Editor's Outlook

File sharing networks are known to be dangerous locations to download files. The promised free file may be infected with a virus or worm that could ultimately harm your system. Now it turns out that a music CD or movie DVD may install stealth digital rights management (DRM) software to limit copying.

It has been discovered recently that the copy-protection software installed by Sony through select music CDs uses a cloaking technique more commonly employed by virus writers. Sony employs the XCP copy-protection software by the British company First 4 Internet that is cloaked. When a Sony copy-protected CD is loaded into a computer, users are asked permission to install digital rights management software, which ultimately uses a technique termed a “rootkit” that is designed to hide the presence of the software on the system and protect the software from removal. This software is difficult to remove, runs even when the copy-protected CD is not playing, and may shut-off access to your CD drive if removed incorrectly.

The software may also provide a back door to your system that has the potential to be misused by others. Sony and First 4 Internet indicated that the “component is not malicious and does not compromise security.” However, hackers of the computer game World of Warcraft created a tool that employs the hiding capabilities of Sony’s content protection software to allow cheating when the game is played on-line. This hack took less than a week to accomplish.

It would seem that any tool created to hide the presence of software on a system could be used for malicious purposes. This program is designed to hide any file on a Windows system with a file name that begins with the characters $sys$, not just the files used by the Sony DRM software. Hackers could hide their files on computers that have installed the Sony DRM technology, simply by following the $sys$ naming convention.

While denying any compromise to user security, Sony has posted a service pack to the digital rights management software program that removes the cloaking mechanism, but not the copy-protection software. To uninstall the copy protection, users must request instructions via an E-mail to Sony.

Companies have the right to protect their interests, but they should never put their users’ systems at risk.