Aces High Bulletin Board
Help and Support Forums => Technical Support => Topic started by: Skuzzy on November 01, 2005, 12:06:57 PM
-
Just a cautionary word about DRM (Digital Rights Management) and Sony CD's. If you make use of a copy-protected CD from Sony, you will have installed a rootkit on your computer which will consume some percentage of CPU time and there is no way to remove the rootkit. This will only happen if the CD is allowed to start through the Windows 'autorun' feature.
A rootkit hides files, registry entries, and drivers from you so they can run without your knowledge. This is how most spyware/malware works. In this case though, it is a copy protection scheme Sony uses on its CD's (any copy-protected CD).
There is currently no way to remove this without extensive knowledge of the Windows registry and Intel assembly language. The only solution is to re-format and re-install the operating system.
I thought I would let you know in case you have run a copy-protected CD from Sony on your computer recently. The side effects are poorer performance in Aces High II, possibly some stability issues as well.
-
jeez these guys have some neck :mad:
-
In all fariness to Sony. This is just the beginning, as they licensed the software from another company. Other companies will be using it as well. You see, this all plays within the guideliines of MIcrosoft's DRM.
There will be a whole slew of things like this to protect data on CD/DVD coming down the road. All of it changes the basic way your computer runs.
Starforce is also a popular copy-protection software, which gets silently installed on your computer, when you install some applications.
-
So disable windows auto run?
-
All that C07ft5y stuff you get on the registry from installing games is similar isn't it?
Someone will nvent a utility for clearing it all out.
-
Originally posted by Tilt
So disable windows auto run?
Disabling auto-run inhibits the installation of copy-protection schemes on music CD's. Right now anyway.
-
They can't be removed easily but you can detect if you have them.
Here is a way to find out if you already have one installed.
I found it through KickAss Gears board in the News section for November 1st.
http://www.kickassgear.com and the link for the revealer is http://www.sysinternals.com/utilities/rootkitrevealer.html
-
What's the best way to disable autorun? Every time I figure out where it is, 6 months later microsoft has moved it or added a second place where it also has to be disabled to really get rid of it.
-
CD or DVD properties I'd assume.
My Computer, right click on the cd or dvd and use Properties from the menu.
I have an 'Autoplay' selection there with XPHome.
I can't turn it off though and I have checked 'Prompt me each time to choose an action' because it seems like the lesser of two evils.
-
Originally posted by Skuzzy
Disabling auto-run inhibits the installation of copy-protection schemes on music CD's. Right now anyway.
Skuzzy: are you sure? In Windows XP the AutoPlay tab of the Properties page allows the selection of various actions for automatic playing of media files, but there is no way to shut off AutoRun, i.e. the automatic running of the autorun.inf file. I've got everything set to "ask me" in the AutoPlay tab, but CDs with autorun.inf files still instantly execute whatever code they contain.
Doesn't that mean that the Trojan Horse copy protection program on audio CDs is going to execute in Windows XP regardless of user settings? Or is there somewhere else, say in the registry, to totally turn off AutoRun?
715
-
The easiest way to prevent this is to download the mp3's
LOL, marketing genius. Arouse suspision and fear of store bought CD's.
-
Originally posted by 715
Skuzzy: are you sure? In Windows XP the AutoPlay tab of the Properties page allows the selection of various actions for automatic playing of media files, but there is no way to shut off AutoRun, i.e. the automatic running of the autorun.inf file. I've got everything set to "ask me" in the AutoPlay tab, but CDs with autorun.inf files still instantly execute whatever code they contain.
Doesn't that mean that the Trojan Horse copy protection program on audio CDs is going to execute in Windows XP regardless of user settings? Or is there somewhere else, say in the registry, to totally turn off AutoRun?
715
Here ya go:
http://ask-leo.com/how_do_i_really_disable_autoplay_in_windows_xp.html
The auto-play feature in Windows was significantly beefed up when Windows XP was introduced. For CD and DVD drives specifically, Windows will first attempt to determine what type of media you've inserted, and then perform an appropriate action. If it doesn't know what action is appropriate, it asks - with the option to remember that action for next time.
