Friday, December 22, 2006

Sony, the class action lawsuit about their rootkit, and you . . .

Sony has settled on a US federal level class action lawsuit in response to the rootkits included and silently installed on computers over the last 18 months. There are some important things you should know - even if you don't currently own one of the infected CD's from BMG Sony. (More on that in a bit.)

First, for owners of the infected CD's:

Check the list of CD's that install a rootkit if your computers autoplay is enabled.

The settlement and information.



Here are some key facts as best as I currently understand them from the settlement (I am not a lawyer, these are my personal interpretations and opinions, blah blah blah.)

1) If you join the settlement for the payout - you get a little over $7, and some "free" downloads. You gain the right to use their clean-up tools on your infected computers. You lose all rights to participate in any future actions against Sony BMG regarding the rootkits. You also lose the right to ask for damages for your computers.

2) If you do nothing, you get no payout - but you are still automatically considered part of the settlement and lose all rights to participate on any other class actions against Sony BMG - although if you can afford the lawyers you can still go after them yourselves for specific damages to your computers/network.

3) If you opt out of the settlement by filing a form -online or by mail - you get no payout (like it's really worth anything anyway) but you preserve your right to be included in any future class actions. Oddly, according to the court document - by opting out you also deny yourself the use of the clean-up tools being provided by Sony BMG.

4) You may also choose to complain to the court about why you think this settlement is not the best solution to the problem. If you complain, you must also participate in this settlement. You may not opt-out and complain . . . although I have no idea why.

Personally - I choose to opt-out.

Now for the part for non-current owners of the infected CD's.

Forgetting the paltry payout (is the time you spent on removing that rootkit really worth $7.50?) there is the long term view. This rootkit infected wide audiences - including military computers. It was written so poorly that hackers used it as a backdoor to infect and hide even nastier Trojans.

Let's say hypothetically that several years from now you or your kids find one of these at a garage sale, or a used CD store, or anywhere that old unloved albums get re-distributed. It goes into an older computer, infects it, and the removal tools are long gone . . . it's system rebuild time baby!

Or think of any other scenario where one of the un-returned CD's gets into your system. On loan, inherited, you name it.

What Sony BMG needs to do - in addition to the cleaning tools, is "face the music" (ha ha) and do an actual recall on these buggers.

Here are some final links and tips:

XCP Update/Removal tool This removes the Sony rootkit. I suggest you use the remove feature, not the "update" function.

MediaMax Update/Removal tool The other Sony DRM scheme, with severe bugs. Site wants you to update, but buried deep is a Java application that purports to remove their software entirely. They also provide directions to manually remove their software (recommended!)

Protect yourself from future unexpected CD software by disabling AutoPlay:

Disable AutoPlay for Windows XP Professional
1) Click Start, Run and enter GPEDIT.MSC
2) Go to Computer Configuration, Administrative Templates, System.
3) Locate the entry for "Turn Off Autoplay" and Enable it for All Drives.
4) Reboot

Disable AutoPlay for Windows XP Home
1) Create a plain text file and copy the following into it, then save:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000b5


2) Rename the text file's extension from ".txt" to ".reg" (without the quotes)
3) Double click the new REG file and accept the system warning (OK)
4) Reboot


Cheers!