Caution SONY Music CDs have trojan Malware

  • Thread starter Sony Music CDs install Malware
  • Start date
S

Sony Music CDs install Malware

Whether you are a web surfer or a C++ developer, if you use Windows be
cautioned about SONY music CDs. They contain 'viewer' type software that is
actually a trojan horse for a "rootkit". The licence agreement gives no
indication whatsoever that the 'viewer' software contains the implementation
of a nasty near-impossible to remove rootkit software.

http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html

http://www.techdirt.com/articles/20051101/1514209_F.shtml

http://www.theregister.co.uk/2005/11/03/secfocus_drm/

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit viruses that are near impossible to
remove.
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
http://www.techdirt.com/articles/20051101/1514209_F.shtml
 
D

Dustin Cook

Sony said:
Whether you are a web surfer or a C++ developer, if you use Windows be
cautioned about SONY music CDs. They contain 'viewer' type software that is
actually a trojan horse for a "rootkit". The licence agreement gives no
indication whatsoever that the 'viewer' software contains the implementation
of a nasty near-impossible to remove rootkit software.

http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html

http://www.techdirt.com/articles/20051101/1514209_F.shtml

http://www.theregister.co.uk/2005/11/03/secfocus_drm/

Sheesh. It's not a rootkit, it's not a virus, and it's not near
impossible to remove for anybody who isn't simply an end-user. The
register should be ashamed.

Regards,
Dustin Cook
 
S

Sony Music CDs install Malware

Dustin Cook said:
Sheesh. It's not a rootkit, it's not a virus, and it's not near
impossible to remove for anybody who isn't simply an end-user. The
register should be ashamed.

Regards,
Dustin Cook

No, it's SONY that should be ashamed. You should read the lic. agreement for
the nasty thing. There's no way anyone would realize they were installing
software that uses sophisitcated rootkit techniques. And, yes, it is very
difficult to remove. Simply deleting the files [once their cover's been torn
off] usually renders the CD-ROM drive unusable. One "fix", for instance, was
recently published by SONY, but it didn't actually remove it .. it simpled
made the super-hidden files visible. So, no shame on the Register .. shame
on SONY.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit viruses that are near impossible to
remove.
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
http://www.techdirt.com/articles/20051101/1514209_F.shtml
 
S

Sony Music CDs install Malware

Dustin Cook said:
Sheesh. It's not a rootkit, it's not a virus, and it's not near
impossible to remove for anybody who isn't simply an end-user. The
register should be ashamed.

Regards,
Dustin Cook

Mr. Cook:

No, it's SONY that should be ashamed. You should read the lic. agreement for
the nasty thing. There's no way anyone would realize they were installing
software that uses sophisitcated rootkit techniques. And, yes, it is very
difficult to remove. Simply deleting the files [once their cover's been torn
off] usually renders the CD-ROM drive unusable. One "fix", for instance, was
recently published by SONY, but it didn't actually remove it .. it simpled
made the super-hidden files visible. So, no shame on the Register .. shame
on SONY.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit viruses that are near impossible to
remove.
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
http://www.techdirt.com/articles/20051101/1514209_F.shtml
 
R

relic

Sony said:
Dustin Cook said:
Sheesh. It's not a rootkit, it's not a virus, and it's not near
impossible to remove for anybody who isn't simply an end-user. The
register should be ashamed.

Regards,
Dustin Cook

Mr. Cook:

No, it's SONY that should be ashamed. You should read the lic.
agreement for the nasty thing. There's no way anyone would realize
they were installing software that uses sophisitcated rootkit
techniques. And, yes, it is very difficult to remove. Simply deleting
the files [once their cover's been torn off] usually renders the
CD-ROM drive unusable. One "fix", for instance, was recently
published by SONY, but it didn't actually remove it .. it simpled
made the super-hidden files visible. So, no shame on the Register ..
shame on SONY.


Ignore Dustin, he's a self-appointed expert on things he knows little about.
 
