Blackhacker

BetaNews | Oops — New Sony DRM Patch Insecure
Oops — New Sony DRM Patch Insecure
By Nate Mook, BetaNews
December 8, 2005, 11:40 AM

Just one day after jointly announcing a patch to correct a security flaw in the SunnComm MediaMax copy protection included on 27 CDs, Sony BMG and the Electronic Frontier Foundation are urging users not to install it. The update includes a vulnerability similar to the one it attempted to fix.

SunnComm’s MediaMax version 5 software does not properly protect a directory it installs, opening the door for a privilege escalation attack. Thus, a restricted user account could replace the executables within the MediaMax directory with malicious code, which would then be executed by an administrator upon inserting a CD.

Sony introduced a DRM technology that automatically installs on you PC, called XCP. The idea was that it would interject an keep you from ripping the CDs. It is installed when you try to play a CD with the software on it. Another word for this type of software is a rootkit. The story was broke by blogger and hacker Mark Russinovich No small uproar went through the Internet.

The outcry was so great that on Nov. 11, Sony announced it was temporarily halting production of that copy-protection scheme. That still wasn’t enough — on Nov. 14 the company announced it was pulling copy-protected CDs from store shelves and offered to replace customers’ infected CDs for free.

But that’s not the real story here.

It’s a tale of extreme hubris. Sony rolled out this incredibly invasive copy-protection scheme without ever publicly discussing its details, confident that its profits were worth modifying its customers’ computers. When its actions were first discovered, Sony offered a “fix” that didn’t remove the rootkit, just the cloaking. (from wired)

Not only that but it left a security vulnerability. As you may realize people play CDs EVERY FREAKING WHERE there is PC. That’s why the rootkit was found on DOD and Dept. of Homeland Security PCs. It is estimated that 1,500,000 computers world wide are infected.

What do you think of your antivirus company, the one that didn’t notice Sony’s rootkit as it infected half a million computers? And this isn’t one of those lightning-fast Internet worms; this one has been spreading since mid-2004. Because it spread through infected CDs, not through Internet connections, they didn’t notice? This is exactly the kind of thing we’re paying those companies to detect — especially because the rootkit was phoning home.

Phoning home means that the rootkit was contacting Sony though the Internet.

Lastly, it turns out that Sony’s rootkit was based on software developed by DVD Jon who’s broke Sony’s encryption and release a program on the Internet that allowed someone to rip DVDs. (link)

So to answer the the question in the title :

YOU BLACK AS &@$$ !!!

list of CDs said to have XCP:1 2 3

RootKit Revealer