Here’s a scary story for Halloween. You might be able to read it here; if not, go to the main blog page and look for the last post of October 2005. Or, read the Slashdot story on the matter.
Sony is evidently releasing music CDs now with digital rights management software on it that secretly installs when you try to play the music on your Windows-based computer. The purpose of the software is supposedly to control how many copies you can make of the songs.
To this end, it cripples your CD player, making it impossible to create digital copies of any songs. It also hides itself in a way that makes it easy for hackers to hide anything they want on your system. It replaces part of the operating system with itself (and does a poor job of it too, making your system more crash-prone). For whatever reason, it slows your computer down while reading information about the other software you’re running on the machine. Oh, and if you try and remove it, either manually or via some anti-spyware program, it disables the CD drive completely, making it impossible to play other CDs, play CD-based games, install new software, or even fix your broken computer.
If you’re a techie, you can fix all the crap these CDs put on your computer by following the instructions in the article above. Quick recap, in case the article goes away: stop all processes with $sys$ in the name, delete all $sys$ files in Command Prompt (you won’t be able to find them anywhere else), reboot, run RegEdit as the LocalSystem user, look for lower and upper filters containing $sys$, delete them, reboot.
If none of that makes sense to you, and you can’t find someone who can understand it, you’re probably going to have to reinstall Windows to get your system back. Linux users are unaffected. No word on how Apple handles this.
Need I mention that you should avoid buying CDs from Sony? If you absolutely must, be sure never to play the CD on your computer. (You can turn off AutoRun if you feel daring; this may help you prevent getting infected from the CD.)
Oh, by the way, the album in question in this case was Van Zant’s latest, Get Right With The Man. (heh!) It’s also been reported on Amazon that Healthy In Paranoid Times, by Our Lady Peace, has the same problems.
What lesson does this teach us? Follow the law, respect Sony’s rights, buy a legal copy of a copyrighted work, and you’re just a sucker, since Sony gets a free pass when it comes to returning the favor. As “Alan” on Slashdot posted:
I’m glad I get my music off of p2p networks and don’t have to worry about trojans and rootkits and that evil hacker stuff!
UPDATE (2005-11-02): Publicity is starting to mount; see the Washington Post blog, for example, which quotes virus researchers on the problem. Sony will now help you remove the code, but only if you call them, tell them about your computer, go to their Web site, install still more software on your computer, get an E-mail once their software has proven that you’re worthy of it, and install yet more software on your computer. I expect this will not prove to be sufficient for most people who experience problems.
UPDATE 2: Via PC Pro, we find Sony’s site for this software. Check the system requirements; in particular, if you follow Microsoft’s recommendations for securing your system, you can’t play this CD. Also, a Slashdot journal-ist provides this link to the rootkit’s original author and this Google search for other CDs that hack your system when you try to play them.
UPDATE 3: Sony has yielded to the pressure and released the removal tool.
UPDATE (2005-11-06): More from Mr. Russinovich: his experiments with using Sony’s removal tool, which appears to do very little in the way of removal. Also, Mark reports that hackers are now using the Sony rootkit to hide their own cracks, despite Sony’s insistence that this was not possible.
UPDATE (2005-11-14): And Sony caves completely after getting an indirect lecture from the White House.
UPDATE (2005-11-16): More here.