It's been ten years since Sony Music infected the world with its rootkit

[Read the post]

Haven’t purchased a Sony product since. I’ll confess to having watched television shows that featured Sony’s logo at the end but as my wife can attest, I’m always careful to shake a fist in the air while it’s on the screen.


Sony was forced to… repair customers’ trust…

It’s not worrrrrrrrrrrking! o/~


It’s a bit bizarre seeing a post with line-break hyphens. This is publishing in the digital age.

1 Like

Thank you Cory for posting this.

1 Like

Is it a very well made CGI or someone managed to drill a hole in a CD? Either way: Kudos.

I was just wondering which CDs had this and found BoingBoing supplied a list 10 years ago.

I’m thinking that this was one of them, but it isn’t listed. The Penguin Guide to Jazz suggested that there was some sort of copy protection (possibly a different thing from this rootkit) that would prevent it from playing on a computer (and perhaps affecting the audio quality as well). I would’ve still been using a Macbook if/when I tried it that way.


This fiasco cured me of my reluctance to just download someone else’s rip. I’d always take the time to rip my own, and I ripped thousands of discs.

Well they clearly didn’t want me ripping. Downloading is easier anyway.


A friend of mine bought a Foo Fighters CD a while back and discovered he couldn’t rip it because of the copy protection. Then and there, he totally swore off the band. I felt it was a wise decision for other reasons, but it was a bit of an overreaction. The reality is that in the endless pursuit of pirates, the industry has only created more barriers for people who do give them money.



I used to buy CDs like a coke fiend. But they said they don’t want my money (by punishing me for giving it to them), and I trust them on that one.


I was pretty bummed when Goldfrapp and Depeche Mode had releases with this stuff on it, although by then there was at least a label on the back indicating it couldn’t be ripped.

Which meant I had to wait until someone using Linux could be bothered to rip it :wink:


Russinovich is now CTO for Azure at Microsoft and responsible for the essential Sysinternals line of tools. He’s kind of a hero of mine.


Russinovich is also a hero of mine.

Back in 2005 I was working at an anti-rootkit company when this news hit. So I found out specifically which CD he used, drove down to a store and bought it.

Boy howdy, Mark R. is a genius but we do not share the same taste in music. (Terrible, terrible loud pop country)


I remember at the time looking at it and not thinking much of it, but now I’m wondering why they thought that these albums were prone to being ripped. Ok maybe Ricky Martin, but I think by that point his spanish-singing career had crested.

It was possible to get unCPed CDs of those Depeche Mode, Radiohead and Goldfrapp releases. Depends which country you ordered from.

1 Like

Ah, in Australia they didn’t seem to be available in any other edition.

I did buy them - don’t want to rip off bands I like - but only as a present for my significant other. Then I downloaded them and my hands were clean :wink:

So… has anyone gone to prison for this?

Or, at least, has someone been threatened with a long prison sentence?

Surely, deliberately infecting other people’s computers with malware is a crime punishable by prison time?

To the best of my knowledge, only Italy started criminal investigations into the matter, but then they concluded they didn’t have jurisdiction on the matter because the offending CDs were never sold there.


The CFAA certainly applied in that situation. But I think that there was no political will to pursue it, even though it would have been a great opportunity to make an example out of Sony, seeing as the CFAA is applied to petty criminals nowadays, but never the big players infecting government hardware.

To be fair, the Copy Control discs weren’t anything to do with the Sony rootkit. They used a few tricks involving deliberate errors that would be corrected by players as if they were normal damage, but not computers, that one could bypass with the right techniques. I refused to buy them in my country at the time, and got them from the US instead.

Interestingly, because they weren’t compliant with the Red Book standard for CD audio, they were not legally CDs. I’m not sure if that negated any of the laws governing the ripping of data from them, but it would be a hilarious irony if it did.


You know, if you want something that’s really ruined CDs and made them pointless purchases, it’s the bloody loudness war. CDs sound worse now than they ever have. I make a point of only buying old editions of older music I want, and now frequently hem and haw over new music because it sounds so bad.