MacRaven - Dave Haxton's Weblog

Mon, 31 Oct 2005

This dude is truly a Windows guru - I doubt that I could've managed to follow the trail as throughly as he did and get everything back to normal. Fortunately, there's a simpler solution. Don't buy DRM'd music or software.

SysInternals.com guru Mark Russinovich has a detailed investigation of a rootkit from Sony Music. It's installed with a DRM-encumbered music CD, Van Zant's "Get Right with the Man". (Mmmm, delicious irony!) The rootkit introduces several security holes into the system that could be exploited by others, such as hiding any executable file that starts with '$'. Russinovich also identifies several programming bugs in the method it uses to hook system calls, and chronicles the painful steps he had to take to 'exorcise the daemon' from his system.

(link) [Slashdot]

/Copywrongs | 4 writebacks | permanent link

On 11/1/2005 07:24:12
Arwin wrote

Where do you find non-drm'ed tunes

Before all of the electronic download sites (iTunes, Musicmatch, etc.) I admit I illegally downloaded music. Not the thousands that some folks did. My rationalization: I'll be damned if I'll allow the record industry to legally rip me off by packaging a bunch of crummy music with the one or two songs I want on a CD at $17 a pop. Now that I can legally download songs for a reasonable $0.99 per song I'm perfectly happy and more important, legal. So far loading these DRM protected files hasn't resulted in any security breach of my systems. Maybe I've been lucky. I'm not a serious computer geek so I don't know if it is luck or not. I plan to continue on this route because 1) I don't know where you can find legal non-DRM'ed music that I want and 2) I believe the artists and the recording industry do deserve to profit from their work. Until someone comes up with a way to prevent folks from ripping off intellectual property we're stuck with what's offered. I know there are ways around the DRM that even I can execute and I do under fair use. I don't redistribute the unprotected files. My main beef with DRM is Apple's Microsoft-like monopoly on online music. I'd love to buy an iPod, but the iPod and iTunes won't support protected WMA files (correct me if I'm wrong on this one.. I'd love to be wrong.) So I either have to break the DRM on my WMA files from Musicmatch or solely do busines with Apple.... I wonder if all the Apple folks are cringing at this Microsoft-like behaviour? One last ramble: A buddy of mine reminded me of the days when we bought music on vinyl. You might have heard one or two songs on the album. So a big part of your purchase decision was based on looking at the album cover. These new music services allow 30 second clips of the music to help you decided if you want to purchase the track. Ain't that great!

On 11/1/2005 07:41:29
Arwin wrote

Christian music

One other funny thing I forgot to mention: I recently heard a story about the tendency of teenaged Christians illegally downloading Christian rock. I don't have a link, but I think it was a story on NPR.

On 11/1/2005 21:10:18
Dave H wrote

DRM vs. Copy Protection

Methinks you're confusing DRM as referenced in the article with mere copy protection, which is, in fact, the earliest incarnation of Digital Rights Management. But DRM as implemented by record labels has grown way beyond it's crypto roots. Apple's iTunes uses a copy protection mechanism, whereby the song is encrypted to a key controlled by a player (iTunes or an iPod). The encryption mechanism is proprietary, hence the apparent un-usability of a song purchased via iTunes with a third party MP3 player. The key word here is "apparent". Because this is mere encryption, it leaves a door wide open for copying the file: this is the [in]famous "analog hole". You simply redirect the audio output to a file, or set the recording input to the audio output, play the song and voila - you have an unencrypted copy of the file. Alternately, you can use iTunes to burn an unprotected audio CD and then re-rip the CD to MP3 - no discernible loss of quality in either case. The DRM system referenced in the article attempts to close the analog hole by compromising your system, which is essentially the only way it can be closed. And, as the author demonstrates, even this draconian measure can be defeated. So when I say I won't buy DRM'd music (or video), I should have said that I won't buy media that insist on installing their own player (and DRM rootkit) in order to protect the artist's "intellectual property". Which is a concept I'm finding increasingly indefensible, although that's a rant for another day. As for your systems not being compromised - how do you know? The perfect parasite is one that doesn't kill the host - it only uses it. I once removed a Trojan from a friends machine that was spewing out kiddie porn from his server, using his address and it had been running for months with my friend being none the wiser. Incidentally, it's not just "legal" music that attempts this kind of nefarious stuff: Kazaa and Grokster are loaded with Trojans free for the downloading... at least with the legal stuff you have a chance to read a disclaimer! As far as Christian kids illegally downloading, I heard the tale on NPR as well - and while I don't condone anyone downloading and then redistributing for profit, no one has been able to explain to me exactly how this "old Napster" style of behavior is any different from what we used to do as kids, recording Dr. Demento tunes to cassettes. The only difference I can see is that it's easier to do nowadays - and progress has to be a bad thing, eh? Thanks for the comments and Be well, Dave H.