Seems fair enough - except that when I encountered it for the first time, it kept forgetting the settings, and would always ask. From my perspecitive that's worse that not having auto-play at all. And then I couldn't turn it off.
If that sounds familiar, then you know my frustration.
Enter one of my favorite Windows add-ons: TweakUI, one of what Microsoft calls "Power Toys for Windows XP". It's more than a toy. It allows you to adjust (or 'tweak') several settings that aren't exposed directly by the standard Windows tools.
http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx
Once you've installed TweakUI, you'll find a lot of options in it. For our current problem, in TweakUI expand My Computer, and then AutoPlay. Click on Drives, and uncheck the drive letter that you no longer want to AutoPlay. Click on Apply, and that's it. No more "what would you like me to do" dialogs.
TweakUI has a number of other settings - I encourage you to install it and browse around in it. It's something I install on every computer I run. (The PowerToys page has a number of nifty tools as well - have a look while you're there).
Regards
Sun
-
Thanks! :aok
-
Sony stops
http://tinyurl.com/arhpq
NwBie
-
Heheh What a fiasco!
Been watching this for two weeks now and I still think of Skuzzy's intial early warning post everytime I see another article or report in the media.
The day after Skuzzy's post I got a one-up on my geek buds at work, talking about disableing "autoplay" because of the "Sony root kit" stealth install on new CDs. They came up with everything from "It's no big deal" to "what's a root kit?". One even told me that every single app running in ram was visable in Task Manager...so he could tell if anything like that was ever installed on his box.
Again, thx Skuz for the early heads up and like you say...With VISTA otw and it's invasive DRM...we aint seen nothin yet!
Here's a neat article over at WIRED NEWS :
Regards
Sun
Real Story of the Rogue Rootkit
Story location: http://www.wired.com/news/privacy/0,1848,69601,00.html
02:00 AM Nov. 17, 2005 PT
It's a David and Goliath story of the tech blogs defeating a mega-corporation.
On Oct. 31, Mark Russinovich broke the story in his blog: Sony BMG Music Entertainment distributed a copy-protection scheme with music CDs that secretly installed a rootkit on computers. This software tool is run without your knowledge or consent -- if it's loaded on your computer with a CD, a hacker can gain and maintain access to your system and you wouldn't know it.
The Sony code modifies Windows so you can't tell it's there, a process called "cloaking" in the hacker world. It acts as spyware, surreptitiously sending information about you to Sony. And it can't be removed; trying to get rid of it damages Windows.
This story was picked up by other blogs (including mine), followed by the computer press. Finally, the mainstream media took it up.
The outcry was so great that on Nov. 11, Sony announced it was temporarily halting production of that copy-protection scheme. That still wasn't enough -- on Nov. 14 the company announced it was pulling copy-protected CDs from store shelves and offered to replace customers' infected CDs for free.
But that's not the real story here.
It's a tale of extreme hubris. Sony rolled out this incredibly invasive copy-protection scheme without ever publicly discussing its details, confident that its profits were worth modifying its customers' computers. When its actions were first discovered, Sony offered a "fix" that didn't remove the rootkit, just the cloaking.
Sony claimed the rootkit didn't phone home when it did. On Nov. 4, Thomas Hesse, Sony BMG's president of global digital business, demonstrated the company's disdain for its customers when he said, "Most people don't even know what a rootkit is, so why should they care about it?" in an NPR interview. Even Sony's apology only admits that its rootkit "includes a feature that may make a user's computer susceptible to a virus written specifically to target the software."
However, imperious corporate behavior is not the real story either.....
http://www.wired.com/news/print/0,1294,69601,00.html
-
Its funny watching the mega-multicorps chasing their tales in the face of the unstoppable force called emerging technology. :lol
My favorite quote from this article:
"The biggest mistake the labels are making is, they're letting their lawyers make technical decisions. Lawyers don't have any better understanding of technology than a cow does algebra," Leigh said. "They insist on chasing this white whale."