D

Dustin Cook

relic said:
Ignore Dustin, he's a self-appointed expert on things he knows little about.

Psst. Relic, get a clue, son. Look up raidslam virus writer. I know wtf
viruses are, rootkits etc, I've authored many of them, you freaking
idiot. :)

Checkout virusbulletin sometime if you don't believe me, I'm known by
fucking name (Dustin Cook/Raid) as the author of Toadie virus, Irok
virus, Krile, Creed, Kremlin, etc etc etc.

Better yet, Ask alt.comp.virus who I am, and if I know wtf i'm talking
about. I'll make it easier, I've crossposted it to them, you fucking
idiot.

Okay.. Off my soapbox now...

Regards,
Dustin Cook
 
D

Dustin Cook

Sony said:
No, it's SONY that should be ashamed. You should read the lic. agreement for
the nasty thing. There's no way anyone would realize they were installing
software that uses sophisitcated rootkit techniques. And, yes, it is very
difficult to remove. Simply deleting the files [once their cover's been torn
off] usually renders the CD-ROM drive unusable. One "fix", for instance, was
recently published by SONY, but it didn't actually remove it .. it simpled
made the super-hidden files visible. So, no shame on the Register .. shame
on SONY.

Do you know what the hell a rootkit even is? It doesn't really apply to
Windows, Unix has root user, not windows. As for a virus, the sony
modules do not replicate. They have no worm ability, they have no viral
infection ability. IE: They aren't viruses.

If you remove the files by force, and you can easily; they can't very
well hide if windows isn't running, now can they? Nope, they can't.
Various CDs are available to boot windows with full access to ntfs
without RUNNING YOUR OS. Which means, NO hiding anything. Files can be
done what you like with. When you reboot, yes, your cdrom drives are
busted. Several other apps break them, it's a known problem with them
and windows. Clone cd, easy cdcreator, hell, even a bad uninstall of
nero will break them. It consists of two registry keys to fix it.
Delete them, and reboot.

now aside from a general end user not knowing how to boot from a cd
such as a bart disc, or knowing how to use the registry editor, WHERE
IS THE DIFFICULTY?

Regards,
Dustin Cook
http://bughunter.atspace.org
 
J

Justin

Relic, would you care to disprove the SysInternals page if you are
going to insult the person warning others of this?
 
S

Sony Music CDs install Malware

Dustin said:
Sony said:
No, it's SONY that should be ashamed. You should read the lic.
agreement for the nasty thing. There's no way anyone would realize
they were installing software that uses sophisitcated rootkit
techniques. And, yes, it is very difficult to remove. Simply
deleting the files [once their cover's been torn off] usually
renders the CD-ROM drive unusable. One "fix", for instance, was
recently published by SONY, but it didn't actually remove it .. it
simpled made the super-hidden files visible. So, no shame on the
Register .. shame on SONY.

Do you know what the hell a rootkit even is? It doesn't really apply
to Windows, Unix has root user, not windows. As for a virus, the sony
modules do not replicate. They have no worm ability, they have no
viral infection ability. IE: They aren't viruses.

If you remove the files by force, and you can easily; they can't very
well hide if windows isn't running, now can they? Nope, they can't.
Various CDs are available to boot windows with full access to ntfs
without RUNNING YOUR OS. Which means, NO hiding anything. Files can be
done what you like with. When you reboot, yes, your cdrom drives are
busted. Several other apps break them, it's a known problem with them
and windows. Clone cd, easy cdcreator, hell, even a bad uninstall of
nero will break them. It consists of two registry keys to fix it.
Delete them, and reboot.

now aside from a general end user not knowing how to boot from a cd
such as a bart disc, or knowing how to use the registry editor, WHERE
IS THE DIFFICULTY?

Regards,
Dustin Cook
http://bughunter.atspace.org

Hi Dustin - thanks for the reply:

Well, it has been demonstarted it doesn't replicate .. yet. A better
discription might have been "diseased shitware" rather than virus. My
mistake.

