Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Researcher: Sony BMG "rootkit" still widespread
Robert Lemos, SecurityFocus 2006-01-16

WASHINGTON D.C. -- Hundreds of thousands of networks across the globe, including many military and government networks, appear to still contain PCs with the controversial copy-protection software installed by music discs sold by media giant Sony BMG, a security researcher told attendees at the ShmooCon hacking conference this weekend.

Comments Mode:
Researcher: Sony BMG "rootkit" still widespread 2006-01-16
Anonymous
What are the options in dig to see if a specific DNS server has a particular name cached?...

[ more ]  [ reply ]
Researcher: Sony BMG "rootkit" still widespread 2006-01-16
Anonymous
So is doxpara research contributing to the issue or attempting to devise ways of helping organizations secure their networks to prevent this type of issue affecting their networks ?...

[ more ]  [ reply ]
Researcher: Sony BMG "rootkit" still widespread 2006-01-17
Anonymous
"fairly likely that a lot of the disks were pirated." Mmmkay. so much for this particular DRM scheme. I'm no security researcher, just a grumpy old bat who's seen it all- I'll bet money that professional CD pirates weren't even slowed down by this thing, only Sony's own paying customers got screwed ...

[ more ]  [ reply ]
Researcher: Sony BMG "rootkit" still widespread 2006-01-18
Anonymous (1 replies)
A few false assumptions there ? cannot assume spread only by piracy.

My wife has her own PC and only plays legit CDs on the machine (we do not do music downloads) ? she does not have a clue how to use BitTorrent, Kazaa etc.

When I did a routine anti-virus / Trojan check on her machine a while ...

[ more ]  [ reply ]
Another reason for inflated figures ... 2006-01-18
Roger
may be that Sony is not the only company doing this. First4Internet has publically said that Universal Music Group, Warner Music Group and EMI are also using its system.

It seems unlikely in this case because the DNS name checked seems specific to Sony BMG, but it's possible....

[ more ]  [ reply ]
How to tell if you're affected 2006-01-18
Roger
Fortunately, there is a very easy test to see if a machine is affected. Create a file of any type, and rename it to something starting with "$sys$". ($sys$canary.txt seems popular.) If the file vanishes, you have been rootkitted! Since it vanishes from command line tests too, the test is easy to scr...

[ more ]  [ reply ]
Don't they sell MP3 players too? 2006-06-17
Anonymous
This goes back to when they first tried to stop people from ripping music to MP3s (the one you could defeat with a magic marker). Doesn't Sony sell MP3 players? How can we possibly put the music on the player if we can't rip them to go on the device?

I remember back when cassettes were used for...

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus