Earlier this week it was revealed that Sony music has been installing a particularly nasty type of DRM on some of their audio cds. There is a technology called rootkits which gets into the lowest level of your computer operating system. At that level programs actually modified operating system instructions and redirect them. In this way for example if you list the files in a folder a rootkit can intercept the call and return a falsified result. By doing this files can be cloaked from view. This stuff was originally developed by hackers as a way of invading computer systems without being detected. Rootkits can be discovered with some specialized software like RootkitRevealer. A lot spyware and viruses use rootkit technology to prevent being detected and removed. A really good explanation of rootkits can be found by listening to to Episode 9 of the Security Now podcast. Security expert Steve Gibson explains rootkits in a very clear concise way. This is definitely worth a listen, as is the whole series if you use a computer with an internet connection.
Mark Russinovich is the guy who wrote RootKitRevealer and he was recently testing the latest revision on his own computer. In the process of testing, he discovered a rootkit on his computer. Of course as a security expert who knows how to protect himself, he was quite surprised at this. He wrote a very detailed description here. What he found is that a music cd he recently purchased had installed this rootkit as part of its digital restrictions management (copy protection) scheme. It now turns out that the software that Sony sureptitiously installed on his and countless other computers around the world was actually very dangerous and put a lot of people’s computers at risk. The sony drm was so poorly written that it cannot be removed without damaging the operating system. Virus and spyware writers can take advantage of this spyware to cloak their own malware now. Sony and other music companies use this drm technology allegedly to protect there music holdings from being shared on p2p networks and sold by pirates on street corners. The problem is anyone with any technical savy can get around this protection by simply disabling autorun on a windows computer to keep it from installing anything. Also copying the cd on a linux or mac computer will also bypass the drm. All the cds that have ever been issued with drm are readily available on file sharing networks.
The disgraceful part of this is that the only people who will be hurt by DRM are people who actually go out and pay money to the record companies to buy their music. So if you are foolish enough to be “honest” you will put your computer at risk of being hacked or damaged so that you have to reinstall your os and software. If you are sharing music you will be fine. Is this a good or ethical practise? Is it good to punish your honest customers while being totally ineffective at trying to protect your revenue stream? If you are going to buy a cd check the package for indications of copy protection or enhanced features. If there are any such markings put the cd down and walk away.
I don’t buy any music from labels that members of the RIAA anymore. This both because of the drm they use and the lawsuits that they have filed against, their customers. Boycott Sony Music and all members of the RIAA. Buy music from independant musicians through their websites or companies like EMusic, MagnaTune, Mp3Tunes and other music sellers that actually give a substantial amount of the money back to the musicians rather than overfed record executives like Edgar Bronfman and Howard Stringer. There are a bunch of links over on the sidebar, to new musicians I have found recently. There are also links to sites like the Association of Music Podcasters and the Podsafe Music Network. From there you can find links to lots of music podcasts where you can discover new music that is worth listening to and supporting.