Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy PC Games (Games)

Blizzard's Warden Thwarted by Sony's DRM Rootkit 418

shotfeel writes "First, news of Warden -a bit of code from Blizzard's WoW to trounce game cheats. Then, a Sony rootkit to make your computer safe for music. Now, news that you can use the Sony rootkit to make your game cheats safe from the Warden."
This discussion has been archived. No new comments can be posted.

Blizzard's Warden Thwarted by Sony's DRM Rootkit

Comments Filter:
  • by Heem ( 448667 ) on Thursday November 03, 2005 @02:17PM (#13943419) Homepage Journal
    Just goes to show that there is indeed a good use for everything.
    • by Jonny_eh ( 765306 ) on Thursday November 03, 2005 @02:19PM (#13943460)
      How is people cheating in an online game a good thing?
      • by rob_squared ( 821479 ) <rob@rob - s q u a red.com> on Thursday November 03, 2005 @02:21PM (#13943482)
        Because it helps the cheater WIN! Silly!

        Wait a minute...

        • by networkBoy ( 774728 ) on Thursday November 03, 2005 @02:24PM (#13943538) Journal
          Because now Blizzard (hopefully) will sue Sony for some DMCA violation on breaking their game security device :-)
          [/wishful thinking]
          -nB
          • by Jonny_eh ( 765306 ) on Thursday November 03, 2005 @02:29PM (#13943620)
            On what grounds? "Their rootkit broke our rootkit!"

            Ugly, ugly.
            • by networkBoy ( 774728 ) on Thursday November 03, 2005 @02:32PM (#13943666) Journal
              I do believe that "circumvention of a protection device" may actually apply. . .
              -nB
              • A protection device? What is that? Are you referring to the DMCA? Because that is just copyright protection, which the warden doesn't protect.

                Nintendo tried to sue the makers of the NES game genie 'game enhancer', but lost. Although, the NES wasn't a multiplayer console, so who knows?
                • by Naikrovek ( 667 )
                  Although, the NES wasn't a multiplayer console

                  Two controller ports means that the NES was indeed multiplayer.
                • by eofpi ( 743493 )
                  Those with long enough memories to remember the Game Genie may remember that Galoob got out of the game enhancer business long before the DMCA was passed.

                  However, the continued existence of the makers of the Game Shark would seem to indicate that such devices are either not in violation of the DMCA or the game makers, quite reasonably, don't consider the devices a threat to their sales.
              • by Anonymous Coward on Thursday November 03, 2005 @03:01PM (#13944027)
                IANAL...

                It doesn't for two reasons.

                First, Warden is not a copyright protection system. It essentially is a EULA protection system. For example, if I use a third party utility to run a speed hack, I can be banned from the game for violating the EULA. I can't be hit up for thousands of dollars for copyright infringement.

                Second, as it is installed it in no way would assist in cheating in WoW. A third party can take advantage of what it does do. In other words Sony is not shipping this DRM software with the primary intent to enable cheating in WoW.

                In fact, Warden has a greater chance of violating the DMCA since it could access memory that contains copyrighted material after the DRM system has decrypted the work. Luckily the primary design purpose of Warden is also not copyright infringement.

                Of course some lawyer may figure out some way to twist all of this around, so who knows.
                • by ikkonoishi ( 674762 ) on Thursday November 03, 2005 @04:48PM (#13945207) Journal

                  In fact, Warden has a greater chance of violating the DMCA since it could access memory that contains copyrighted material after the DRM system has decrypted the work. Luckily the primary design purpose of Warden is also not copyright infringement.


                  Yet. Turnabout however is fair play.

                  I can see it now.

                  Blizzard:Those DRM bastards want to make it easier to cheat on our games. Lets include a P2P music sharing client into our next release!
                  Player:Hey... WTF? Did that monster just drop a Metalica CD?
                • Second, as it is installed it in no way would assist in cheating in WoW. A third party can take advantage of what it does do. In other words Sony is not shipping this DRM software with the primary intent to enable cheating in WoW.

                  While we are talking about blizzard, lets go back to similar incident in blizzard's past. Bnetd, as written, did not support the Warcraft III beta. The authors of bnetd did not want to support the beta and the intent of bnetd was not to support pirating. Some third party (warfor
              • by Tim C ( 15259 ) on Thursday November 03, 2005 @03:07PM (#13944107)
                No. The Sony rootkit isn't deployed in order to thwart The Warden, just like the knives in my kitchen weren't created and sold to kill humans with.