On 11/2/2005 07:40:03
Arwin wrote

Fire, Ready, Aim

I have to admit I read the article after I submitted to your blog. Oops. I agree I don't want parasitic software on my machine and I want control of my machine. I already knew about the analog hole. I usually burn the protected content to a CD-RW and rip to un-encrypt. Diane has this MP3 player that doesn't support WMA. I don't unencrypt for profit or to cheat artists and their backers out of money. Still what a pain to get my protected WMA files on to an iPod or Diane's SwiMP3. Apple has learned well from Bill and Co. Of course there is freeware available to unencrypt WMA files and convert them to MP3. So far I haven't tried any yet. I think the difference between what we did as kids and what we can do now in the electronic age is: the copies we made lost quality with each subsequent copy whereas the digital copies remain clear and crisp no matter how many copies of copies are made. Also back then you had to know someone with the vinyl before you could make a copy. With file sharing it only takes someone in Bangalore (or is that Elbownia) to have the original. Of course you already know all this. Rant over. Keep chasin' chickens. Arwin

:: Categories ::

agriculture
asatru
copywrongs
humor
musings
politics
technology
index
haxton.org

:: Search ::

:: Blogroll ::

A Mindful Life
The Accidental Smallholder
Austro-Athenian Empire
Cauldron Born
Center for a Stateless Society
Dances with Ewes
Dispatches
egregores
Hardscrabble Creek
Honk & Helen
In Siberia
Laudator Temporis Acti
Lorrie's Livejournal
Masson's Blog
MyAppleMenu
NoNAIS
Notes on Religion
Numenous Thoughts
OrangeGuru
Overlawyered
Prophet or Madman
rogueclassicism
Sugar Mountain Farm
Thud Factor
Universe of Discourse
Wildhunt Blog
within the crainium

:: Archives ::

←April→
Sun	Mon	Tue	Wed	Thu	Fri	Sat
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30

:: Site ::

Contact Me

MacRaven
Dave Haxton's Weblog
Musings, Reflections, Rants and Comments from a Hoosier Heathen husband, father, grandfather, farmer and software engineer. There's really only one of me ...

lunar phases

Unless otherwise noted, all original
work on this site is licensed under a

comment...


Notes: If you put a <mailto:> link in the URL field your address will not be mangled: this could be a bad idea as your email address could be easily harvested by bots designed for SPAM. The comments field should now format correctly for line feeds and carriage returns: when you hit the 'Enter' or 'Return' keys in your comment it should break to a new line. The text should wrap cleanly. Please let me know if it doesn't. No HTML tags will pass through - entering links seems to be the main cause of comment SPAM. Also, please be sure that Javascript is enabled in your browser before attempting to post a writeback. Sorry for any inconvenience, but this really helps cut down on the amount of comment SPAM I have to deal with.

Name:
URL:	(optional)
Title:	(optional)
Comments:
Save my Name and URL/Email for next time