AfterDawn: Tech news

Sony BMG's Thomas Hesse on the 'rootkit' DRM

Written by James Delahunty @ 10 Nov 2005 8:19 User comments (27)

Sony BMG's Thomas Hesse on the 'rootkit' DRM Comments by the President of Sony BMG's global digital business division Thomas Hesse will most likely anger any consumers who have been unfortunate enough to encounter the "rootkit" style XCP DRM in use on some CDs distributed by Sony BMG. On NPR radio on Friday, Hesse defended Sony BMG from the criticism it has received. "Most people, I think, don't even know what a rootkit is, so why should they care about it?" he commented.
For those who would agree with his comment, it might be worth reminding you about how this DRM is installed on a Windows OS. It conceals itself in the Operating System after the installation, like many rootkits, and intercepts low level Windows system calls. If you remove it, your CD drive could be rendered inoperable and the only way to fix it is reformat the disk and reinstalled the Windows Operating System.

After the DRM installation was added to a blacklist by an anti virus firm, more problems arose. The Register spoke to one IT department support manager who told how the rookit DRM was making the anti virus software pop up alerts every second. He told The Register that three systems so far were flattened and blamed it all on the copy protected Van Zant CD. Also a patch released by First4Internet is not a secure solution either according to Mark Russinovich.

The patch simply forces XP to issue Windows commands that disable the driver. This procedure can cause a system to crash if resources are in contention.

The Register

Previous Next  

27 user comments

110.11.2005 08:38

Well then Thomas..... under the same scenario...most consumers don't quite understand the specifics of MOD Chipping for the SP2, and SP3 (...and make no mistake - there will be one) and since SONY doesn't even manufacture the Mod Should You or they Care about it ? Now that i know your "Why should they care" attitude, and your disregard for screwing up consumer PC's and virus software, i will double my efforts and install MOD CHIPS on as many SONY products as possible. I will instruct certain "Teams" to concentrate on Bittorret Uploads of Sony that you've someone Okay'd it. Thanks Bud...for the comment....I feel much better now knowing that SONY as a whole doesn't really mind.

210.11.2005 08:46

In the words of an obnoxious Jobsworth

"Most people, I think, don't even know what a rootkit is, so why should they care about it?"
*Talking through Teeth* That is totally out of order. I Know what it is (thankyou very much)and, in a nutshell, it is an invasion of privacy. But thank's for insulting my intelligence - I always find that goes down well with (potential) consumers... Do I care? Bet your life I care!! I am already boycotting any of your DRM ridden products..... If you don't want me to copy cd's to my computer, don't make the's really not hard But don't sell me the burner and then turnaround and say I can't rip cd's.... This scandal may not be prime time news....but don't underestimate the power of the internet...... [Grrr.....I Hate Sony. String Up The lot of 'Em in my opinion]
This message has been edited since its posting. Latest edit was made on 10 Nov 2005 @ 10:38

310.11.2005 09:01

"Most people, I think, don't even know what a rootkit is, so why should they care about it?" Most people don't know how A-bombs work either, but does that mean people shouldnt care about them?? NO. Someone should post a list of all the Sony BMG cds that have this crap on them so we can boycott them.

This message has been edited since its posting. Latest edit was made on 10 Nov 2005 @ 9:03

410.11.2005 09:04

Another thought: It might we wise to download all Sony labeled music illegally that have been ripped to mp3s or what have u, just to avoid the installation of the rootkit. I know i will. I'm not taking any chances. I'll make an image of my drive now before inserting any future music discs. Sorry to the Artist who choose Sony. They just stuck it to YOU, not ME. Its YOU, the Artist that is going to also loose revenue. I have no problem paying for music i like and want, but not at this risk.

510.11.2005 09:15

Sony has been expensive sh*t for years now but like any cult there are people that will buy Sony only religiously, I have a couple of friends like that. One of my friends has 2 $150+ DVD players from Sony that won’t play what a $30 Magnavox (from Sam’s Club) plays like a DVD-A disc and he gets pixilation and skipping on some backups. I was in Worst Buy and a gentleman wanted a AVR receiver the sales person showed him a nice Yamaha in his price range and he insisted on the less functional less quality Sony because that’s all he has ever used, ignorance by choice very dangerous. In summation it probably doesn’t matter what Thomas says there are plenty of people out there that won’t care by choice or ignorance unfortunately. How about this scenario: What would happen to one of us if we put a back door hack on one of Sony’s WEB sites? Would we get away with it? -or- Would we be jailed, fined, and banned from ever using a PC again?