                If I create something to beat The Warden, that uses Sony's rootkit to hide, then *I* am the one liable, not Sony, just like Kitchen Devil aren't liable for any psychotic killing sprees I may go on with their products.

                Unfortunately.
              • by Buran ( 150348 ) on Thursday November 03, 2005 @03:54PM (#13944628)
                Uninstalling undesired software isn't illegal. Software that snoops on what you run isn't a "protection device". It's merely unethical software that interferes with the operation of your computer in a way that removes the user from control. I'll sure as hell remove anything that does THAT with extreme prejudice. Sue me for it? Well, I rejected the terms of the license and removed the software, so what are you going to sue me for? Breach of contract? I terminated any obligations to you when I stopped using your app.
            • by macshune ( 628296 ) on Thursday November 03, 2005 @04:36PM (#13945079) Journal
              mootkit.

              noun: software program that interferes with another software program's attempt to interfere with the actions of a given user.
              symnonyms: see windows, et al
          • by Chordonblue ( 585047 ) on Thursday November 03, 2005 @02:38PM (#13943758) Journal
            Try and get Sony's DRM to interfere with DVD protection. RIAA Vs. MPAA... FIGHT!

          • Because now Blizzard (hopefully) will sue Sony for some DMCA violation on breaking their game security device :-)

            Doh! Thats' just too difficult to process in my poor brain.

            Would this mean that two wrongs, do in fact, make a right? My other enemy is my enemies enemy? The Axis of evil becomes the Triumvarate of unplanned good?

            Norman ... Coordinate.
    • by B'Trey ( 111263 ) on Thursday November 03, 2005 @02:20PM (#13943478)
      Good or bad depends on your point of view, of course. Wouldn't it be trivial to modify existing worms or viruses to take advantage of the exact same concept, hiding themselves from virus scanners?
      • by Anonymous Coward on Thursday November 03, 2005 @02:37PM (#13943735)
        A better question is, why don't Antivirus Software remove the Sony Virus(TM) in the first place?
        • by bhsx ( 458600 ) on Thursday November 03, 2005 @05:01PM (#13945322)
          I submitted a story that got rejected regarding this type of "rootkit." Somehow (my girlfriend's daughter uses this system in a reletively locked-down mode) I got something installed on my system that slipped past the Spybot S&D, MS AntiSpyware, AVG antivirus, and ewido.
          It was a total b*tch just to find. The thing would build its directory/itself on shutdown (it seemed) and load then delete any trace of itself at startup, even in Safe Mode. It hid itself from Windows Task Manager and every other scan a could run. I ran some Sysinternals [sysinternals.com] apps such as RootkitRevealer and Autoruns, and showed nothing over and above anything I could account for. Suspecting it was a rootkit anyway, I found some good apps such as Process Guard, and F-Secure's Blacklight(stand-alone executable, pretty nice), and a CLI app called RkDetector. Once I had ran PG I could see what was happenning to my poor little PC. Explorer launches a program called ddrssapi.exe from System32, then would go onto to launch mchshisn.exe every 3 seconds or so. At one point Process Guard counted mchshisn.exe loading over 350 times before grinding to a crashing halt!
          Googling ddrssapi.exe or mchshisn.exe yields no hits (or at least didn't, now it'll probably link to this thread), so I renamed the former (because I knew where it was). I was hoping that was the app that created the directory at startup so I rebooted to see if things calmed down.
          Process Guard makes no mention of ddrssapi, but is still continuously launching mchshisn, and I notice that it says it's launching from Program Files/Weslorer... Takes about 4 minutes to bring the box down to it's knees, but that gave me enough time to realize that I could do nothing to find this mysterious directory (Weslorer).
          I boot into Knoppix 4.0 and low and behold there is PF/Weslorer. Unfortunately for me, Knoppix didn't want to play nice with NTFS, so I couldn't delete the dir. Then I remembered that I had build the Windows Ultimate Boot Disk based on BartPE a few weeks ago. Booted into it and removed the Weslorer (which also shows no google hits) directory and ran a Spybot S&D scan for good measure. I rebooted into my XP install and all was well. No more popups (which caused the autopsy in the first place), no more stray process launching hundreds of times. Just a new systray icon for Process Guard. That things going onto every removable media I have.
          I know I still don't really know how it got in and what process it was using to launch itself initially, and that bothers me; but I do not have any symtoms and will have to live with the thought that I got pwned.
          • by Papineau ( 527159 ) on Thursday November 03, 2005 @05:48PM (#13945728) Homepage

            That is why you should install 2 Windows installations side-by-side when you install it in the first place. One is your "normal", work and games related one, the other one is for snooping on the first one if you need to do something it won't let you by itself (like replacing some registry files, etc.).

            Works like a charm when you want to restore a system backup too, and there's no need to play with CaptiveNTFS or such.

            It worked quite well in NT4 with the NT bootloader (boot.ini), so you can probably do the same with XP's bootloader without resorting to a 3rd party boot loader (like grub :)). Don't forget to have different desktop backgrounds (like a red one for the administrative install), so you don't end up doing stuff you don't want to in the wrong environment.

        • by darkonc ( 47285 ) <stephen_samuel&bcgreen,com> on Thursday November 03, 2005 @05:15PM (#13945460) Homepage Journal
          Trusted computing means that other companies (e.g. Sony) can trust your computer to do what they want it to do -- whether you're happy with that idea or not.

          Sony just jumped the gun. They weren't willing to wait until Microsoft put a formal system for this kind of bullshit to take place. The only difference between this and 'trusted' computing is that there's no formalized mechanism in place .... yet.

      • by Proaxiom ( 544639 ) on Thursday November 03, 2005 @02:40PM (#13943780)
        Wouldn't it be trivial to modify existing worms or viruses to take advantage of the exact same concept, hiding themselves from virus scanners?

        Sort of. Good ones already employ techniques to try to hide themselves. The difficult part is getting into the kernel, as the Sony DRM software does when you install it.

        Virus writers might at this point decide to start using file and process names that start with $sys$, in which case anybody who has installed the Sony DRM app (in particular, WoW cheaters) will be especially vulnerable. I doubt that's a large enough population for the technique to be considered useful, though.

        Mostly this is useful for hiding things from prying eyes on your own machine. It is remarkably effective. To prevent malicious apps from taking advantage of it, you might hack the Sony DRM software so it uses, say, $-q8f790vpae-$ as the 'hiding' tag instead of $sys$.

        Just watch what you're doing, because as Mark Russinovich points out in the original article, it's not hard to nuke your box by accident in messing with the Sony/First4Internet drivers.

        • by IAmTheDave ( 746256 ) <basenamedave-sd@y a h o o . c om> on Thursday November 03, 2005 @03:02PM (#13944032) Homepage Journal
          $sys$ass_banger_asian_big_tits.asf

          hmm...
        • I doubt that's a large enough population [Sony DRM installed] for the technique to be considered useful, though.

          Are you sure? Remember, anyone who wants to listen to one of Sony's recent CDs on their computer (unless they have used workarounds) has this rootkit. Be careful in assuming how many people know these workarounds - there are a lot of end users out there, and would you like to be slashdotted by a bunch of zombie end-users because they have a worm that virus scanners can't detect?

        • by spdt ( 828671 ) on Thursday November 03, 2005 @03:24PM (#13944301)
          anybody who has installed the Sony DRM app (in particular, WoW cheaters)

          Of course, the 31337 WoW cheaters write their own DRM software... Um, I mean, "rootkits"

          It's funny how quickly words can become synonyms of another.
        • ...in particular, WoW cheaters...

          Umm, no... they'll be equally vulnerable as anyone else foolish or unfortunate to be infected with this particular piece of malware.

          Honestly, why take a perfectly good and telling point and then weaken it with some unsupportable moralising sneer?

          Unless of course you have inside information not mentioned in TFA, in which case, do please share.

      • by Wellspring ( 111524 ) on Thursday November 03, 2005 @03:40PM (#13944479)
        Good or bad depends on your point of view, of course.

        Hilarious irony, however, appears to be a universal constant.
    • by Stripe7 ( 571267 ) on Thursday November 03, 2005 @02:40PM (#13943781)
      I just love that post by the guy who wants ISO's of the CD so they can use the rootkit. Now SONY will now have their entire product pirated not for the content they are trying to protect but for the content protection system they chose to employ! ROFL
    • Just goes to show that there is indeed a good use for everything.

