How to destroy your computer in one easy step.
- Insert new Song/BMG CD
- Done
But wait: my story gets better.
So this rootkit won't actually compromise your computer, but according to the antivirus company F-Secure, it's only a matter of time before virus writers just start storing their viruses using the naming conventions that Sony have helpfully masked on your computer. And then once you're infected.. well, removing a rootkit is considered so difficult that it's better just to reformat the entire hard drive.
But let's, for the sake of argument, say you're the sort of geek who knows how to find rootkits. So you find it using a scanning program because you know what you're looking for. Then you just delete the hidden files, right?
Well, you could. But you'd then find that you just turned your CD drives into expensive junk. Attempting to remove the files will destroy the drivers that run your CD drives. And don't think about reinstalling them - that won't work either.
Any other bad news? Well, the software that's hidden by the rootkit likes to check that you're not playing a copy protected CD. Multiple times a second. This translates into a 1-2% consumption of your computer's processing power.. well, permanently. But don't worry. You won't be able to find it to switch it off.
You can't uninstall it if it's causing problems and conflicting, you can't see it while it's running, I should add that it also runs if you boot your computer in "safe" mode (the mode that's supposed to strip everything out so you can run diagnostics and find problems).. there is just no end to the "bad" contained in this DRM software. It has the potential to be horribly destructive, it degrades your system's performance and fundamentally alters your operating system, and it opens a door for virus writers to use. Words fail me when I try to quantify how bad an idea this is.
As I said yesterday, across what's becoming known as the "blogosphere" this has really exploded in the last 24 hours. It's also making it into the major news media, albeit only in small fillers. Some good links:
The story that started it all, Sysinternals containging techie insight into exactly what Sony are doing and the fight to remove the bloody thing from a system.
Why are Sony doing this? One writer believes to fight with iTunes (the DRM isn't compatible with iTunes). I don't buy it, I think that that's just a fortunate side effect for the record companies and maybe a bad attempt at misdirection.
PC Pro have a story on the virus risks: Sony rootkit DRM to spark copycat viruses
One article worries that this will cause a huge drop in CD sales. Corporations won't be able to take the risk of having CDs put into their systems, and when people can't listen at work, they'll stop buying. The fear of CDs is already building.
PC World goes further and asks Is Sony Trying to Destroy the CD Format? Probably not, but their actions may have the same effect. If this sort of DRM isn't pulled immediately, then it will simply not be safe for users to purchase new CDs - ironically, probably pushing more people into purchasing from iTunes and other online music vendors, just what other have suggested Sony are trying to prevent.
Finally, a discussion of the legal issues surrounding all of this. Sony have already given a statement saying they're going to take the method for hiding files out of the software. From the comments of that post:I have already started discussion with law enforcement here in the UK regarding this matter. What makes the situation worse has been the actions of Sony in the last 24 hours.
First they release this "patch" saying it will unhide the "rootkit" then in a public statement, they claim they have found new ways to hide their software. Yet people are supposed to believe this new software is not just as bad just hidden in another way?
Secondly, they state (again as a public statement) that the CD has only been sold in the US and that there are no copy protected CD from Sony anywhere in the UK. It took me 30 seconds to find an Avril Lavigne CD in my collection which is distributed by BMG and has copy protection software on it and is in the UK. Furthermore the FAQ on their own website states that they only produce one commercial version of an album for the whole world and that they all have Sony copy protection on them. So again they have lied, and again they have violated the Sales of Goods and Services Act in the UK by publicly misrepresenting their products, as there most certainly are cds in the UK from Sony with copy protection.
They also made another public statement that the software does not add any security risks to the consumer's computer. This is another lie, as has been clearly demonstrated, any system that is running this "rootkit" is vulnerable to other malicious software cloaking itself behind it. So again, a breach of the Sales of Goods and Services Act.
Not to mention how they changed the EULA in order to try and cover themselves in light of the public outrage over this matter. What about people who do not have internet connections? How do they get the patch or view the new EULA?
I have stated elsewhere that all Sony CDs should be removed from the shelves of retailers in the UK until such time as the legal issues surrounding this scandal are clarified. Failure to do this, will leave millions of people at risk, simply through being able to buy one of the "20" titles released with this "protection" embedded.
US consumers, on the other hand.. well, thanks to your Congress, removing the DRM software (if you can manage it) from your computer may actually be a violation of a recent digital rights act. Now, were you wondering who they worked for again? Don't expect the same sort of legal argument here - it's unlikely that any US laws were broken, the only thing that can stop this here is public outrage. And you should be outraged. This is such a gross violation of the trust put in Sony if you buy their product that it's hard to know where to start.
Oh, by the way, those of you who use Linux and Macs? Yesterday I said you could be smug. None of this software works in the slightest on your systems.
For more, try using Google's new Blogsearch.