I don't know what you are blabbering on about vis s vis rebooting computers.
The SONY diseased shitware doesn't boot the computer, rather, it infests the
computer. When the authors wrote the diseased shitware they employed rootkit
techniques.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit malware that are near impossible to
remove.
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
http://www.techdirt.com/articles/20051101/1514209_F.shtml
 
S

Sony Music CDs install Malware

Dustin said:
Psst. Relic, get a clue, son. Look up raidslam virus writer. I know
wtf viruses are, rootkits etc, I've authored many of them, you
freaking idiot. :)

Checkout virusbulletin sometime if you don't believe me, I'm known by
fucking name (Dustin Cook/Raid) as the author of Toadie virus, Irok
virus, Krile, Creed, Kremlin, etc etc etc.

Better yet, Ask alt.comp.virus who I am, and if I know wtf i'm talking
about. I'll make it easier, I've crossposted it to them, you fucking
idiot.

Okay.. Off my soapbox now...

Regards,
Dustin Cook

Mr. Cook:

We know already it's not necessarily a true virus. I put the term in my sig,
more to get attention because "rootkit" wouldn't mean a thing to anyone
whereas "virus" means lousy malicious software. For now on I will refer to
the SONY software as "malware" or "diseased shitware".

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit like malware that are near impossible to
remove.
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
http://www.techdirt.com/articles/20051101/1514209_F.shtml
 
D

Doug Chadduck

Today's news has Sony eating the whole deal and offering software to
remove what they put into peoples machines. Check their website it says
 
R

relic

Justin said:
Relic, would you care to disprove the SysInternals page if you are
going to insult the person warning others of this?


Following attributes is not your strong suit, is it. Re-check the thread and
see if you can locate my insulting "Sony Music CDs install Malware"
anywhere.

Now **** off.
 
D

Dustin Cook

Sony said:
Hi Dustin - thanks for the reply:

Well, it has been demonstarted it doesn't replicate .. yet. A better
discription might have been "diseased shitware" rather than virus. My
mistake.

diseased shitware sounds fine to me. DRM typically wouldn't have a need
to replicate. Replication is a pain in the ass, for compatability
reasons. Sony did what was best in terms of overall compatability for
windows. I'm not defending the stunt mind you, only respecting the
intent.
I don't know what you are blabbering on about vis s vis rebooting computers.
The SONY diseased shitware doesn't boot the computer, rather, it infests the
computer. When the authors wrote the diseased shitware they employed rootkit
techniques.

First of all, the blabbering was a pretty straight forward way of
removing the offending software; The software cannot hide if you use
ultimate boot cd, knoppix, bartpe, etc. The reason it cant hide is
because your computer is operating from that cd's OS, not it's own.
Since it's own OS was never loaded, neither was the offensive software.
None of it.

Second, It doesn't infest anything. The method it uses is actually
pretty clean, and a design of windows. The software is malicious only
in the sense you don't know what it's actually upto; Probably aren't
warned it's installed, and it can be a slightly tedious task of
removing it. But it's harm to your system isn't. It reroutes your cdrom
access thru it's own drivers. CloneCD does this as well. :) If you
remove it's drivers, windows disables cdrom; It isn't going to load
just any drivers, if it cant load the ones the registry says to; no
cdrom.

To remove it is a matter of cleaning up the files, theirs really no
need to play cat and mouse with it if you don't boot the host OS.
bartpe is a nice time saver. Once the files are gone, you can run
regedit from bart and mount the software hive, remove the offending
keys, unmount the hive, and reboot to the host OS. Windows will reset
your cdrom access back to it's own default drivers. If you have burning
software, you may need to reinstall it to re-enable burning features.

That's what I was blabbering about. :)

Regards,
Dustin Cook
http://bughunter.atspace.org
 
D

Dustin Cook

relic said:
Following attributes is not your strong suit, is it. Re-check the thread and
see if you can locate my insulting "Sony Music CDs install Malware"
anywhere.