      Makes you wonder if you could use Sony's rootkit as a way to hide DRM breaking software. It seems to me that this rootkit might actually be more useful to everyone than it might have previously thought.

      Thank you Sony :-)

      Unfortunately, I don't run Windows... :-P
  • by halivar ( 535827 ) <bfelger@nOSPAM.gmail.com> on Thursday November 03, 2005 @02:17PM (#13943424)
    Coincidence, or conspiracy? Hrmm...
  • by Neil Blender ( 555885 ) <neilblender@gmail.com> on Thursday November 03, 2005 @02:18PM (#13943427)
    You anti-DRM, pro-cheating and stealing hippies must be really conflicted on this one.
  • An error has occured

    Sorry, the database is currently unavailable, please try your request again shortly


    Wow, this Sony rootkit works MUCH BETTER than I expected! :D
  • by rovingeyes ( 575063 ) on Thursday November 03, 2005 @02:18PM (#13943430)
    Please somebody...anybody!
  • by interiot ( 50685 )
    Somebody is going to owe a LOT of people new monitors once they're all drenched in coke.
  • by kneecarrot ( 646291 ) * on Thursday November 03, 2005 @02:19PM (#13943457)
    I have definitely thwarted Warden. I just created a 13th level unicorn, ate all the remaining rhubarb in the forest, and killed the White Wizard with an AK-47. NICE!
  • by Verteiron ( 224042 ) * on Thursday November 03, 2005 @02:21PM (#13943486) Homepage
    Am I the only one who finds this amusing? I mean... wow. Whatever monkey at Sony that approved this scheme must be soiling their armor by now.

    And that the first (known) exploit of this thing should be a game cheat. The world is a strange place; Sony has made it just a bit stranger.
    • I'm sure that it's money motivated. It's almost a certain bet that it was an organized effort by some WoW gold peddling outfit that hacked the DRM into their WoW hack so quickly. Also a near-certain bet that they're stepping up their production efforts to milk this thing while they can. Greed really isn't as strange as you may think.
    • FTA: A way to remove the 'cloaking device' without breaking the DRM (or your device driver): URLhttp://cp.sonybmg.com/xcp/english/updates.html>

      Sony: We Make Your DRM a Little Less Evil (tm)

      Obviously, this was just a way for Sony to try to bring WoW to its knees; after all, that's a lot of potential EQ2 subscribers who might have changed over had Sony been able to cripple the WoW economy.

      /tinfoil plate armor, shield, and helm securely equipped
    • What would have been even more amusing is if had been used against a Sony MMORPG like Everquest 2.
  • YRO? (Score:2, Interesting)

    by LostCluster ( 625375 ) *
    Are we suddenly interested in the rights of game cheaters? Whose rights are being impacted here?

    This is just a classic hack. Nothing impacting free speech or even property rights. Yes, it belongs on /., but in a different section...
    • this directly relates to a story that was originally posted under the YRO heading. it makes sense to keep posting information about that story there, because people who read yro.slashdot.org might want to know the latest in the Sony DRM rootkit saga.
    • ...well, maybe they're not human in the gameworld. ;) WoW uses a rather invasive technique for scanning Gameplayers whether they cheat or not. Sony's DRM scheme also inteferes with the ability for people to make backups of they're own property. In fact, the only interesting thing about this story is these two issues have collided in an unexpected way at a moment in time.
    • Re:YRO? (Score:5, Insightful)

      by Experiment 626 ( 698257 ) on Thursday November 03, 2005 @02:36PM (#13943727)

      Are we suddenly interested in the rights of game cheaters? Whose rights are being impacted here?

      The "rights" issue is with peoples' right to listen to music they've bought without the CD compromising their system and infecting it with rootkits. This article is signifigant more as a new development in that story, than as a "a victory for the rights of online cheaters everywhere!" thing.

      To underscore the point, consider that yesterday on GlobeAndMail.com, we have:

      The company dismissed the prospect of hackers exploiting its rootkits for their own purposes as an "academic" concern.

      I guess it isn't so academic anymore.

    • Re:YRO? (Score:3, Insightful)

      by mrgreen4242 ( 759594 )
      Are we suddenly interested in the rights of game cheaters? Whose rights are being impacted here?

