Thursday, November 10, 2005

Second Take: You know you're in trouble when you piss off Microsoft—UPDATE

I am very stupid and I’m in a panic and I really need to borrow your computer—Now Sony is in real trouble. Microsoft is unhappy with them.

It is axiomatic by now that the stupidest people in business have gone to work for the recording industry. These are the numskulls who sue 11-year-olds for piracy, distribute music decreasing numbers of people want to listen to and wrap their products in packaging that can kindly be described as consumer infuriating. They then wonder why 11-year-olds feel justified in pirating their ripping them off. It also is true that the largest company in the greatest decline in the world (not counting General Motors) is Sony, once the great innovator and now virtually clueless. So what happens when the dim bulbs in the music division of Sony decide to fight piracy?

You get a piece of software hidden in a music CD that sneaks unannounced onto your computer, alters the Windows operating system in ways that makes it more vulnerable than Windows is already, and hides from view. If you manage to find it and erase it, it interfere with your ever playing CDs again on your computer. I’m not making this up. It’s part of their Digital Rights Management system (DRM) system. It’s in the fine print on the obtuse license agreement that no one in their right minds reads.

The discovery was made by a Windows programmer named Mark Russinovich who was tinkering with his PC when he noticed that there was a program hidden in the operating system he didn’t put there. He managed to trace to a music CD, a SonyBMG Van Zant album he’d purchased at Amazon. When he first put the disk in his computer, the program loaded unannounced. Worse, he discovered it was a kind of program called a “rootkit,” a cloaking device that can be used by bad guys to hide viruses. Essentially, it had unlocked the back door to Windows, which needs no help in keeping doors wide open. Only a programmer could find it. Click here and follow his tale.

He posted his finding on his website. To Sony’s amazement, people actually objected to them sneaking software into their operating systems. The manufacturer of the rootkit, First 4 Internet of England, said it had been working closely with antivirus companies to make sure the program was safe and posed no threat. The purpose was to make it difficult to hack the protection program on the disk, and there have been no reports of any harm actually being done, they said.

Not true. A Dutch firm said it had discovered the first virus (a Trojan Horse, actually) to ride in on the Sony system. A hacker mass mailed a Stinx-E virus to British email addresses. If you click on the attachment, your firewall collapses. Symantec found a trojan horse that rode in on the program. Sony’s response was that no one knew it was there until Russinovich opened his mouth and nobody cared.

Well, they did. Under an absolutely furious barrage of bad publicity and a classic case of how not to handle a p.r. crisis, Sony has since announced a decloaking patch that will uninstall the program but makes it very difficult—a major pain in the ass, actually. Not only that, it made the announcment of the uninstall to the press, not its customers, and hid the support on its webpage. See for yourself.

Apparently a lot of people did care. Sony was sued. There is the possibility of criminal charges. And finally, they announced last week they would withdraw the security feature and were decided unapologetic about it all. That doesn't mean you can get rid of it easily if it's on your computer. Fortunately, the folks at Microsoft, who get a little sensitive when people diddle with Windows, announced it was going to supply a deenstall program that will get rid of it for you. You can get yours by clicking here.

Virus writers and others trying to screw up your computer use rootkits because they burrow deep inside Windows and are hard to find. Having the rootkit on your computer does not mean your computer has been compromised, only that the threat is there, another opening to get inside, as the Dutch company found.

As usual, Macs are immune, as are Linux computers. Both use UNIX as an underpinning for their operating systems. There was one report of a Mac sucking up the rootkit from a CD, but it turns out, as with all applications, MAC OS-X demands affirmation, a remarkably simply safety procedure no one at Microsoft has thought of yet. It asks you if you really want to install the program and it won't install unless you agree. That's why there is no Mac spyware. If you say no, it doesn't install, and you can find it and remove it from your disk. It's called ""

For a list of Sony CDs containing the rootkit, click here.

And finally, the folks at the Electronic Frontier Foundation actually went into the license agreement that comes with the CDs, written, no doubt, by lawyers smoking bad pot. A few of the best:
  • If your house gets burgled you have to delete all the music from your laptop if the thieves steal the CD.
  • If you move out of the country, you have to delete the music.
  • If you file for bankruptcy, you have to delete the music.
  • And best of all: Sony has the right to enter your computer through the back door its program open without notice any time.

UPDATE—And just when Sony thought it was over, another programmer discovered that if you do deinstall the Sony program you open Windows to another major security problem. As if Microsoft needed any help. Don't use it.

And finally, Sony announced on Wednesday it was recalling all the CDs, all 20 million of them.

No comments: