Sony's DRM Rootkit Comes in Mac Flavor, Too

By Larry Loeb
Opinion: Sony says it will discontinue distribution of its DRM software, which could pose a "rootkit" security threat to users. But does that include the OS X version?

Sony is reportedly pulling its digital rights management "rootkit" from the market. But it isn't reporting everything.

"The Sony copy-protection software does not install itself on Macintosh computers or ordinary CD and DVD players," Reuters reported today. There's just one problem with that statement: it happens to be flat-out wrong. While the XCP version of copy protection is for Windows, there is another Mac-only version of copy protection installed by Sony/BMG CDs.

To establish this point, one simply has to refer to a poster on the popular Macintosh site MacInTouch. The poster notes that Imogen Heap's new CD, "Speak for Yourself," on RCA Victor (a BMG subsidiary), has an extra partition for "enhanced" content. Along with Windows files, there is a Mac file present called "Start.app."

When run, a EULA is first displayed (which does inform the user that software is going to be installed without saying exactly what that software will do).

PointerClick here to read more about Sony's decision to temporarily suspend production of CDs with its DRM technology.

The user then is prompted by the program for a user name and password. After that information is provided, the program seemingly quits. However, it actually installs two kernel extensions, PhoenixNub1.kext and PhoenixNub12.kext, in the OS X system files.

These turn out to be part of a DRM codebase developed by SunnComm.

According to the SunComm Web site, their MediaMax DRM allows for a limited amount of CD burns from the source material, and then will block further copying. The DRM also can make time-expiring (or number-of-play-expiring) copies of the tracks.

Repeated calls to SunComm for comment were not returned by the time this article was posted.

So, while Sony may be backing down from its acts regarding Windows modification, it is yet to be seen whether the recent firestorms will cause it to pull the DRM installed on Macs.


 


Comment on this article
Comment Now  | 
Read All Talkback(s)
There are some differences in the Mac DRM by LionMage, 11/29/2005 4:58:56 PM

I was one of the Macintouch readers who saw this news item, and I actually e-mailed the web site, which prompted some follow-up activity. The upshot is that, while the Windows version of Sony's on-disc DRM relies on the AutoRun facility of MS Windows, the Mac version relies on the user manually running the installer. That's because Mac OS X has no equivalent to AutoRun; although classic Mac OS versions (Mac OS 9 and earlier) had an 'autoplay' facility via QuickTime, this never made it into OS...

Read More ###  |  Reply to this Comment  |  Report Abuse

PLEASE CHANGE MISLEADING TITLE - YOU ARE HURTING THE ARTIST by ehnguyen, 11/17/2005 1:38:42 PM

While the content of the article does disclose that DRM technology included on the aforementioned CD DOES NOT contain First 4 Internet’s XCP, why does the title of the article suggest that the CD DOES contain a “Mac Flavor” variant of “Rootkit”?

The title of the article reeks of sensationalism and is misleading. You are hurting the artist mentioned by dragging her name into Sony’s mess.

Please change the title of the article before more harm is done. Thank you.


Read More ###  |  Reply to this Comment  |  Report Abuse

Sony DRM Rootkit by hrm2nd, 11/17/2005 6:11:34 PM

Sony is continuing to show that they have contempt for the rights and security of consumers. They are not likely to get it until they are hurt in the pocketbook. I will not be buying ANY Sony products (think about what they could be putting on their computers Playstations, and other devices that could interact with your computer) for at least 3 months. If they haven't shown that they respect consumers at that point, it will be at least three more months before I buy any Sony product. I thin...

Read More ###  |  Reply to this Comment  |  Report Abuse

Sponsored Content
White Papers

No registration required to download these free white papers:

Security in the World of Web 2.0

Intelligent Infrastructure for Information Services

Making Server Consolidation A Reality

Protecting Client Systems from the Crimeware Invasion

Top 10 Ways to Increase Enterprise Security While Reducing Costs
Upcoming eSeminars

Data Protection Virtual Tradeshow
Cameron Crotty 50x50

Available On-Demand
Join Cameron Crotty and experts as they explore best practices and solutions needed to maintain a secure flow of data.
Available On-Demand
Security 2.0: Controlling Complexity
with Cameron Crotty. Sponsored by Symantec
Available On-Demand
Backup Exec 11d - The Gold Standard in Windows Data Recovery
with Frank Derfler. Sponsored by Symantec
Advertisement
Sponsors
  • 64 Pages of How-To Operational Advice for IT
  • You have a choice! Ericom's Alternative to Citrix
  • Discover what 2000 Cisco customers know about Riverbed
  • ScanSoft PDF Converter Professional 4
  • Defy the laws of reporting with Crystal Reports® 2008.
  • See how EMC can help you store more intelligently.
  • When Speed Counts, Count On 3Com.
  • Download the Windows Server® 2008 Release Candidate today.
    		•
    Security IT Hub Contact Us | About | Advertise
    Ziff Davis Enterprise

    Home | Contact Us | Advertise | Link to Us | Reprints | Magazine Subscriptions | Newsletters | RSS Feeds | Tech Shop | White Papers | Tech Encyclopedia | PC Downloads | ROI Calculators | Tech Jobs | Enterprise Product Comparison Guides | Tech Webcasts | Tech Podcasts | Tech Video

    1UP | AppScout | Baseline | Careers | Channel Insider | CIO Insight | Cranky Geeks | DesktopLinux | DeviceForge
    DevSource | DigitalLife | DL.TV | eSeminars | eWEEK | ExtremeTech | Filefront | GameVideos | GearLog
    LinuxDevices | Linux Watch | Microsoft Watch | Mid-market | My Cheats | Networking | PC Magazine | PCMagCasts | PDF Zone |
    Publish | Security IT Hub | Server IQ | Smart Device Central | Strategic Partner | TechnoRide | Web Buyer's Guide |
    What's New Now | Windows for Devices | Ziff Davis Media International

    Use of this site is governed by our Terms of Use and Privacy Policy
    Copyright © 2004-2006 Ziff Davis Publishing Holding Inc. All Rights Reserved. Security IT Hub is a trademark of Ziff Davis Publishing Holdings Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Media Inc. is prohibited.