Every month the BugBlog picks its Bug of the Month, representing the most significant bug found in the past month. Sometimes, the bug will be the one which could potentially cause the most damage; sometimes it will be the bug which affects the most users. And sometimes, it will be the bug that is just the most interesting bug. This bug will be selected either from the free Bug of the Day, or from the subscription-only BugBlog Plus.
The Bug of the Day for December, 2005 was written on November 2. It belongs to Sony (like that's a surprise)
It appears that as part of a stringent DRM (digital rights management scheme), Sony is shipping new music CDs that install a root kit on your PC. If you manage to discover this and try to delete it normally, you may screw up your CD. This was discovered by Windows expert Mark Russinovich, who knows more about Windows than everybody outside of Microsoft (and probably inside too.) Sony's lame attempt to help is http://cp.sonybmg.com/xcp/english/faq.html#uninstall — you will need to contact them to get the uninstall procedure. You can see Russinovich's meticulous research at http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html. The workaround is simple — don't buy stuff from Sony.
Of course, this wasn't the end of the story. Follow along as the story played out almost daily in The BugBlog or the BugBlog Plus. On November 6:
Hackers are using the Sony DRM (digital rights management) root-kit as a way to hide their cheating in an online game. Blizzard Entertainment uses a program, called the Warden, to protect against cheaters in the World of Warcraft online game. But since the Sony program hides any program that starts with the prefix $sys$, the cheaters can buy and install the Sony music CD, and then use it as protection against being caught. Cheating in an online game is fairly trivial, but it is important because it shows how bad guys can use the Sony root-kit to hide their malware on your computer. If you've played a DRM-enabled Sony CD, you could be a target. Read the details at http://www.theregister.co.uk/2005/11/04/secfocus_wow_bot/.
The BugBlog Plus on November 7 had
Article comments