- The Big Picture - http://www.ritholtz.com/blog -

CD installs virus/spyware

Posted By Barry Ritholtz On June 25, 2004 @ 6:45 am In Music | Comments Disabled


Here’s a different spin on the “DRM [1]” story: The Register [2] discusses a very different approach taken in the new Beastie Boys CD (as compared to the Velvet Revolver DRM). When the disc is inserted into a PC, the disc, “To The 5 Boroughs” surreptitiously installs a virus to prevent ripping the disc to MP3s.

This is an unauthorized hack — an “executable file is automatically and silently installed on the user’s machine when the CD is loaded,” According to a recent thread at BugTraq [3].

No permissions, no disclosures, no authorization. It meets all the definitions of a virus.

The virus file is said to be a “driver that prevents users from ripping the CD (and perhaps others), and attacks both Windows boxen and Macs.” Note that under fair use doctrine, a legal purchaser of a CD has every right to back up the disc or convert it to MP3s for their own personal use on an portable player or PC.

A least the Velvet Revolver CD (discussed here [1]) asks permission before installing such DRM measures. Apparently, the new CD from the Beastie Boys doesn’t bother with such niceties.

The great irony is that the Beastie Boys became so successful by very creatively sampling the works of other artists. Observers have noted that their 1980′s albums (including their masterwork, “Paul’s Boutique”) couldn’t even get made to day, due to all the newer copyright restrictions.

Of all people, for these guys to have drunk the DRM Kool-aid is the ultimate irony — and sell out. No wonder their fans have been so angry.

Here is the Register’s CD virus protection advice:

Autorun can be defeated quite easily — to disable autorun in Windows, hold down the Shift key when loading a CD (each time the CD is played). You can also disable the autorun “feature” on your Windows machine permanently so that this and other CDs infected with viruses won’t affect you in the future.

To do this:

go to the Start menu ==> Run, and type in the command regedit . Your registry editor will launch. Navigate to the following key, and edit as shown:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDRom and set Autorun DWORD=0

It might be necessary to create the value, thus: Data Type: DWORD Value Name: Autorun Value: 0

As usual, you must reboot your Windows box for the changes to take effect.

Ahhh, but what if you have already been infected with the CD virus? The above procedure “assumes that you haven’t previously installed a suspected Capitol Records virus, or a similar one from another fine entertainment conglomerate.”

If you have, you will need to find and uninstall the malware first. The autorun.inf file on the CD will likely indicate the name of the relevant file(s), the locations where they’re installed, and any registry changes made.

Armed with that information, go to the Windows ‘uninstall’ utility:

Start menu ==> Settings ==> Control Panel ==> Add or Remove Programs ==> Change/Remove.

Look for any program files referenced in the autorun.inf file and uninstall them. If no related programs are listed, you will need to launch the Windows Search Companion and search for any files named in the autorun.inf file and delete them manually. Be sure to activate the options in the “more advanced features” dialog allowing you to search the entire disk (search system folders, search hidden folders, and search subfolders).

Too much work to listen to a CD. My advice — return the damned thing as defective . . .

Beastie Boys CD installs virus [2]
By Thomas C Greene
Published Wednesday 23rd June 2004 11:18 GMT


Article printed from The Big Picture: http://www.ritholtz.com/blog

URL to article: http://www.ritholtz.com/blog/2004/06/cd-installs-virusspyware/

URLs in this post:

[1] DRM: http://bigpicture.typepad.com/comments/2004/06/industry_spinni.html

[2] Register: http://www.theregister.co.uk/2004/06/23/beastie_boy_cd_virus/

[3] thread at BugTraq: http://www.securityfocus.com/archive/1/366502/2004-06-17/2004-06-23/1

Copyright © 2008 The Big Picture. All rights reserved.