The Sony BMG Dirty Bomb

“Although Sony said it has been using the First4Internet-developed digital rights management (DRM) software on selected CDs for several months, it was only this week that researchers discovered the technology relied on a rootkit to hide files.“
(Information Week)

And then…

“Wednesday, Sony put a patch on its Web site that “removes the cloaking technology component on SONY BMG content protected CDs,” according to a statement on the site. The patch can be downloaded and installed while online, or a 3.6MB file can be retrieved for later installation.” (Information Week)

OK, but…

“World of Warcraft hackers have confirmed that the hiding capabilities of Sony BMG’s content protection software can make tools made for cheating in the online world impossible to detect. The software–deemed a “rootkit” by many security experts–is shipped with tens of thousands of the record company’s music titles.” (Security Focus)

Wow (no pun intended)…are you suprised yet? I am not. However, what I am suprised about is the fact that a game cheat was first to make the headlines as taking advantage of the Sony rootkit.

Imagine using the Sony rootkit to cheat you out of your banking/investment/email/keystroke information.

How? Well, the business end of the virus/trojan/worm/thing would still need to be written by someone else, or a variant of an existing strain used, however you would use the Sony BMG technology to hide your “bad” processes once you infected the machine—thus making it near impossible to detect (which is the prime objective of the Sony BMG rootkit: hide processes).

To think this rootkit installs itself from a music CD…tens of thousands of titles, not copies, but titles. Every copy of one of those titles sold, since a few months ago, contains the exploit.

I ask: For the average Sony BMG consumer, who uses their computer to listen to their Sony BMG CDs, how many of them would be likely to conduct sensitive financial or personal matters online? hmmm…

This whole DRM thing is starting to remind me of the nuclear arms race…imagine how many boxes are infected with this rootkit…does this rootkit come with a self-destruct? Someway to be updated? No and no — Sony is offering the patch on their website. They force feed you the poison and assume you will find the antidote before it is too late — that is, if you even know you are poisoned in the first place.

In Sony’s race to protect their content rights, they have created a more perfect platform for dark hats…and eventually the script kiddies (I hear them coming…click*click).

At which point in the–listening to some music on a computer process– does a user agree to have a rootkit installed on their machine? That is like selling a car to someone with a remote kill switch on it (say, in case they don’t pay their car payment) but not telling them that their car has such a “feature” — then later some clever folks figure out that you can trigger the kill switch using $15 in radio hack parts…next thing you know you are hearing about massive pile-ups on the freeway because 15 cars were simultaneously killed…using said feature…but wait, there was a patch for that at the dealership–why didn’t you patch it?!?! Because you did not know…

With your CDs now working against you, game cheats are child’s play…look for a Sony BMG ‘dirty bomb’ coming to a computer near you…

do0d y0u w323 ju57 0wn3d by b2i7n3y 5p3425…