Jump to content


Photo
- - - - -

Sony rootkit uses?


  • Please log in to reply
25 replies to this topic

#1 chaostic

chaostic

    rekcah-rebÜ

  • Members
  • 724 posts

Posted 11 November 2005 - 02:20 AM

So, by know, I hope everybody has heard about the Sony/BMG/First4Internet rootkit scandle? Be able to hide anything using the $sys$ prefix in the filename and placing it in the system32 folder.

More info at http://www.sysinternals.com/Blog/
The blog of the guy who broke the news, and is keeping track of it. Also a great hacker in the truest sense of the word.

I can see that this can be used for both good and bad uses. Keyloggers, tojans, virii, WoW Hacking (Best use :D), etc.

So, my question is, has anyone else used this for some reason, good or bad?
Personally, I think adding a small server on one of my schools computers so that I can log in and transfer any files that I left on it while I was on there. (Nothing illegal in terms of warez or nothing since it could be traced back to me. I mean like linux distros since they don't have cd burners on the comps)

#2 coding_monkey

coding_monkey

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 347 posts
  • Location:UK

Posted 11 November 2005 - 03:46 AM

Whoever approved that DRM crap at SONY should go to jail for that...

[url="http://en.wikipedia.org/wiki/Computer_Misuse_Act""]http://en.wikipedia.org/wiki/Computer_Misuse_Act"[/url]

"It an offence to make "unauthorised access to computer material"
"It is an offence to make "unauthorised modification of computer material"

I think that pretty much covers it, not to mention the flagrant breach of the EU law on privacy.

:growl: :nono: :pissed:

edit: oh, they're being sued... http://news.bbc.co.u...ogy/4424254.stm

WTF? They should go to jail for this, not be able to buy their way out of it.

Edited by coding_monkey, 11 November 2005 - 04:04 AM.


#3 WhatChout

WhatChout

    Dangerous free thinker

  • Members
  • 814 posts

Posted 11 November 2005 - 04:30 AM

They should go to jail (whoever invented it). By buing their CD's (or anything) I don't let them control of my computer, or monitoring my behaviors.


But that case leads us to this - BIG companies woul rather hackers to sit in the jail. Why? Maybe, because they can know about their illegal behaviors? Or maybe they don't wan't concurrency. (and I don't wanna start again the cracker vs. hacker war. For me a hacker isn't someone bad, but he has ENOUGH knowlegde to do something illegal, and step onto the dark side of the hack. :P) But, anyway, it's good, that it has been revealed. Maybe SONY's process would make other companies more gentle towards users of their products.


EDIT: coding_monkey - try and make a googlism search for "Bill Gates". One of the results will be: "Bill Gates is Darth Vader". :P

Edited by WhatChout, 11 November 2005 - 05:18 AM.


#4 coding_monkey

coding_monkey

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 347 posts
  • Location:UK

Posted 11 November 2005 - 04:37 AM

heh... 'the dark side of the hack.'

Annakin... Annakin!......noooooooo!

#5 sazzer

sazzer

    elite

  • Members
  • 121 posts
  • Location:England

Posted 11 November 2005 - 06:36 AM

Something not mentioned here is the fact that the CDs actually call home to Sony's servers when you listen to them with the custom player. It is apparantly only receiving updated artwork and so on, but it still sends to Sony *at least* the time/date and IP address of everybody who listens to the CDs whilst online.

Also, it's been proven that the software on these CDs will outright break a Windows 64 bit machine or a Windows Vista machine. 64 bit will just lose it's CD drives because there's now a 32 bit filter driver installed on them. Windows Vista apparantly is a bit more spectacular and needs a full reinstall to fix.

All in all it's a very bad thing that Sony have done, and been getting away with for months!

#6 digitalgalileo

digitalgalileo

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 388 posts
  • Location:Bellingham, Washington

Posted 11 November 2005 - 01:26 PM

use it to hide my pron from my mom, $sys$pron_folder woot.

#7 WhatChout

WhatChout

    Dangerous free thinker

  • Members
  • 814 posts

Posted 11 November 2005 - 03:38 PM

And have 400 $sys$Sassers. Yipeee!!! :P :D

#8 jedibebop

jedibebop

    Dangerous free thinker

  • Members
  • 1,935 posts

Posted 11 November 2005 - 06:35 PM

There are already bots online that have code that uses the rootkit to control them

http://news.com.com/..._3-5944643.html

#9 chaostic

chaostic

    rekcah-rebÜ

  • Members
  • 724 posts

Posted 11 November 2005 - 07:52 PM

Virii have already been detected that use it as well.