:rofl
Full article at:
http://news.yahoo.com/s/ap/20051119/ap_on_hi_te/music_copy_protection
Regards
Sun
-
Great analogy! LOL!
-
So say if a person had this "Spyware" installed on their system unknowingly, then found out about it and removed it....
Then their computer was hijacked or screwed up, and the user lost a lot of valuable data and work due to this, could one sue Sony for time / data lost, especially if say all one's businees / work information was corrupted?
If so, I think I'm gonna go buy me a new CD today :)
-
There is already a class-action lawsuit filed against Sony about this.
-
Originally posted by Skuzzy
There is already a class-action lawsuit filed against Sony about this.
http://news.yahoo.com/fc/tech/computer_security
Let the games begin!!
P.S. Here's a really interesting article about how Sony has put one lie on top of another in this case.
http://news.yahoo.com/s/usatoday/20051117/tc_usatoday/andrewkantorcyberspeaksonytherootkitofallevil
-
Hmmm..wonder how many potential violations in Texas?
Regards
Sun
"Texas is seeking civil penalties of $100,000 per violation of the state's Consumer Protection Against Computer Spyware Act, which was enacted earlier this year."...
http://news.yahoo.com/s/nm/20051121/tc_nm/sony_texas_dc
-
"We have analyzed this software and have determined that in order to help protect our customers, we will add a detection and removal signature for the rootkit component of the XCP software to the Windows AntiSpyware beta, which is currently used by millions of users," Jason Garms, group program manager of the Anti-Malware Technology Team, said on Microsoft's Technet.
Great App..I recommend it.--SD
http://www.microsoft.com/athome/security/spyware/software/default.mspx
"A representative of the United States government last week warned entertainment publishers against using CD and DVD copy protection software that hides inside computers.
"It's very important to remember that it's your intellectual property; it's not your computer. And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days," said Stewart Baker, the assistant secretary the Department of Homeland Security, at a conference."
http://www.cnn.com/2005/TECH/ptech/11/15/sonybmg.microsoft.reut/index.html
Regards
Sun
-
This is outragous , I hope sony gets more than just a slap on the wrist for this . Talk about crappin on the customer , i cant believe they had the cajones to do this . Makes you wonder what other companys have got away with stuff like this in the past . 38
-
You would be surprised how many applications alter the behavior of your computer, without your knowledge. Roxio's software is about as invasive as it gets and more debilitating than this Sony copy protection scheme, but no one has done anything about it yet.
There are a number of software applications on the market which make a mess of your computer. Ever use any software from Intuit? Check to see what happens to your Windows registry when you do.
How about Creative Labs utilities which take control of your desktop away from you and cannot be removed without a re-install of the operating system?
I find it pretty hypocritical of people to be yelling about what Sony did and not about all these other programs which infest your computer.
-
I think there are several reasons we're seeing more visabilty on the Sony debackle than on the other apps that yes indeed crap up your system.
1)It's Sony (The ONE and ONLY)
Its harder to stack up lesser-known names against this media giant icon.
Imagine the brand recognition of Sony in the average home versus names like "Creative Labs" etc etc.
2)It opened a major security hole.
I hate the apps that demand I boot them with Windoz by default. "Real Player" and "Quicktime" are a couple names that come to mind. And yes, Creative tends to get a bit bossy with their control panel enabled.
But when an app opens a major security hole that is unremovable short of FDISK people tend to get a lil beechy.
3)A "big name" stepped on the customer and then was very arrogant and cavalier after they finally admitted it.
Perhaps the Sony boondoggle and the press it has gained will set a precedent (especially if a monetary settlement is made with TX) for other companies to see and make them rethink their DRM strategy.
The direction that DRM is taking overall in the media industry is likely unstoppable.
But maybe this will at least slow it down a bit.
Let's hope.
Regards
Sun
-
I didn't read the whole thread yet.
But I've needed to disable the auto run many times for years.
To do this I've inserted the cd in the drive.
Then I just hold down the SHIFT key for a few seconds.
Once the computer tried to autorun, it then sees me holding the shift key down and then doesn't run autorun.