NEWS FROM THE LAB - Friday, November 4, 2005

A chilling though about CDs that have rootkit DRM Posted by Jarno @ 08:13 GMT

A member of our IT security team pointed out quite chilling thought about what might happen if record companies continue adding rootkit based copy protection into their CDs.

In order to hide from the system a rootkit must interface with the OS on very low level and in those areas theres no room for error.

It is hard enough to program something on that level, without having to worry about any other programs trying to do something with same parts of the OS.

Thus if there would be two DRM rootkits on the same system trying to hook same APIs, the results would be highly unpredictable. Or actually, a system crash is quite predictable result in such situation.

So imagine a situation where Joe Customer buys CD from label A and another CD from label B. Label A uses third party DRM from company X and Label B uses from company Y.

Then our user first plays one of the CDs in his PC, and everything works fine. But after he starts playing the second CD, his computer crashes and wont boot again. This is something I would not like to associate with buying legal CDs.

I think that record companies should stop playing with rootkits and other Blackhat techniques while they have not yet caused major grief to the customers.

Also while being on the topic of real world effects of DRM, check out Amazon.com user ratings of Van Zant CD that got pinpointed as CD with DRM in it.

At the moment of writing this blog entry, it has 97 review entries and 1,5 stars. I actually feel sorry for Van Zant, as they certainly don't have anything to do with the DRM on their CD.