Back in November it was discovered that Media giant Sony was secretly installing rootkits on it’s music CD’s along with it’s anti-piracy software on users PC’s. The software was supposed to enforce Sony’s policy of allowing the owner of the CD to only make a predetermined amount of copies of the CD. There was a privacy Statement that appeared when the disk was read by the PC informing the user of the media player installation, but made no mention of the rootkit that is installed as well. Mark Russinovich from System Internals who also found that the Rootkits made Windows systems vulnerable to attacks, unstable, and attempting to uninstall the code would further impair your system discovered all of this.
Since Sony has gotten caught with it’s hand in the cookie jar they have, as one would naturally expect, suspended the deployment of anti-piracy software with their music CD’s. Or have they.
Sony had unbelievably announced on December 7th that there was a flaw with another anti-piracy software called Mediamax, which is being unknowingly installed by the public. This time the company is SunnComm and, although it’s not a virus being written to your Operating System, the effects can leave your system vulnerable to attacks.
It appears as though anyone who plays one of these “protected” Sony music CD’s on their PC’s (here’s a list of the CD’s that host the anti-piracy software) and has autoplay enabled (which is just about everybody) installs this application. There is a privacy agreement that appears but again makes no mention as to the full extent of the code being written to your system.
The Security hole introduced by this intrusive code apparently allows guest accounts total administrators rights, which can render one of the fundamental security procedures useless. That, of course, is the proceedure of only using the administrator account when you need to because most viruses can’t write files to your system when you are logged in as a Limited user.
Apparently after more studies it has also been found that the Mediamax anti-piracy software has more tricks up its sleeve. After explicitly making the point on their website as well as in the privacy statement that it does not capture personal information, the program was noticed sending out information about you and your system back to their servers. The program will ‘phone home” whenever you listen to one of the Sony CD’s and could possibly give up information like what other media CD’s you have on your system, your IP address and more. To what extent this information is being used is unknown. But, after what Sony has already done, the last thing I would give them would be the benefit of the doubt.
This is actually more of a flaw than a blatant attack that was discovered by the EFF (Electronic Frontier Foundation) on Dec 6, who immediately informed Sony of the programs bug. SunnComm then released a patch in an effort to straighten things up and scurry out from underneath the public’s attention as soon as possible. The patch however doesn’t help and as a matter of fact apparently only succeeds to further corrupt the host system according to Princeton computer science professor Ed Felten.
Since Sony’s announcement users have been urged to not only ignore the patch but also to refrain from playing Sony music CD’s at all on your PC. In addition to this Sony has also been urged to recall over 6 million CD’s with the Mediamax protection, which are already on the store shelves. I don’t know what it will take for Sony to learn what is going to far.
Well I don’t know but I’m sure the avalanche of Class action lawsuits help.
– Chad Stelnicki