Now **** off.

I'm still wondering what problems your feeble little mind is possibly
capable of either solving or assisting in solving. You have got to be
one of the dumbest little shits I've ever come across on usenet. You
know, back in my Raid vx days; I didn't encounter people as mouthy and
ignorant at the same time as you've been the last few days. Not even on
irc. Even the fucking aolers had more brains then you. Christ. When I
get a chance to meet morons like you, it brings back fond memories of
vxing. Your such an ignorant shit. Callin me a liar, tellin me I don't
know shit about viruses. I've written many, I would think I know a
fucking thing or two about them. Whats the name of any you've written,
you dumb shit?

I've long since retired from vxing, and forgotten many of the routines;
But I still suspect what I forgot is more then you're ever going to
learn. Your not shit. Your never going to be shit. heh.. You fuckin
lamer. My God... And to think I spent days trying to defend myself, to
some stupid little blowhard like you. HAHAHA...

Regards,
Dustin Cook
http://bughunter.atspace.org
 
G

Geo

Dustin said:
To remove it is a matter of cleaning up the files, theirs really no
need to play cat and mouse with it if you don't boot the host OS.
bartpe is a nice time saver. Once the files are gone, you can run
regedit from bart and mount the software hive, remove the offending
keys, unmount the hive, and reboot to the host OS. Windows will reset
your cdrom access back to it's own default drivers. If you have burning
software, you may need to reinstall it to re-enable burning features.

And you think this is 'straight forward and easy', I've got no idea
what you're talking about, I don't even know what a 'hive' is let alone
how to [un]mount it !!!!
 
T

Towelie

Dustin - so don't buy Sony. Your choice. Why use the issue to try to
prove your perceived intellectual superiority over others? Inferiority
complex? Can't handle being contradicted?

Virus writers: idiots who think they're clever cos they can write 3
lines of javascript.
Virus writers who loudly claim "credit" for their supposed creations:
even bigger idiots.
People who claim to be virus writers when they obviously are not, then
use this imaginary "skill" to present themselves as smarter than
everybody else: the biggest idiots of all.

Did I just hear a virus writer calling somebody "lamer"? Now that's
very funny indeed. Why do people stick with writing viruses? Because
its so ridiculously easy. Doesn't even require any coding skills or
understanding of programming techniques whatsoever. So obviously anyone
who trumpets his own virus-coding skills doesn't have any.

BTW anyone who thinks the Sony DRM thing is an issue needs to google
"NSA key".
 
S

Sony Music CDs install Malware

Towelie said:
Dustin - so don't buy Sony. Your choice. Why use the issue to try to
prove your perceived intellectual superiority over others? Inferiority
complex? Can't handle being contradicted?

Virus writers: idiots who think they're clever cos they can write 3
lines of javascript.
Virus writers who loudly claim "credit" for their supposed creations:
even bigger idiots.
People who claim to be virus writers when they obviously are not, then
use this imaginary "skill" to present themselves as smarter than
everybody else: the biggest idiots of all.

Did I just hear a virus writer calling somebody "lamer"? Now that's
very funny indeed. Why do people stick with writing viruses? Because
its so ridiculously easy. Doesn't even require any coding skills or
understanding of programming techniques whatsoever. So obviously
anyone who trumpets his own virus-coding skills doesn't have any.

BTW anyone who thinks the Sony DRM thing is an issue needs to google
"NSA key".

The NSA key was an issue with Windows 2000. There was a comment left in the
code making reference to the an "NSA key". What it really was and what the
result of it all was no one in the public really knows. Since then though,
Microsoft has made its code available for review to gov'ts around the world.
Can the NSA and other security agencies backdoor into Windows 2000 ??
Windows XP ??

