‘Have you heard of DRM?’, or ‘Back to $ony’

DRM stands for Digital Rights Management. Essentially this is a system that is set up to prevent you copying CDs on a PC. Sometimes this stops you from being able to rip the tracks to an MP3 player, but mostly it’s about restricting what you can do with the music that you have legally paid for. As you can probably guess from my tone, it’s not something I’m a big fan of.

Many years ago, manufacturers took a group of individuals to court because they had cracked the DVD encryption system. The manufacturers argued that doing this was an aspect of computer piracy and was therefore illegal. The silly thing is that you don’t need to crack encryption to copy a DVD; you just need to copy the information. Cracking the encryption really makes no difference to the whole process. The people were being prosecuted for being inquisitive about something that they had legally purchased in shops.

This brings us back to DRM, because the issue is what rights do you have to use the things that you own? If DRM is correct then the company still owns the music that you have bought from them because of the format it’s recorded in: if you want to listen in a different format then you need to buy it in a different format. Hm.

So, Sony have produced a little bit of software on their CDs that installs itself in your machine without telling you when you listen to it on a Micro$oft Windows PC (I’m not sure if this is also the case for Mac owners, but generally they get away with most things like this). This bit of software makes certain files invisible to the user and operates without the user’s knowledge to filter content that is played on that machine. If it thinks you’re doing something that it doesn’t want you to then it will prevent you from doing it. It hides all files that start with $sys$ so that the user and other programs can’t locate them. This behaviour is commonly associated with another type of software called a ‘rootkit’.

A rootkit is a piece of malicious code that integrates itself with the Windows operating system to hide itself and any other files that it fancies running, such as trojans and viruses. Rootkits are really nasty pieces of work and notoriously hard to remove. Guess what? There is currently no known way to remove the Sony rootkit and current methods will break Windows to such a degree that you have to wipe your entire hard drive and start again. This is some bad hoodoo.

To summarise what we’ve got so far: Sony have published a piece of software that automatically hides files on your computer on the basis of their file name, that destroys your machine and all files on it if you try to remove it, and apparently this is legal.

Installing a rootkit on a machine is quite tricky, but once you’re there you own it completely and can run whatever you want without the system ever knowing.

It was only a matter of time before the next step happened, but, now that Sony are kindly installing rootkits on their customers’ machines without their consent, a trojan has appeared that gives itself the file name $sys$drv.exe in the Windows directory, and anyone with the Sony rootkit installed won’t be able to see it while their machine is merrily used for distributing junk email, recording credit card numbers typed into websites, or simply sending out any files stored on your machine such as website passwords.

Congratulations Sony, through your dedicated interest in preserving your own profits to the massive detriment of your customers, you have once again re-earned your appellation ‘$ony’. And they were doing so well

The trouble is, because $ony have made the rootkit, it’s uncertain whether blocking it is an illegal act. Anti-virus software manufacturers know that this software is a problem that essentially mugs a computer and leaves it bleeding in the gutter, but they also know that DRM companies have a strong history of over-zealous litigation and extremely deep pockets. So what do you do? Protect your clients’ machines and risk bankruptcy or allow the rootkit to be installed and struggle to find a way to overcome the massively exposed system flaws that it creates?

A little more about the trojan here.

Leave a Reply