17 November 2005

Sony/BMG CDs banned at UC?

| Xanthomyza
Join the conversation
8

BoingBoing.net has been documenting stuff about the malicious trojan-horse rootkit that is sneakily installed on your PC when you try to play a Sony BMG CD. Apparently something like 500,000 computer networks worldwide are infected. The Sony uninstaller released to fix the rootkit problem is even worse and further compromises computer security.

A recent update on boingboing features a letter to all UC staff and students from Professor Andrew Cheetham (Pro Vice-Chancellor – Research & Information Management University of Canberra) banning the use of Sony CDs on uni computers.

Anyone from UC heard anything official?

X

Join the conversation

8
All Comments
  • All Comments
  • Website Comments
LatestOldest

slinky. I work for an IT company

I thought it sounded like a hoax at first.

Gotta love M$ Windows.

Slinky the Shocker3:02 pm 18 Nov 05

Wonsworld: Who is ‘we’?

that is verbatum the same e-mail we got and we have no connection with UC whatsoever

Good work Sony; this should do wonders for your CD sales!

This is the email we got; has an explanation of all the whys and wherefores plus links for those who want to know more about the whole deal.

This is a message to all staff and students,

It has been brought to our attention that there is significant risk to the
security and the operation of UC computers in using Sony BMG produced CDs. For
this reason, Sony BMG produced CDs in University of Canberra computers is
prohibited. The reasons behind this are explained in more detail below. If you
are not sure as to whether a CD is produced by Sony BMG please check the record
label against the list below.

This restriction does not apply to Sony BMG CDs used in personal CD players or
music systems on campus.

Portable computers, such as laptops, whether University or privately owned are
prohibited from being connected to the campus network at all, if Sony BMG CDs
are played in them.

Known record labels owned by Sony BMG:
Arista Records
BMG Classics
BMG Heritage
BMG International Companies
Columbia Records
Epic Records
J Records
Jive Records
LaFace Records
Legacy Recordings
Provident Music Group
RCA Records
RCA Victor Group
RED Distribution
Relatively Entertainment
RLG â.. Nashville
RME (Recording Media & Energy)
SONY BMG Masterworks
Sony/ATV Music Publishing
Sony Classical
Sony Music International
Sony Music Independent Labels
Sony Music Nashville
Sony Urban Music
Sony Wonder
So So, Def Records
Verity Records

As part of good house keeping it is strongly advised that caution is exercised
when any compact disc, email or web page prompts you with a End User License
Agreement, a pop up window, or ‘Security Warning’ when you did not specifically
request the new window or a software installation.

The reasons, in detail, for the decision to prohibit the use of Sony
BMG CDs in any computer on campus are;

A Sony BMG CD inserted into a PC running Windows will attempt to install
the Sony proprietary CD player software. As part of this installation the end
user will have to agree to an End User License Agreement (EULA) which has no
information regarding the uninstallation of the software, nor does it mention
that proceeding will install stealth software (known as a rootkit) which
deliberately hides running programs and the files it has installed in the same
way that viruses, Trojans and hackers do.

This software will cause some versions of Windows to become immediately
unbootable and require a complete reinstall of the machine to recover.

The software also has no known manufacturer created uninstall program, and
should other tools (such as anti hacking tools, virus scanners etc) be used to
remove the software it will render the CD drive of the machine completely
inoperable.

Further analysis of the “rootkit” indicates it is extremely badly written and
allows the easy exploitation of the “rootkit” by persons less skilled and
therefore allows potential virus writers to hide themselves from the operating
system with no technical knowledge of “rootkits”. During the last 24 hours a
number of anti virus vendors have announced they have examples of new viruses
that are using the Sony BMG “rootkit” to hide themselves.

For the reasons above, CDs produced by Sony BMG are not to be inserted into any
University of Campus computer for any reason. Further if you have inserted a
Sony BMG music CD into a campus machine running the Microsoft Windows operating
system you should contact the Service Desk for assistance in removal of the
rootkit software. Macintosh users are not affected by this particular software,
however there are reports of Macintosh aware software being installed so extreme
caution should be exercised. Further announcements may be made later with
regard to Macintosh computers.

Please note: Sony BMG have produced a new version of the software and are
requesting people to update, this will not uninstall the software. This
software requires you to enter your email address before it will allow you to
download it. The conditions of the update page are that Sony may use the email
address supplied for any marketing or promotional material (ie spam). We do not
advise you to use the new version of the software.

Further (technical) information on the Sony rootkit can be found using the
following links:

Technical explanation about what it does:
http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html

Exploit found using the rootkit:
http://news.yahoo.com/s/nm/20051110/wr_nm/sony_hack_dc

Reports of lawsuits over the installation of this software:
http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453096362
http://www.eff.org/deeplinks/archives/004144.php
http://www-128.ibm.com/developerworks/power/library/pa-spec11/?ca=dgr-lnxw06StandardDRM

I (UC Student) got an email from one of the above mentioned names, not sure which one.

Slinky the Shocker3:25 pm 17 Nov 05

Yes, we (UC staff) got the letter from both Andrew Cheetham and Matthew Sullivan, the IT security guy. Being a muso/music lover who hates major labels, I had a good chuckle, although I am not sure that the ‘rooted’ CDs are actually sold in Oz. Even the article in the Canberra times was ripped from CNET and referred to some US bands that I hadn’t heard of and Sony Europe claims they are using a different protection. Does anyone know whether they are sold here?
Anyway, another reason to support independent music…

Daily Digest

Want the best Canberra news delivered daily? Every day we package the most popular Riotact stories and send them straight to your inbox. Sign-up now for trusted local news that will never be behind a paywall.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.