610.11.2005 09:15

Are You Infected by Sony-BMG's Rootkit? Tracking Judicial Revolution Spreads to New York City » Now the Legalese Rootkit: Sony-BMG's EULA November 09, 2005 If you thought XCP "rootkit" copy-protection on Sony-BMG CDs was bad, perhaps you'd better read the 3,000 word (!) end-user license agreement (aka "EULA") that comes with all these CDs. First, a baseline. When you buy a regular CD, you own it. You do not "license" it. You own it outright. You're allowed to do anything with it you like, so long as you don't violate one of the exclusive rights reserved to the copyright owner. So you can play the CD at your next dinner party (copyright owners get no rights over private performances), you can loan it to a friend (thanks to the "first sale" doctrine), or make a copy for use on your iPod (thanks to "fair use"). Every use that falls outside the limited exclusive rights of the copyright owner belongs to you, the owner of the CD. Now compare that baseline with the world according to the Sony-BMG EULA, which applies to any digital copies you make of the music on the CD: 1. If your house gets burgled, you have to delete all your music from your laptop when you get home. That's because the EULA says that your rights to any copies terminate as soon as you no longer possess the original CD. 2. You can't keep your music on any computers at work. The EULA only gives you the right to put copies on a "personal home computer system owned by you." 3. If you move out of the country, you have to delete all your music. The EULA specifically forbids "export" outside the country where you reside. 4. You must install any and all updates, or else lose the music on your computer. The EULA immediately terminates if you fail to install any update. No more holding out on those hobble-ware downgrades masquerading as updates. 5. Sony-BMG can install and use backdoors in the copy protection software or media player to "enforce their rights" against you, at any time, without notice. And Sony-BMG disclaims any liability if this "self help" crashes your computer, exposes you to security risks, or any other harm. 6. The EULA says Sony-BMG will never be liable to you for more than $5.00. That's right, no matter what happens, you can't even get back what you paid for the CD. 7. If you file for bankruptcy, you have to delete all the music on your computer. Seriously. 8. You have no right to transfer the music on your computer, even along with the original CD. 9. Forget about using the music as a soundtrack for your latest family photo slideshow, or mash-ups, or sampling. The EULA forbids changing, altering, or make derivative works from the music on your computer. So this is what Sony-BMG thinks we should be allowed to do with the music on the CDs that we purchase from them? No word yet about whether Sony-BMG will be offering a "patch" for this legalese rootkit. I'm not holding my breath. Posted by Fred von Lohmann at 12:24 PM | Permalink | Technorati SONYS,END-USER LICENSE AGREEMENT

710.11.2005 09:38

Here is another one. I hope Sony's CEO/President end up in jail for the violation or crime Sony created. Lawsuit Fights Back Against Sony DRM By Nate Mook, BetaNews November 10, 2005, 10:07 AM Sony BMG's CD anti-piracy technology that sparked an outcry for its rootkit-like tactics has now entered the court system. A class-action lawsuit was filed on November 1 in California by consumers who say their computers were harmed by the hidden software, and a second suit was to be filed this week in New York. The groups claim that Sony's digital rights management, which attempts to stop computer users from copying a CD's audio tracks to a hard drive, is invasive and damaging to computer systems. Sony employed technology from First 4 Internet that uses low-level Windows commands to hide the DRM and prevent its removal. SysInternals' Mark Russinovich first reported on the software after his company's security tool recognized a "rootkit" on his machine. Rootkits are malicious applications that hide deep within an operating system to perform tasks without a user's knowledge. The technology can be used to cloak viruses and worms, or in this case, DRM. Russinovich's report spread like wildfire across the Net and was quickly picked up by mainstream media. Sony responded with a statement claiming it no longer used the technology and offered instructions for customers explaining how to remove the hidden software from their PCs. National Public Radio even covered the fiasco and interviewed Sony BMG's Global Digital Business President Thomas Hesse. But instead of apologizing for the snafu, Hesse only fueled the flames by commenting: "Most people, I think, don't even know what a rootkit is, so why should they care about it?" The California lawsuit, filed in Superior Court for the County of Los Angeles by attorney Alan Himmelfarb, is asking the court to prevent Sony from using the technique in future CDs and requesting monetary compensation for all customers who purchased CDs containing the DRM rootkit. Specifically, the suit claims that Sony has violated two California statutes designed to protect consumers from unfair and deceptive business practices, along with another law prohibiting the installation of spyware on an end-user's PC. In a follow-up report, Russinovich discovered that Sony's DRM "phones home" to Sony's Web site. First 4 Internet responded saying, "No information is ever fed back or collected about the consumer or their activities." But Russinovich notes that, "Sony can make a record of each time their player is used to play a CD, which CD is played, and what computer is playing the CD." Russinovich also discovered that the DRM software is poorly written and could cause system crashes -- often referred to as a Blue Screen of Death -- on Windows. "This flaw highlights my message that rootkits create reliability risks in addition to security risks," he said. United States customers aren't the only ones upset with the situation. Italian digital rights advocacy group ALCEI-EFI has asked the Italian government to investigate Sony's actions. Sony BMG is not commenting on the lawsuits.

