Amid much public debate and reports that it could leave consumers wide open for malicious attacks, Sony halt the insertion of anti-piracy software into its CDs.
The Digital Rights Management system in question is an XCP (Extended Copyright Protection) program developed by Britain’s First4Internet. The software limits the number of times a CD can be copied by installing itself on Windows PCs used to play the CDs, then hiding itself from the computer’s anti-virus software.
The trouble started last week when SophosLabs detected a new Trojan horse that exploits the controversial software. The Troj/Stinx-E Trojan horse appears to have been deliberately spammed out to e-mail addresses, posing as a message from a British business magazine, according to Sophos’ November 10 report.
If the attached program is run, the Trojan horse copies itself to a file called $sys$drv.exe. Any file with $sys$ in its name is automatically cloaked by Sony’s copy-protection code, making it invisible on computers which have used CDs carrying Sony’s copy protection.
“Despite its good intentions in stopping music piracy, Sony’s DRM copy protection has opened up a vulnerability which hackers and virus writers are now exploiting,” said Graham Cluley, senior technology consultant for Sophos. “We wouldn’t be surprised if more malware authors try and take advantage of this security hole, and consumers and businesses alike would be sensible to protect themselves at the earliest opportunity.”
Sony Bows Out
Sony called its decision to stop making copy-protected CDs a “precautionary measure.” The music giant denied that its anti-piracy program presented a security risk, issuing a statement that said it would “re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use.” The company also said it would offer exchanges for consumers who purchased the DRM software-laden discs.
Meanwhile, Microsoft said has completed its examination and decided it would remove the controversial DRM software from PCs. Jason Garms, group program manager of Microsoft’s Anti-Malware Technology Team, wrote on his Technet blog, “We have analyzed this software and have determined that in order to help protect our customers, we will add a detection and removal signature for the rootkit component of the XCP software to the Windows AntiSpyware beta, which is currently used by millions of users.”
Public Shares Opinion
By Monday, Sophos had released a poll of more than 1,500 business PC users. The poll revealed that 98 percent believe Sony’s DRM software is a security threat. Only 2 percent of system administrators polled on the Sophos Web site felt that it was a fair way to fight music pirates.
“In taking aim at the music pirates, Sony succeeded only in shooting itself in the foot,” Cluley said. “System administrators have a very low opinion of any code which endangers the safety of their networks, and they have sent a loud and clear message to Sony and other companies that this kind of code is unacceptable to them.”
Let the Debate Continue
Ken Dunham, the director of malicious code research at iDefense, a Reston, Va.-based threat intelligence firm, told TechNewsWorld he expects to see more of these kinds of privacy-piracy discussions in the multimedia industry in the years to come because of the high financial stakes.
“The bottom line is any time you add in new licensing techniques or technologies to any program it tends to be exploited and that’s what we’ve seen here in this space. In fact, the more code you’ve got the more likely it is that something is going to be a potential vulnerability for exploitation,” Dunham said. “To add insult to injury with Sony, we have a Trojan that seeks to leverage the software’s functionality for its own use.”