X
Tech
Home Tech Security

Sony offers removal and replacement for rootkit DRM

By way of ZDNet reader Barb Bowman comes news that Sony BMG is moving quickly to clean up the PR disaster that ensued after Mark...
Written by David Berlind, Inactive

By way of ZDNet reader Barb Bowman comes news that Sony BMG is moving quickly to clean up the PR disaster that ensued after Mark Russinovich provided an incredibly detailed account of how the company was including Digital Restrictions Management (DRM) software on its artists' CDs that, like Trojan horses, not only surreptitiously installed itself on PCs, but used a common-to-malware technique known as a rootkit to cloak itself in a way that made discovery and/or removal of the software very difficult. 

As if news of the underhanded technique wasn't bad enough for Sony BMG, the situation spiraled even further out of control when it became apparent that Russinovich's exposure of the rootkit's details may have given hackers the hall pass they needed to treat the rootkit as a back door entry point into "infected" systems.  IT managers should take note since there's a likelihood that the CDs have been used in business systems. 

Sony promised a fix and now, within days of the rootkit's discovery (and subsequent outrage that spread on the Net like wildfire) that fix is apparently already available.  According to Bowman's blog, "Sony BMG and First 4 Internet have just released an update that will completely remove the rootkit based DRM content protection software and replace it with anon-rootkit DRM technology that is compatible with all current security protocols."  Oddly, the downloadable fix is being referred to as "Service Pack 2"  but it should not be confused with Microsoft's Service Pack 2 for Windows XP.  Whereas the fix only handles substitution of the new DRM technology for the old rootkit-based on, Sony is apparently providing another form-based process for removal altogether.  However, the removal procedure reveals yet another minor gaff that Sony says it hopes to have corrected later this month: it requires Internet Explorer and ActiveX.  

One question I have, in case anybody knows the answer, is what happens when you put one of these CDs into a non-Windows computer (ie: Mac or Linux).

Editorial standards
Show Comments

Related

The Apple Watch Ultra 2 with an Atlantic Blue Nomad Rugged Band.

6 reasons to buy an Apple Watch, according to a wearables expert

Linus Torvalds and Dirk Hohndel, Open Source Summit North America 2024

Linus Torvalds takes on evil developers, hardware errors and 'hilarious' AI hype

Placeholder product image alt text

The best AI image generators to try right now