Nov. 02, 2005, 03:30 PM
(EDIT: moved to General Security - Nov 3rd by Oddysey)
Bloged in Spyware by Martin Wednesday November 2, 2005 at about 12:35 am
A few minutes ago I read a news article written by Brian Krebs who described how some Sony Music Cds try to install a software on pcs that could be labeled as spyware.
It seems that we have reached a new level in the fight between the record companies and its consumers. If you put a music cd in question into your drive a installer will popup. If you agree to install the software you won?t find a uninstall feature anywhere on your pc.
Apparently all Music Cds labeled ?Content enhanced & protected? have the installer on the CD, make sure you check this before you buy a cd you would want to hear using your pc.
According to Krebs ?The CDs in question make use of a technique employed by software programs known in security circles as ?rootkits,? a set of tools attackers can use to maintain control over a computer system once they have broken in.?
It takes pc expertise to be able to remove this software ones it is installed on your pc. FSecure analysed the product and have a own virus definition for it. Lets take a look at their summary:
Extended Copy Protection (XCP) is a CD/DVD copy protection technology created by First 4 Internet Ltd. XCP has been used to protect some audio CDs released by Sony BMG Music Entertainment. The XCP protected disks contain digital rights management (DRM) software that allow the user to make a limited number of copies of the disk and also rip the music into a digital format to be used on a computer or portable music player.
Once installed, the DRM software will hide:
Files
Processes
Registry keys and values
No means of uninstalling the DRM software is given. The software supports Windows 98SE, Windows ME, Windows 2000 SP4 and Windows XP.
This analysis was conducted on Windows XP. The music CD that contained the DRM software was Van Zant: Get Right with the Man (Sony BMG Music Entertainment).
Fsecure also posted a guide on how to remove the software once installed on your system.
http://blogs.washingtonpost.com/security...rrer=email
Bloged in Spyware by Martin Wednesday November 2, 2005 at about 12:35 am
A few minutes ago I read a news article written by Brian Krebs who described how some Sony Music Cds try to install a software on pcs that could be labeled as spyware.
It seems that we have reached a new level in the fight between the record companies and its consumers. If you put a music cd in question into your drive a installer will popup. If you agree to install the software you won?t find a uninstall feature anywhere on your pc.
Apparently all Music Cds labeled ?Content enhanced & protected? have the installer on the CD, make sure you check this before you buy a cd you would want to hear using your pc.
According to Krebs ?The CDs in question make use of a technique employed by software programs known in security circles as ?rootkits,? a set of tools attackers can use to maintain control over a computer system once they have broken in.?
It takes pc expertise to be able to remove this software ones it is installed on your pc. FSecure analysed the product and have a own virus definition for it. Lets take a look at their summary:
Extended Copy Protection (XCP) is a CD/DVD copy protection technology created by First 4 Internet Ltd. XCP has been used to protect some audio CDs released by Sony BMG Music Entertainment. The XCP protected disks contain digital rights management (DRM) software that allow the user to make a limited number of copies of the disk and also rip the music into a digital format to be used on a computer or portable music player.
Once installed, the DRM software will hide:
Files
Processes
Registry keys and values
No means of uninstalling the DRM software is given. The software supports Windows 98SE, Windows ME, Windows 2000 SP4 and Windows XP.
This analysis was conducted on Windows XP. The music CD that contained the DRM software was Van Zant: Get Right with the Man (Sony BMG Music Entertainment).
Fsecure also posted a guide on how to remove the software once installed on your system.
http://blogs.washingtonpost.com/security...rrer=email