: Appeal to the vanity of ignorant, Windows-using suits (of which there are countless millions). It's sort of a cousin to the standard 419 scam: By appealing to greed, you convince the person to do something stupid (in the case of 419 scams, giving information to someone who promises something "too good to be true"; in this case, opening an attachment to an email that promises something "too good to be true").

Also noteworthy is the fact that the Windows-using suits are too stupid to realize that major business magazines (like other suit-run organizations) are hopelessly corporate, and thus are used to using phones first... not email first. So they wouldn't think to call and verify before blindly opening the attachment. (Of course, the fact that "opening attachments can hurt you" has not yet penetrated the thick fog in which most computer users perpetually wander. They can grasp the idea that "opening your door when someone knocks can hurt you", yet somehow the equivalent concept in computers evades them, since computers to them are magical fairy boxes that don't operate by the regluar laws of logic.)

Ah, but there is a flaw in the use of such a scheme in a trojan. The stupid Windows-using suits have money and power. Thus, I expect the person who wrote this trojan to be found, probably after a massive manhunt. Meanwhile, Jerome Brown from the ghetto, who raped LaQuaandah White from the ghetto, remains on the loose, since it's more important to attend to the needs of corporate America.

Just another day in American "justice"...

late (1)

towsonu2003 (928663) | more than 8 years ago | (#13999203)

that took too long. are trojan & virus creators sleeping??!! (flamebait)

but seriously now, why didn't this news (at least the rootkit) appear on the major news agencies? censorship maybe?

BluRay, anyone? (0)

Anonymous Coward | more than 8 years ago | (#13999219)

The scariest bit of this story, IMO, is that Sony is doing this. The same Sony that's pushing the BluRay disc format. The same format that has no required end-user protections [arstechnica.com] . Imagine if the BluRay drivers themselves were essentially rootkits. HD DVD sounds better and better, if even for the fact that its not a Sony product.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...