      Seems like people are more interested in the rights of non-cheating WoW players? People who play WoW SHOULD know that their systems are monitored, and if they don't like it they can quit. Presumably, they are ok with the trade off of "my system is monitored, but so is everyone else's, so at least I can play the game knowing that it is an even field". Sony has given people a way to defeat that, and in doing so ta

  • Let's bash Sony (Score:5, Insightful)

    by LordSnooty ( 853791 ) on Thursday November 03, 2005 @02:21PM (#13943489)
    OK, so I understand that Sony did a bad thing with the rootkit. But I don't immediately understand the link to Blizzard. Surely there are other "rootkits" around (think Hacker Defender) which can hide files? Why has this suddenly become a problem with the release of the Sony rootkit? Is it a case of "yes, this is definitely bad... now quick, find some way of demonstrating how bad it is!"

    Do other cheat protection systems use similar methods to look for files? If so, why are they not affected? Why am I only hearing about Warcraft?
    • Because WoW and the rootkit have been in the news lately. It is easier to pick up on a continuing story than it is to take time digging for new details.
    • Re:Let's bash Sony (Score:5, Insightful)

      by bleckywelcky ( 518520 ) on Thursday November 03, 2005 @02:41PM (#13943786)
      This is newsworthy because someone can legitimately use the Sony CD and have the rootkit installed, and then play WoW. So blizzard can't just look for signs of the rootkit and ban that account - people will be pissed for a non-legit ban. At the same time, people can do the same thing AND initiate a cheat on WoW and claim to be pissed for the same "non-legit" ban.
    • Re:Let's bash Sony (Score:5, Informative)

      by HavokDevNull ( 99801 ) <eric@@@linuxsystems...net> on Thursday November 03, 2005 @02:49PM (#13943884) Homepage Journal
      The reason the "link to Blizzard" is because the guys over at www.wowsharp.net thought to use the rootkit first, and it is so easy to use that anyone who can rename a file can use it. And WOW is very popular in the first place (4 million users now), so this impacts a bunch of people.

      Another cheat program http://www.wowglider.com/ [wowglider.com] is also getting around WOW's Warden technology by running WOW in a normal user profile in xp, removing access to said user in the wowglider folder, then running wowglider as an admin account. But more than likely you could just install Sony's rootkit, rename your wowglider folder and do the above step for double protection against Warden detecting wowglider.

      My point being Sony and First4Internet are saying that the rootkit does not compromise a system's security, when in fact it can and does. And the Cheaters are proving it now, next will be the virus writers.
      • Re:Let's bash Sony (Score:3, Informative)

        by Red Flayer ( 890720 )
        "because the guys over at www.wowsharp.net thought to use the rootkit first"

        Hardly. They're just the first to publicize... this has been floating around in some forums for a little while.

        There's less of an advantage to cheating if everyone can do it. So those exploiting this have been keeping their mouths shut...

    • Re:Let's bash Sony (Score:3, Interesting)

      by HTH NE1 ( 675604 )
      How accessible are other rootkits to the average WoW cheater? I haven't done any searches, but surely nothing compares to being able to walk in to a record store and buy pluton^H^H^H^H^H^H a rootkit.

      And it is always the latest of the breed that would be the most desireable, especially when it could be found on many systems innocently. The rootkit comes with it's own human shield of innocents.

      And Blizzard would violate the DMCA if they removed Sony's DRM software that restricts access to Sony's so-protecte
  • by sweetnjguy29 ( 880256 ) on Thursday November 03, 2005 @02:21PM (#13943493) Journal
    Hmmm...it didn't work.
  • by Tuxedo Jack ( 648130 ) on Thursday November 03, 2005 @02:22PM (#13943511) Homepage
    If the process is hidden, the Warden can't pick up on it, right?

    So hypothetically, ANY rootkit could be used to hide processes - HackerDefender and the others out there would do the job nicely.

    Of course, the other edge of the sword is that you don't know just what _else_ is hiding... unless you wrote and compiled the rootkit yourself using your home-brewed compiler.
    • by LostCluster ( 625375 ) * on Thursday November 03, 2005 @02:36PM (#13943719)
      And, if we're going by Security Now [grc.com]'s definition of a "rootkit", Norton SystemWorks is a rootkit because its Undelete component hides files from the operating system that are really still there, SystemWorks just fools all applications into thinking they're not there.

