Beastie Boys CD installs virus?

  • beat this! (nov 27-28) signup begins in...
ill o.g.
Battle Points: 3
A new Beastie Boys' CD called "To the Five Boroughs" (Capitol Records), is raising hackles around the Web for reputedly infecting computers with a virus.

According to a recent thread at BugTraq, an executable file is automatically and silently installed on the user's machine when the CD is loaded. The file is said to be a driver that prevents users from ripping the CD (and perhaps others), and attacks both Windows boxen and Macs.

The infected CD is being distributed worldwide except in the USA and UK, which prevents us from giving a firsthand report. However, according to hearsay, we gather that the Windows version exploits the 'autorun' option, and that the Mac version affects the auto play option.

On Windows, when a CD is loaded, a text file called autorun.inf is read, and any instructions within it are executed. In this case, the machine is instructed to install some manner of DRM driver that prevents copying. We haven't seen either the .inf file or any of the executables, so we can't say how or at what level it accomplishes this - or if indeed it actually does accomplish this.

But assuming that the unconfirmed reports are accurate, we have here a media company infecting users' machines silently with a file that affects a computer's functionality, without first obtaining informed consent: a likely violation of pretty much every jurisdiction's anti-hacking laws. It's possible to foresee criminal charges being brought at some point: after all, having a good reason for spreading malware has never been much of a defence in court. And a file that alters a computer's functioning without the owner's informed consent is the very definition of malware. Because this malware can be transferred from machine to machine on a removable disk, and requires user interaction to spread, it is, quite simply, a computer virus. (A worm, on the other hand, is distinguished by its ability to spread without user interaction.)
CD virus protection

Let's look at the ways this autorun business can be defeated. It's quite easy to disable autorun in Windows by holding down the Shift key when loading a CD. Unfortunately, this has to be done each time the CD is played. However, it's easy to insert the CD once with the Shift key depressed, and then simply rip the tracks to the hard disk. You can then use the CD in other devices, and listen to your corresponding MP3s or whatever on your computer.

You can also disable the autorun "feature" on your Windows machine permanently so that this and other CDs infected with viruses won't affect you in the future.

To do this, go to the Start menu ==> Run, and type in the command regedit. Your registry editor will launch. Navigate to the following key, and edit as shown:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDRom and set Autorun DWORD=0

It might be necessary to create the value, thus: Data Type: DWORD Value Name: Autorun Value: 0

As usual, you must reboot your Windows box for the changes to take effect.
Disinfection

The above procedure assumes that you haven't previously installed the suspected Capitol Records virus, or a similar one from another fine entertainment conglomerate. But if you have, you will need to find and uninstall the malware first. The autorun.inf file on the CD will likely indicate the name of the relevant file(s), the locations where they're installed, and any registry changes made.

Armed with that information, go to the Windows 'uninstall' utility:

Start menu ==> Settings ==> Control Panel ==> Add or Remove Programs ==> Change/Remove.

Look for any program files referenced in the autorun.inf file and uninstall them. If no related programs are listed, you will need to launch the Windows Search Companion and search for any files named in the autorun.inf file and delete them manually. Be sure to activate the options in the "more advanced features" dialog allowing you to search the entire disk (search system folders, search hidden folders, and search subfolders).

Now, a word of caution: if the Capitol Records virus has updated a library file or driver, deleting it might affect your system's functioning, and you might need to re-install Windows to put things right again. (Carefully log the time needed to do this and include it in your criminal complaint.) However, deleting a foreign executable file is safe, so long as it's not one you actually need. So be careful about file name spellings so that you don't accidentally delete an important file that's spelt similar to the one you wish to be rid of.

CAPITOL RECORDS:

1. There is NO copy controlled software on US or UK releases of Beastie Boys' "To the 5 Boroughs."

2. The disk *IS* copy controlled in Europe - which is standard policy for all
Capitol/EMI titles (and a policy used by ALL major labels in Europe).

3. The copy protection system used for all EMI/Capitol releases including "To the 5 Boroughs" is Macrovision's CDS-200, which sets up an audio player into the users RAM (not hard drive) to playback the Yellow book audio on the disk. It does absolutely NOT install any kind of spyware, shareware, silverware, or ladies wear onto the users system.