SONY wants to rule the media/computer via world DRM. And it is clear it will
go to insidious lengths to do so. The stealth software is just one attempt.
Blue Ray, of course, is one of their major thrusts. But don't to overlook
the stealth malware. It really does represent an attempt to wrest control of
the computer from its owner. And coming from the resources of SONY at that.
I know for sure I wouldn't like having my system infected with it.
Futhermore the diseased shitware is available to *other* virus/ malware
writers to opportune and leverage. The greed is so intense, eh?

SONY is off my list this Christmas .. forever. I just don't want their stuff
anymore.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit like malware that are near impossible to
remove.
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
http://www.techdirt.com/articles/20051101/1514209_F.shtml
 
S

Sony Music CDs install Malware

Dustin said:
diseased shitware sounds fine to me. DRM typically wouldn't have a
need to replicate. Replication is a pain in the ass, for compatability
reasons. Sony did what was best in terms of overall compatability for
windows. I'm not defending the stunt mind you, only respecting the
intent.


First of all, the blabbering was a pretty straight forward way of
removing the offending software; The software cannot hide if you use
ultimate boot cd, knoppix, bartpe, etc. The reason it cant hide is
because your computer is operating from that cd's OS, not it's own.
Since it's own OS was never loaded, neither was the offensive
software. None of it.

Second, It doesn't infest anything. The method it uses is actually
pretty clean, and a design of windows. The software is malicious only
in the sense you don't know what it's actually upto; Probably aren't
warned it's installed, and it can be a slightly tedious task of
removing it. But it's harm to your system isn't. It reroutes your
cdrom access thru it's own drivers. CloneCD does this as well. :) If
you remove it's drivers, windows disables cdrom; It isn't going to
load just any drivers, if it cant load the ones the registry says to;
no cdrom.

To remove it is a matter of cleaning up the files, theirs really no
need to play cat and mouse with it if you don't boot the host OS.
bartpe is a nice time saver. Once the files are gone, you can run
regedit from bart and mount the software hive, remove the offending
keys, unmount the hive, and reboot to the host OS. Windows will reset
your cdrom access back to it's own default drivers. If you have
burning software, you may need to reinstall it to re-enable burning
features.

That's what I was blabbering about. :)

Regards,
Dustin Cook
http://bughunter.atspace.org

Dustin is Wrong 1. That's not 'easy' removal DustinThat's skilled removal by
someone who knows the system and registry very well as well as some of the
tools that are available.

Dustin is Wrong 2. And it is an infestation if special tools are needed for
a removal. A while-the-system-is running Reg key delete and file delete is
simple removal .. what you are describing is not .. what you are describing
is removing a diseased infection.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit like malware that are near impossible to
remove.
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
http://www.techdirt.com/articles/20051101/1514209_F.shtml
 
S

Sony Music CDs install Malware

Dustin said:
I'm still wondering what problems your feeble little mind is possibly
capable of either solving or assisting in solving. You have got to be
one of the dumbest little shits I've ever come across on usenet. You
know, back in my Raid vx days; I didn't encounter people as mouthy and
ignorant at the same time as you've been the last few days. Not even
on irc. Even the fucking aolers had more brains then you. Christ.
When I get a chance to meet morons like you, it brings back fond
memories of vxing. Your such an ignorant shit. Callin me a liar,
tellin me I don't know shit about viruses. I've written many, I would
think I know a fucking thing or two about them. Whats the name of any
you've written, you dumb shit?

I've long since retired from vxing, and forgotten many of the
routines; But I still suspect what I forgot is more then you're ever
going to learn. Your not shit. Your never going to be shit. heh.. You
fuckin lamer. My God... And to think I spent days trying to defend
myself, to some stupid little blowhard like you. HAHAHA...

Regards,
Dustin Cook
http://bughunter.atspace.org

Justin:

Actually, Relic is right ['usually is]. I think you followed the thread
wrong.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit like malware that are near impossible to
remove.
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
http://www.techdirt.com/articles/20051101/1514209_F.shtml
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top