WARNING: Do not "update/upgrade" your SAMSUNG BD-D5XXX series (Bluray Player), or else you cant enjoy any of your movie files.
How 2 downgrade Samsung BD-D5XXX Series Bluray player

810.11.2005 09:44

"Most people, I think, don't even know what a rootkit is, so why should they care about it?" Hmmm, I wonder why that should bother people, Mr. Hesse? Mabey because of things like this? Thanks Sony. I'm sure your customers are pleased to hear that the work on trojans that use your DRM spyware has begun.

910.11.2005 09:54

heres another one Bot trying to hide under Sony DRM Posted by Dan Bell on 10 November 2005 - 20:29 - Source: F-Secure Nobody will be surprised by this! Oh, Sony..what a tangled web we weave. Check out this snippage from the F-Secure weblog. We wouldn't like to say "we told you so" but unfortunately this is one of those times you just have to do it. We have just analyzed the first malware (Breplibot.b) that is trying to hide on machines that have Sony DRM software installed. Luckily, the bot has a design flaw. If the Sony DRM rootkit is active (hiding) in the system during infection, the bot will not run at all. Moreover, the bot cannot survive a reboot because of a programming error. In any case, this is a very good example of why software should not use rootkit hiding techniques.

1010.11.2005 09:56

WOW! Naruto is HOT you made my day it, sucks being a male pig. Is she on ?? I'll have to look at the celeb's section. Sorry for the side comment it was just nice seeing a sexy lady on the forum. Thanks alkohol :D

1110.11.2005 10:22

This is sinister, scary stuff. The record companies continue to engage in illegal tactics that invade our privacy and put our computers at risk. I've bought very few CDs over the last few years because of the record industry's outrageous tactics, and after reading this I am not going to purchase any music whatsoever for a very long time. -mathfool

1210.11.2005 10:23

I'm glad that there are now trojans that take advantage of this rootkit. This will mean trouble for Sony in court. It's bad enough that Sony is Crap now, but installing this malware is just too much. I've noticed that Sony is just making a bunch of movies based on older movies and shows and they blow!!!! It seems like they are also destroying Pink Panther, which is one of my favorite movie series. And for all you Sony lovers, Sony does not make most of their products any more. This includes LCD TVs, DVD Players, etc... All they do is put their name on a foreign product to fool you into thinking it is made by Sony and charge you an extra 20% or more. I no longer buy Sony.

1310.11.2005 10:35


If you don't want me to copy cd's to my computer, don't make the's really not hard But don't sell me the burner and then turnaround and say I can't rip cd's....
Couldn't have said it better myself :) If u dont want us to ripp dont give us access to the technology.