And the call home was mentioned in the blog I linked in the first post.

That, ontop of the list of software to block and there not being any uninstaller yet... Sony will burn :D

Personally, I had to remove this from two of my clients/friends/compilliterat people' computers. I charged then my normal fee for the rest of the virii/spyware, but I'm sending SonyBMG the bill for the rootkit uninstall. 4 billable hours at 50 each. 3 hours working on their computers/my clean windows install, and 1 hour for the time it took for me to find out about the rootkit info and uninstall (500 plus comments on each of Mark's blog posts). I suspect more in the future.

edit:
My call logs:
First called sony customer service. Was given Sony/BMG's address (Was told 666 5th Ave. in NYC NY) and number.
Called Sony/BMG, was transfered to billings. Closed at call time. (was also given 550 Madison Ave as address, the same building as Main Sony HQ)
Called Sony/BMG again, asked for billings again, was asked why, explained, and was told to call Accounts Payable.
Called, and received invoice instructions and address. The account's payable is in NJ.
Will call back tomarrow to see if I can get a Fax Number to fax it to instead of mailing (Or at the same time). That way I can call to get confirmation of fax being received.

Edited by chaostic, 11 November 2005 - 07:58 PM.


#10 coding_monkey

coding_monkey

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 347 posts
  • Location:UK

Posted 12 November 2005 - 12:57 PM

:D Nice one chaostic.

I still want to see some SONY manager or director in chains for this, I mean... why is it that when an individual breaks the law, they go straight to jail but when a company does it, they just get a fine? Aren't directors accountable for their companies actions? Someone somewhere approved this and they should go straight to jail. :angry:

#11 Byrdturdak47

Byrdturdak47

    SCRiPT KiDDie

  • Members
  • 25 posts
  • Location:Long Island, (516) to be exact ;)

Posted 12 November 2005 - 02:43 PM

Virii have already been detected that use it as well.

And the call home was mentioned in the blog I linked in the first post.

That, ontop of the list of software to block and there not being any uninstaller yet... Sony will burn :D

Personally, I had to remove this from two of my clients/friends/compilliterat people' computers. I charged then my normal fee for the rest of the virii/spyware, but I'm sending SonyBMG the bill for the rootkit uninstall. 4 billable hours at 50 each. 3 hours working on their computers/my clean windows install, and 1 hour for the time it took for me to find out about the rootkit info and uninstall (500 plus comments on each of Mark's blog posts). I suspect more in the future.

edit:
My call logs:
First called sony customer service. Was given Sony/BMG's address (Was told 666 5th Ave. in NYC NY) and number.
Called Sony/BMG, was transfered to billings. Closed at call time. (was also given 550 Madison Ave as address, the same building as Main Sony HQ)
Called Sony/BMG again, asked for billings again, was asked why, explained, and was told to call Accounts Payable.
Called, and received invoice instructions and address. The account's payable is in NJ.
Will call back tomarrow to see if I can get a Fax Number to fax it to instead of mailing (Or at the same time). That way I can call to get confirmation of fax being received.

View Post


No that is the problem. They don't go to jail, nothing happens. You can steal 50 million, keep half of it and just spend 10 years in jail provided you were backed by an incorporated.

If we were to steal 50 million, we'd be shot.

What needs to happen is EVERYONE, espically the retarded 14 year old's that buy CD's, just stop buying... If they just stopped, SONY Music would go out of business.

Sorry but you fuck your customers, rape them with overpraced shit and the msuic sucks on top of it? Go fuck yourself Sony. I can only hope you end up like your music... in the trash.

#12 coding_monkey

coding_monkey

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 347 posts
  • Location:UK

Posted 13 November 2005 - 08:30 AM

Quick show of hands.... who's ever going to buy from SONY again?

I'm not.

I actually had nothing against them until they did this crap. I was even thinking about buying a playstation3, not any more though.

Unless, of course, somebody from SONY goes to jail... or pigs fly.

#13 elchoaro^2

elchoaro^2

    elite

  • Members
  • 106 posts

Posted 13 November 2005 - 05:37 PM

The most creepy part of all of this, is that the only way anyone found out about it is that someone broke the law. Unless someone had unlawfully reverse engineered the code, no one would really know about this. That scares the hell out of me.

