[Clips] Sony DRM infection removal vulnerability uncovered
R. A. Hettinga
rah at shipwright.com
Wed Nov 16 12:56:22 EST 2005
--- begin forwarded text
Delivered-To: clips at philodox.com
Date: Wed, 16 Nov 2005 12:55:50 -0500
To: Philodox Clips List <clips at philodox.com>
From: "R. A. Hettinga" <rah at shipwright.com>
Subject: [Clips] Sony DRM infection removal vulnerability uncovered
Reply-To: rah at philodox.com
Sender: clips-bounces at philodox.com
<http://www.theinquirer.net/print.aspx?article=27714&print=1>
The Inquirer
Sony DRM infection removal vulnerability uncovered
Tool is worse than original infection
By: Charlie Demerjian Tuesday 15 November 2005, 20:45
SONY PULLS OFF ANOTHER blatant stupidity in the 'cure is worse than the
disease' category. No, not the DRM infection itself, not the security
compromising removal agreement, but the removal tool itself. Yes, this one
appears to put you in MORE danger than the original rootkit. Silly Sony, no
cookie.
According to Freedon To Tinker, the web based installer is a worse
vulnerability than the original rootkit. More on the story here, FTT goes
into detail. It seems the 'cure' from Sony involves downloading an ActiveX
control called CodeSupport. This is a signed control that lets just about
anyone download, install and execute arbitrary code on your machine.
See a problem? See a big problem? To make matters even funnier, the
uninstaller, supposedly anyway, leaves this control on your machine. So,
the Sony uninstaller is not a total uninstaller, it leaves a hole you can
drive a truck through on your system, silently of course.
The more disturbing part is that it appears the control is signed. I
wonder who at MS approved this, and how this blatant security hole got
through the barest minimum of QC? Moral, if you bought Sony products, you
are screwed. If it causes you problems, you are screwed more. If you
uninstall, you are screwed yet harder. If you uninstall it yourself, you
are a criminal under the DMCA. If you use an antivirus program to uninstall
it, you spent money to fix Sony's problems, and you are still a criminal.
That's what you get for buying music.µ
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
_______________________________________________
Clips mailing list
Clips at philodox.com
http://www.philodox.com/mailman/listinfo/clips
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list