You can find more information on the technology used here:
http://www.macrovision.com/products/cds/cds200/index.shtml

This is what EMI has to say about it:
1. Reports that "spyware" is being included on the Beastie Boy's CD, "To the 5 Boroughs" are absolutely untrue.

2. EMI is committed to fighting music piracy. To this end, EMI has been releasing copy protected CDs in Europe and certain other territories for over 18 months.

3. The copy protection software used in the Beastie Boys' "To the 5 Boroughs" is the same software that has been used in over 5,000 EMI titles, including recent CDs by Radiohead, Norah Jones, Coldplay, NERD, Janet Jackson, and Chingy. Over 80 million CDs have been sold with this software.

4. There is no copy controlled software on US or UK releases of Beastie Boys' "To the 5 Boroughs."

5. The copy protection system used for EMI/Capitol releases including "To the 5 Boroughs" is Macrovision's CDS-200, which sets up an audio player into the users RAM (not hard drive) to playback the Yellow book audio on the disk. It does absolutely NOT install any kind of spyware, shareware, silverware, or ladies wear onto the users system. In fact, CDS-200 does not install software applications of ANY KIND on a user's PC. All the copy protection in CDS-200 is hardware based, meaning that it is dependent on the physical properties and the format of the CD. None of the copy protection in CDS-200 requires software applications to be loaded onto a computer.

The technology does launch a proprietary Macrovision player in order to play the second session of the CD (which is necessary in order to play the CD in a PC). It also installs a graphic "skin" for the player, the skin component is resident until uninstalled using the 'uninstallplayer.exe' that can be found on the CD (top-level directory). These details can be verified in the 'install.log' file in the computer's root directory. You can find more information on the technology used here
 

Freakwncy

IllMuzik Moderator
ill o.g.
Battle Points: 17
The only reason that wouldnt and cant do it in the US or UK is cause the laws are too strict....plus the hackers are too smart...But this just goes to show you that the music industry is not playing games anymore w/ this copywrite law...

beware yall... the industry has the money to entice the lawmakers into passing a law to try or do this in the US thou...

One Love.
 
ill o.g.
Finally. I would be glad if all CD's from this day on had that shit installed in them when there made. We might not have that whole downloadin problem.


Know what really pisses me off? When you ask somebody what CD's they got, and theyll be like, "I got that Kweli, G-Unit, Pac, Some Snoop..." And then they pull out there cd holder and its all burned CD's. I go "This kid aint a fan of these people, and dont even think about usin the 'But Im Poor' Excuse, cuz if you really respect hip-hop, your not gonna steal shit, your gonna try and support these people"


Just My Opinion
 
C

Copenhagen

Guest
I think copyright control is okay, but the problem with EMI relases, is that their CD's contain viruses and crash pc's.
That's not control, that's destruction. For the people listening to these CD's at work or on their home pc, this is crap.
For the same reason, theres is actually a large group supporting boycots of EMI's products.
 

sammy beats

ILLIEN
ill o.g.
Battle Points: 17
Copyright control is alright. I support the whole iTunes thing. But sometimes I just want to download some of an artist's songs that I haven't heard before and then if they sound good I'll go out and buy the cd. I know a lot of stores let you listen to the cd before you buy it now but its just a lot easier from the comfort of my own home. Installing a virus that doesn't let you rip cds is out of control though. And it's definitely not worth it for the new beastie boys cd. Their new single is wack.
 

Tim D

Bitchn' Bout IRS
ill o.g.
Battle Points: 1
That is bullshit too, because that cd comes with extras your suppose to watch on your computer, but then it still installs virus's even if you wern't gonna burn it, fuck that
 

Obsidian Blue

Igneous
ill o.g.
Wow. It's getting pretty serious now......

I don't know why the music industry thinks that it can stop the music sharing phenomenom. Sure, it MIGHT be able to stop mp3's in 10 to 20 years from now, but that would only cause another format to evolve to get around that.....
 
Top