1410.11.2005 10:50

JaguarGod Not only are they remaking many of the good old movies but in fact have bought the rights to them as well, which means they will control whether we see the old versions or not. I watch a lot of old movies, basically because the new ones suck, and more and more I see Sony’s rights logo attached at the end of the movie. Long live the Sony GOD, NOT! Good points JaguarGod

1510.11.2005 13:00

For those interesred read: AnyDVD tackles Sony DRM Rootkit Virus ------------------------------------- Since March 2005, Sony BMG is using a rootkit-based DRM system on some newer audio CDs. This DRM system is a serious hazard to each Windows based PC. Well known websites like and (URLs below) are confirming this exposure. If AnyDVD is installed and active on a PC, this new so-called "Sony DRM Rootkit Virus" has no access to the operating system and the affected audio CD appears unprotected regardless! "What the heck Sony thought to themselves," SlySoft's CEO Giancarlo Bettini was kidding, "maybe they wanna build their own bot net?". This "anti rootkit protection" is not a new function of AnyDVD, rather it is the nature of AnyDVD to filter all undesired stuff between a CD/DVD drive and the operating system. It is just one example, how well AnyDVD's option to "Remove CD Digital Audio Protection" is working. AnyDVD v5.5.1.1 New: Added functionality to remove invalid VOBUs from a title set to the option to remove "Protection based on unreadable Sectors". This fixes the error message "Out of memory" from DVDShrink with some DVDs, which suffer from a certain mastering error. Fix: The option to remove "Protection based on unreadable Sectors" could cause DVDShrink to abort with an "invalid Navigation structure" error with some DVDs, which suffer from a certain mastering error. Fix: Setup program did not delete obsolete RegCheck.exe file from previous installations Fix: Undesired high CPU use for several minutes when checking for program update via internet connection

1610.11.2005 17:18

First off, this company interferes with your right to back up your DVD's with their bad sector "Puppet Lock" scheme. Now they are trying to crash your computer too! Boycott Sony Now!

1711.11.2005 08:27

Most people will still buy PSP's and think nothing of it. Why all the dismay and trepidation over this? People will still be in the dark and not care one way or the other.

1811.11.2005 11:10

"Most people, I think, don't even know what a rootkit is, so why should they care about it?" How insipid and impudent of Sony as they know that the uninformed masses will never know any better and will do nothing about such.

1911.11.2005 11:14

"Most people, I think, don't even know what a rootkit is, so why should they care about it?" It is up to "us" to stay informed, stand-up, and boycott Sony.

2011.11.2005 13:39

Sony manufactures its goods in Countries with low labour costs. Sony buy up old movies at low cost. Sony have thought up how to make higher and higher profits every year. SONY DON'T CARE if you don't like the rootkit or any other kit they only care about PROFIT. SO if YOU CARE tell all your friends, neighbours,family and that fellow Tom Cobbly about the not so good products that SONY make,the low wages they pay and the high profits they make on the back of the less privileged in this world. How many of their workers in 3rd world countries could afford Sony products

2112.11.2005 13:53

im going to have to start reading those eula's now. man thank you ireland

2214.11.2005 06:21

Unfortunately, and I hope I'm wrong, Sony may be the only corporation to have been caught doing this. There's no guarantee that others won't (or haven't already) follow(ed) their lead.

2314.11.2005 16:49

Hi guys, After u read this article, sony has done a back flip and pulled the CD's now. Check out this article. nice huh :)

2414.11.2005 17:07

Do ye want to read some more crap on sony cameras as its not over,this is a hell of a read.

2514.11.2005 22:54

Sony BMG said it stands by content protection technology "as an important tool to protect our intellectual property rights and those of our artists". well,they go on about there rights, but trample all over the rights of every body my, nice people i must say.

2618.11.2005 18:55

just wondered......everybody is focusing on the comment that "Most people, I think, don't even know what a rootkit is, so why should they care about it?"....ermmm just wondered if thats not the entire idea. If people dont know what your doing to them then they can do what you like! maybe they (sony) are relying on the fact the public are generally unaware of what a rootkit is.....just some of us do...they got found`ll just be more sneaky next time.

This message has been edited since its posting. Latest edit was made on 18 Nov 2005 @ 6:58

2719.11.2005 14:15

Sony's next rootkit will be much improved to the point that a trojan won't be able to slip through an e-mail and cause them problems. Sony will not let this past problem stop their right to copyright protection . Everyone should not let their guard down because they will continue their ominous reign upon the little people of the world . Maybe they will get the bird flu !!!

Comments have been disabled for this article.

News archive