      Any program that uses the operating system hooks to find out what is going on risks being fooled. The only way around it is to do what RootkitRevealer [sysinternals.com] does, ignore what the OS is saying and go byte-level reading the disk to see what you get, then if you like compare it with what the OS is reporting to see if there's any differences.
  • Not bad, (Score:5, Funny)

    by Vengeance ( 46019 ) on Thursday November 03, 2005 @02:24PM (#13943535)
    But it would be better if Warden was a product of Sony Online Entertainment, and it was used to protect Star Wars Galaxies. THAT would have made my day.
  • I pray for the day (Score:5, Interesting)

    by sammy baby ( 14909 ) on Thursday November 03, 2005 @02:26PM (#13943569) Journal
    I now live in hope for the day that a bunch of the corporations pushing for invasive DRM like Blizzard's Warden and Sony's whatever-it's-called sue each other under the DMCA for circumventing each others technologies, instead of suing us for trying to crawl out from under them.
    • by interiot ( 50685 ) on Thursday November 03, 2005 @02:46PM (#13943850) Homepage
      Well, once Microsoft's NGSCB [wikipedia.org] ccomes along, games like Warcraft will have two choices:
      1. live outside the trusted comping base, and be vulnerable to anybody who manages to crack the NGSCB and run their code in a place that can't be examined by Warcraft, or:
      2. convince Microsoft to let WoW cheat-detectors run inside the NGSCB so they can detect everything
      First4Internet vs. Warden seems like it's the only possible crazy example of this, but if NGSCB is vulnerable to either crackers or corporate influence, this will only be the beginning.
  • by Duncan3 ( 10537 ) on Thursday November 03, 2005 @02:27PM (#13943579) Homepage
    In this corner, the spammers, with thier root for zombies to spam you with...

    In this corner, the DRM people, making sure you don't listen to any music you paid for.

    And in this corner, the 1337 gamer d00ds, making sure you have to buy it on ebay instead of getting it yourself.

    And there is the bell... wait, they don't appear to be fighting... why are they taking off their clothes... what is the Sony guy doing to the spammer... they appear to be... oh my, that's just not right... this fight is called on account of an orgy breaking out...

    Meanwhile...

    Enjoy the nice cozy comfort of your OSX and Linux boxes :)
  • by idontgno ( 624372 ) on Thursday November 03, 2005 @02:27PM (#13943582) Journal
    I don't play Sony's EQ2, but aren't there cheater progs for that? And doesn't EQ2 have memory- and registry-based cheater scans? Wouldn't the tasties irony in the situation be a Sony software product defeating cheat-detection in a Sony game?

    Yes, the software industry is the best way of fulfill the Recommended Daily Allowance for irony.

  • Ha ha! [ripplinger.us]
  • In related news (Score:3, Insightful)

    by $RANDOMLUSER ( 804576 ) on Thursday November 03, 2005 @02:36PM (#13943720)
    Sony's DRM rootkit can be thwarted by not doing business with those evil bastards.
  • Only slightly OT (Score:5, Insightful)

    by Nom du Keyboard ( 633989 ) on Thursday November 03, 2005 @02:38PM (#13943744)
    It should be only slightly OT to ask:

    1: Why are people celebrating victory because Sony announced they will remove the cloak, they're still leaving all the rest of the crap on your system - including the memory and cpu wasting scan that runs continually, even when you're not playing their DRM infested CD's.

    2: Now that the cloak is removed, what was that registry key that keeps track of how many CD's you've burned under their DRM system?

    3: Don't you think you're celebrating a bit early since Warden 2.0 should be able to use the same tricks as RootKitRevealer to diagnose your system? And how long will this take to appear?

    4: If you detecting and removing this software from your computer violates the DMCA, then the DMCA is so cleary wrong that it should be repealed this afternoon.

    5: Profit! Or in other words, who is profiting from this now? I don't see Sony going broke yet.

    • by mpe ( 36238 )
      1: Why are people celebrating victory because Sony announced they will remove the cloak, they're still leaving all the rest of the crap on your system - including the memory and cpu wasting scan that runs continually, even when you're not playing their DRM infested CD's.

      It probably isn't necessary for their system to install anything anyway. Even removing the hiding the stuff they insert could have other consequences. e.g. what happens if different versions of this software attempt to install on the same
  • booo!
    glowing brightwood staves for none!
    boooo!
    glowing brightwood staves for some, miniature American flags for the others!
    YAY!
  • Or, King Kong versus Godzilla - two gigantic forces of destruction battling it out!

