by John Bajkowski
File sharing networks are known to be dangerous locations to download files. The promised free file may be infected with a virus or worm that could ultimately harm your system. Now it turns out that a music CD or movie DVD may install stealth digital rights management (DRM) software to limit copying.
It has been discovered recently that the copy-protection software installed by Sony through select music CDs uses a cloaking technique more commonly employed by virus writers. Sony employs the XCP copy-protection software by the British company First 4 Internet that is cloaked. When a Sony copy-protected CD is loaded into a computer, users are asked permission to install digital rights management software, which ultimately uses a technique termed a rootkit that is designed to hide the presence of the software on the system and protect the software from removal. This software is difficult to remove, runs even when the copy-protected CD is not playing, and may shut-off access to your CD drive if removed incorrectly.
In this article
Share this article
The software may also provide a back door to your system that has the potential to be misused by others. Sony and First 4 Internet indicated that the component is not malicious and does not compromise security. However, hackers of the computer game World of Warcraft created a tool that employs the hiding capabilities of Sonys content protection software to allow cheating when the game is played on-line. This hack took less than a week to accomplish.
It would seem that any tool created to hide the presence of software on a system could be used for malicious purposes. This program is designed to hide any file on a Windows system with a file name that begins with the characters $sys$, not just the files used by the Sony DRM software. Hackers could hide their files on computers that have installed the Sony DRM technology, simply by following the $sys$ naming convention.
While denying any compromise to user security, Sony has posted a service pack to the digital rights management software program that removes the cloaking mechanism, but not the copy-protection software. To uninstall the copy protection, users must request instructions via an E-mail to Sony.
Companies have the right to protect their interests, but they should never put their users systems at risk.