#14 chaostic

chaostic

    rekcah-rebÜ

  • Members
  • 724 posts

Posted 13 November 2005 - 05:55 PM

The most creepy part of all of this, is that the only way anyone found out about it is that someone broke the law.  Unless someone had unlawfully reverse engineered the code, no one would really know about this.  That scares the hell out of me.

View Post


Of the two people/groups who found it out, neither had any clue to who/what installed the rootkit, and what its purpose was. Plausible denyablity, plus the way the rootkit worked, if the EULA was upfront about it, do you think they would have installed it in the first place? Sony misled people into installing it when they thought removable software. They flat out lied. Plus, DMCA adds reverse engineering provisions and EULA's can't contract away your rights just as they can't contract murder.

#15 mrfishopolis

mrfishopolis

    SUP3R 31337

  • Members
  • 152 posts
  • Location:Iowa

Posted 16 November 2005 - 12:59 AM

This just in fundamentalist christians have used the sony rootkit to hide evidence of darwin's theory of evolution, carbon dating, and dinosaurs. Intelligent design has no opponet and must now be taught in schools.

On another note they supposedly used lgpl'ed code. Which they will probably use the dmca to punish anyone who tries to prove other wise. So the code's copyright owner can't do anything about license violation.

In the end like a good consumer, I will just crank up the apathy and buy the ps3.

#16 chaostic

chaostic

    rekcah-rebÜ

  • Members
  • 724 posts

Posted 16 November 2005 - 03:47 AM

This just in fundamentalist christians have used the sony rootkit to hide evidence of darwin's theory of evolution, carbon dating, and dinosaurs.  Intelligent design has no opponet and must now be taught in schools. 

On another note they supposedly used lgpl'ed code.  Which they will probably use the dmca to punish anyone who tries to prove other wise. So the code's copyright owner can't do anything about license violation.

In the end like a good consumer, I will just crank up the apathy and buy the ps3.

View Post


You can't use the dmca to prevent someone from using the dmca. If sony was using pirated software, it makes their dmca claim invalid.

#17 TrippinX

TrippinX

    mad 1337

  • Members
  • 136 posts

Posted 16 November 2005 - 04:04 AM

this thing really pissed me off... another reason to support the anti anti piracy act.
btw I also read about the WoW cheating a week or so ago? I even heard there was speed and dmg hacks, I think blizzard should sue! :P

maybe I should make an improved stealth hack LOL

#18 chaostic

chaostic

    rekcah-rebÜ

  • Members
  • 724 posts

Posted 16 November 2005 - 04:50 AM

this thing really pissed me off... another reason to support the anti anti piracy act.
btw I also read about the WoW cheating a week or so ago? I even heard there was speed and dmg hacks, I think blizzard should sue! :P

maybe I should make an improved stealth hack LOL

View Post


They should, after all they sued people who wanted to make private servers... Damn Blizzard (Well, Vendi really)

#19 coding_monkey

coding_monkey

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 347 posts
  • Location:UK

Posted 16 November 2005 - 06:25 AM

I thought the software arrived on a music CD, if so... how can they claim there was a EULA?

I don't think there even was a EULA, so reverse engineering some code that got onto my system wihtout my permisison... can't be illegal...surely.

A EULA is just a contract, when you break a contract it isn't a criminal offence, it's civil law isn't it?

but... IANAL.

#20 sazzer

sazzer

    elite

  • Members
  • 121 posts
  • Location:England

Posted 16 November 2005 - 07:39 AM

I thought the software arrived on a music CD, if so... how can they claim there was a EULA?

I don't think there even was a EULA, so reverse engineering some code that got onto my system wihtout my permisison... can't be illegal...surely.

A EULA is just a contract, when you break a contract it isn't a criminal offence, it's civil law isn't it?

but... IANAL.

View Post

I seem to remember that there was an EULA for the rootkit-infested software that Sony distributed on the CD. However, the EULA was actually on the Sony website so you had to go there to read it. It also didn't cover the actual rootkit DRM software at all, so even if you were able to find and read it there wouldn't be anything in there to stop you from reverse engineering it.

This is all from memory though, so I could be totally wrong :)




BinRev is hosted by the great people at Lunarpages!