    I'm going to pop some corn and watch the sparks fly.
  • Profit line (Score:5, Funny)

    by Nom du Keyboard ( 633989 ) on Thursday November 03, 2005 @02:46PM (#13943858)
    1: Install WoW.
    2: Install Sony Music CD.
    3: Install Cheat Hacks.
    4: Win at WoW.
    5: Profit!
    6: Discover that Sony RookKit drops frame rate to unacceptable levels.
    7: Buy new AMD64 gaming system.
    8: Discover that game gold no good in the real world.
    9: Profit^-1.
  • by Nom du Keyboard ( 633989 ) on Thursday November 03, 2005 @02:52PM (#13943921)
    This whole rootkit business leads one to wonder what happens if you play the Sony CD in an instance of a Virtual Machine (ala VMware). Does it only root the virtual machine? Can you burn endless CD's, 3 at a time? Since Sonly has clearly granted you a licence to burn the number of CD's permitted by the DRM, can you now put them out of business selling yours on the street? Inquiring minds blah blah blah...

    And speaking of WoW, you mean there is no game hack that changes it's name each instance so that The Warden will never have it in its signature file?

    • Actually, from what I've seen on the Our Lady Peace CD is that you "DECLINE" their EULA and the OS spits out the disc.

      Wow, that's hard to get around.

      Once you turn off "Autorun", it's just another quick step with EAC to do a rip and convert to any format you want... I had thought of using my laptop to actually install their DRM to see what kind of crappy quality they had the tracks at, but I'm glad I didn't do that after reading yesterday's article.

      Anyways, I'm sure the "other" OS I run isn't affected by th
  • by dmh20002 ( 637819 ) on Thursday November 03, 2005 @03:01PM (#13944029)
    Sony should take a page from the Johnson and Johnson book. When the Tylenol poisonings happened, J&J took aggressive action to limit the damage and help the people concerned. They pulled the product off the shelves at a huge financial hit. They turned around a potential PR nightmare by doing the right thing (and the tragedy wasn't even their fault)

    Instead, Sony is using the Intel Floating Point strategy of obfuscation, excuses, hard line statements etc.

    From BBC News:

    "A spokesman for Sony BMG said the licence agreement was explicit about what was being installed and how to go about removing it. It referred technical questions to First 4 Internet.

    Mr Gilliat-Smith said Mr Russinovich had problems removing XCP because he tried to do it manually something that was not a "recommended action". Instead, said Mr Gilliat-Smith, he should have contacted Sony BMG which gives consumers advice about how to remove the software.

    Getting the software removed involves filling in a form on the Sony website, visiting a unique URL and agreeing to have another program downloaded on to a user's PC that then does the uninstallation. "

  • by blueZhift ( 652272 ) on Thursday November 03, 2005 @03:06PM (#13944083) Homepage Journal
    This reminds me of the old Reeses commercials...

    Sony: Hey! Your spyware's in my rootkit!

    Blizzard: Your rootkit's in my spyware!

    User (taking a bite): Mmmm, now that's good computing! So liberating...

    Announcer Don Pardo: Two great tastes that go together.

  • This is silly (Score:5, Insightful)

    by Locke2005 ( 849178 ) on Thursday November 03, 2005 @03:08PM (#13944110)
    Much as I detest the Sony DRM, this is not a valid criticism of it. Anybody wanting to implement cheats will just use the same method as the Sony DRM directly to hide the cheats, not rely on the Sony DRM having been installed first! This is a flaw in Warden that is independent of the fact that the Sony DRM is a bad thing. It also points out the flaw in the anti-cheat arms race -- since you don't own your customer's machines, any anti-cheating technology you deploy can be quickly circumvented by determined individuals.
  • by gstoddart ( 321705 ) on Thursday November 03, 2005 @03:17PM (#13944217) Homepage
    This demonstates how it will never work in the long-run for every manufacturer to be installing stuff on your PC to make sure you play by their rules.

    Before long, if you get 10 or 15 different toolkits which all try to change your system behaviour to ensure no cheating/copying/peeking is taking place, then absolutely NOTHING will keep working.

    An arms race of installed crap to keep you honest will just leave everyone with busted machines.

    Cheers

Let's organize this thing and take all the fun out of it.

Working...