The following lines were added (+) and removed (-):
The Sony rootkit is on many music titles now as a copy protection scheme. Sony’s DRM rootkit doesn’t stop the music CD from playing on standard consumer electronics CD players, but when you go to play it on your computer the DRM rootkit automatically installs itself. When played on a Microsoft Windows PC, Sony’s DRM system forces you to play the music though their special software, which secretly installs the rootkit, just like a virus. The Sony rootkit (aka ARIES Rootkit, XCP technology) is on many music titles now as a copy protection scheme. Sony’s DRM rootkit doesn’t stop the music CD from playing on standard consumer electronics CD players, but when you go to play it on your computer the DRM rootkit automatically installs itself. When played on a Microsoft Windows PC, Sony’s DRM system forces you to play the music though their special software, which secretly installs the rootkit, just like a virus. == Fallout ==[[Image:wiki-boycottsonybmgdrmrootkit.gif]]The Sony DRM rootkit resulted in massive boycotts of Sony and BMG, legal action, and a recall of the music media containing the malware / virus. In 2005 Sony BMG has struck a deal with the plaintiffs in a class action lawsuit over copy-restriction software it used in music CDs. The record label has agreed to compensate buyers of CDs that contained the rootkit virus. Sony stated it will immediately recall all DRM rootkit (XCP) CDs and replace them with ones that are virus free. It has also agreed to offer incentives to U.S. customers to "ensure that XCP CDs are promptly removed from the market." Sony is not recalling MediaMax CDs, but has agreed to compensate buyers of these albums by allowing them to download one free album, as well as offering them MP3 versions of the music on the MediaMax album. According to the EFF (Electronic Frontier Foundation) [http://www.eff.org/cases/sony-bmg-litigation-info SonyBMG settled] the case providing a range of remedies and compensation to purchasers of CDs with the XCP technology or the MediaMax technology. SonyBMG ultimately stopped putting any DRM on its CDs sold in the United States. Sony may continue to market the cd discs containing the virus in foreign markets.Hold down the shift key when you insert a CD disc into the drive. This will prevent autorun from executing the rootkit. But keep in mind you may still launch the rootkit by clicking the cd drive letter icon in windows explorer, or certain applications such as Windows Media Player may also launch the rootkit.Hold down the shift key when you insert a CD disc into the drive. This will prevent [[autorun]] from executing the rootkit. But keep in mind you may still launch the rootkit by clicking the cd drive letter icon in windows explorer, or certain applications such as Windows Media Player may also launch the rootkit.== References and Resources ==* A blog article [http://blogs.technet.com/b/markrussinovich/archive/2005/11/06/sony-s-rootkit-first-4-internet-responds.aspx Sony’s Rootkit: First 4 Internet Responds] explains how poorly written the Aries.sys api interceptor is and why the presence of the Sony DRM Rootkit not only makes your Windows system less stable, it prevents you from isolating and indemnifying problems with your system that could otherwise be easily addressed as they arise.* A [http://www.electrohack.com/index.php?s=sony+rootkit&submit=Search handful of articles on the Expressive Opposition blog] details the story behind the Sony DRM Rootkit and how people responsed. Sony faced legal action by consumer groups and was forced to issue a recall on DRM embedded music discs.* Wikipedia refers to the issue as the [http://en.wikipedia.org/wiki/Sony_BMG_CD_copy_protection_scandal Sony BMG CD copy protection scandal] and has some background information on the story.== Related ==* [[Autorun|Autoplay, Autorun, and Auto-insert notification]]* [[Turn off Autoplay With Group Policy Editor]]* [[Sandisk U3 Flash Drive Virus]]* [[Sony DRM Rootkit]]For Linux Users:* [[How_Do_I:_A_Linux_Q%26A#.5BDISABLE_ANNOYING_KDE_Autorun_WHEN_CDROM_IS_IN_DRIVE_WHEN_KDE_STARTS.5D|KDE Autorun]]Key Words: spyware , malware , trojan , crash , aries.sys , XCP technology