Saturday, November 05, 2005

Sony DRM rootkit code (#17) Blacklist Sony DRM rootkit code (#17) Blacklist

Some other commentors to Mark's recent blog entry: "More on Sony: Dangerous Decloaking Patch, EULAs and Phoning Home" point out something else (from Matti Nikki):
Ohyea, another thing. This DRM system uses a blacklist to filter out what applications can and what can't read the CD. So, this doesn't protect the CD, but rather intends to break the listed software. To verify, use your hexeditor and you can locate the following list yourself:
http://hack.fi/~muzzy/sony-drm-magic-list.txt

If you want a more concrete proof, try to rename your favourite ripping software as $sys$whatever.exe and then run it again. You'll notice that the DRM system can no longer detect it, and thus you'll get good copy of the track you try to rip instead of one filled with noise.
and from Brad Green:
Thats just hilarious. I think everyone should simply not worry about removing the rootkit, as this is too difficult, and then just do at Matti says, and use the rootkit to make your favorite ripping tool immune to the DRM. On second thought, is their software breaking the DMCA? It provides a method to bypass copyright protection that they install? Hmm...
Note if you haven't been following this - the Sony cloaking software hides all programs and registry entries starting with "$sys$" - apparently, including from itself.

Labels:

5:21 PM Display: Full / Chopped / Footer

Display: Full / Chopped / None

Display: Full / Footer / None

Display: Chopped / Footer / None