[Dixielandjazz] Complete Sony CDs Info

[BillSargentDrums at aol.com]

Q. I read the story in your News of the Day newsletter about the Sony  
copy-protection software. I own several Sony CDs and listen to them on my  computer. 
I'm not sure I understand what a rootkit is, but it sounds bad. How  worried 
should I be about this? – George in Pittsburgh, listening on WPGB  104.7
 
A. This is big, big news. I will be discussing it on my weekly radio show  
the weekend.
 
A lot has happened in the past week, so let me start by bringing everyone  up 
to speed. Last week, a security expert discovered that copy-protection  
software on some Sony CDs installed a rootkit on Windows computers. A rootkit is  a 
particularly pernicious form of malware capable of cloaking itself and its  
actions.
 
Rootkits burrow deep into Windows. They hide by intercepting calls between  
the operating system and programs. They remove their file names from the calls. 
 Rootkits can also tell Windows to hide files and programs. So they're 
difficult  to detect.
 
Users who tried to remove the rootkit manually encountered a nasty  surprise. 
It rendered their CD drives inoperable. Users had to reformat and  reinstall 
Windows to fix the problem.
 
To add insult to injury, Thomas Hesse, president of Sony BMG's global  
digital business division, was quoted on National Public Radio as saying that  
people shouldn't care because they don't understand rootkits.
 
Sony subsequently issued a patch it claims will uninstall the rootkit.  
Unfortunately, many people have encountered problems with the patch. It has  caused 
lost data and computers to crash. Further, others have complained that it  is 
difficult to get the patch. The company also said it would temporarily stop  
making disks with the rootkit.
 
Consumers in California have filed a lawsuit against Sony Music. They are  
seeking to stop Sony from selling CDs that include the software. They're also  
seeking compensation for damage caused to their computers by the software.
 
On Thursday, a Trojan that takes advantage of the Sony rootkit started  
appearing. A variation of the Breplibot Trojan installs the file $sys$drv.exe.  The 
Sony rootkit hides files whose system filename begins with $sys$. Sony says  
it has distributed information to ant-virus companies that will allow their  
products to attack malicious programs using Sony's cloaking technology.
 
Nonetheless, I remain worried. If the rootkit is installed on a computer,  
hackers may be able to use it to do anything. They know how to exploit it.
 
Sony uses two different copy-protection programs on its CDs. Only one  
installs the rootkit, and it is included on about 20 titles. The Electronic  
Frontier Foundation has a list of the CDs on its site:
_http://www.eff.org/deeplinks/archives/004144.php_ 
(http://www.eff.org/deeplinks/archives/004144.php) 
 
But I wouldn't take chances. Until we know more, I wouldn't play  
Sony-produced CDs on my computer. The risk is just too great.
 
If your computer is infected, you can download a tool to disable the  
rootkit. It is available from Sony and from First 4 Internet, the company that  
developed the software. Their sites are, respectively:
_http://cp.sonybmg.com/xcp/_ (http://cp.sonybmg.com/xcp/) 
_http://updates.xcp-aurora.com/_ (http://updates.xcp-aurora.com/) 
 
Don't forget to listen to the show for updates of this story! And please  
tell some of your friends and family members about our newsletters and show.  
We've got a handy form on the Web site set up just for  that.
_http://www.komando.com/newsletter.asp#friends_ 
(http://www.komando.com/newsletter.asp#friends) 
 
Thanks for  writing!
Kim                :)
 
--> MORE FREE COMPUTER KNOW-HOW! SIGN UP NOW!
Become the ultimate  computer pro the easy and fun way! Send one e-mail to 
sign up for my Tip of the  Day: _tips at komando.com_ (mailto:tips at komando.com)