“A security analyst alleged Monday that playing a Sony copy-protected CD on his PC actually installed a rootkit into his computer from a third-party rights-management package,” Mark Hachman reports for ExtremeDRM. “According to Mark Russinovich’s security blog on Sysinternals.com, the Van Zant CD Get Right With The Man contains a rootkit that was installed when the CD’s on-disc player software was installed. That software, which Russinovich traced to U.K. vendor First 4 Internet, modified the Windows registry and was configured to hide system files encoded with a ‘$sys$’ prefix.”
Hachman reports, “The CD used a version of First 4’s rights management software, called “XCP” to protect the CD from unauthorized copying. Sony configured the software to allow two legal backups of the entire CD. Over 2 million CDs encoded with the First 4 Internet files have been shipped by Sony, according to MSNBC. Users had begun complaining about the First 4 Internet software in June, when the software allegedly prevented songs from being copied onto an Apple iPod.”
Full article here.
[UPDATE: 3:50pm ET: Fixed article summary.]
How to beat Apple iPod-incompatible Sony BMG and EMI copy-protected CDs – October 04, 2005
Sony BMG and EMI try to force Apple to ‘open’ iPod with iPod-incompatible CDs – June 20, 2005
New Song BMG copy-protected CDs lock out Apple iPod owners – June 01, 2005