Previous entries
Next entries

November 4th, 2005

Uncloak Sony’s DRM — and Crash Your System

By Michael Santo
Contributing Writer, RealTechNews

The hits just keep on coming for Sony. Readers will recall the original story about Sony’s DRM, as well as Sony’s “fix” and the World of Warcraft hackers using the DRM to their own advantage.

Today Mark Russinovich, chief software architect for Winternals Software, published further research into Sony’s DRM. He discovered there is a small chance that the patch provided by Sony will cause the PC to crash. Additionally, he discovered the Sony player software phones home … though only to check for album art and lyrics updates. However, once again, this behavior is not mentioned in Sony’s EULA.

We Say: If anyone remembers the incident when Intuit added DRM to TurboTax (CDilla), it looks like Sony is going down the same road. It is going to take a lot more than Sony has currently done to earn back the trust of those consumers who have been reading the many media outlets covering this.

However, Sony’s uncloaking patch puts users systems at risk of a blue-screen crash and the associated chance of data loss. The risk is small, but I made the point in my last post that the type of cloaking performed by the Aries driver prohibits safely unloading the driver while Windows is running:

It’s never safe to unload a driver that patches the system call table since some thread might be just about to execute the first instruction of a hooked function when the driver unloads; if that happens the thread will jump into invalid memory. There’s no way for a driver to protect against this occurrence, but the Aries driver supports unloading and tries to keep track of whether any threads are executing its code. The programmer failed to consider the race condition I’ve described.

I dug a little deeper and found that the Player is automatically checking to see if there are updates for the album art and lyrics for the album it’s displaying. This behavior would be welcome under most circumstances, but is not mentioned in the EULA, is refuted by Sony, and is not configurable in any way. I doubt Sony is doing anything with the data, but with this type of connection their servers could record each time a copy-protected CD is played and the IP address of the computer playing it. Source: Mark’s Sysinternals Blog

Share and Enjoy:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • digg
  • Fark
  • NewsVine
  • Reddit
  • YahooMyWeb
You can leave a comment, or trackback from your own site. RSS 2.0

One comment to "Uncloak Sony’s DRM — and Crash Your System"

  1. crazyshit says:

    it crashed my sys… ugly motherfuckers

    November 17th, 2005 at 12:51 pm

Leave a comment