Jump to content
TSM Forums
Sign in to follow this  
EdwardKnoxII

Beastie Boys CD Installs Virus

Recommended Posts

http://www.theregister.co.uk/2004/06/23/be...e_boy_cd_virus/

 

Beastie Boys CD installs virus

By Thomas C Greene

Published Wednesday 23rd June 2004 11:18 GMT

A new Beastie Boys' CD called "To the Five Boroughs" (Capitol Records), is raising hackles around the Web for reputedly infecting computers with a virus.

 

According to a recent thread at BugTraq, an executable file is automatically and silently installed on the user's machine when the CD is loaded. The file is said to be a driver that prevents users from ripping the CD (and perhaps others), and attacks both Windows boxen and Macs.

 

The infected CD is being distributed worldwide except in the USA and UK, which prevents us from giving a firsthand report. However, according to hearsay, we gather that the Windows version exploits the 'autorun' option, and that the Mac version affects the auto play option.

 

On Windows, when a CD is loaded, a text file called autorun.inf is read, and any instructions within it are executed. In this case, the machine is instructed to install some manner of DRM driver that prevents copying. We haven't seen either the .inf file or any of the executables, so we can't say how or at what level it accomplishes this - or if indeed it actually does accomplish this.

 

But assuming that the unconfirmed reports are accurate, we have here a media company infecting users' machines silently with a file that affects a computer's functionality, without first obtaining informed consent: a likely violation of pretty much every jurisdiction's anti-hacking laws. It's possible to foresee criminal charges being brought at some point: after all, having a good reason for spreading malware has never been much of a defence in court. And a file that alters a computer's functioning without the owner's informed consent is the very definition of malware. Because this malware can be transferred from machine to machine on a removable disk, and requires user interaction to spread, it is, quite simply, a computer virus. (A worm, on the other hand, is distinguished by its ability to spread without user interaction.)

 

CD virus protection

Let's look at the ways this autorun business can be defeated. It's quite easy to disable autorun in Windows by holding down the Shift key when loading a CD. Unfortunately, this has to be done each time the CD is played. However, it's easy to insert the CD once with the Shift key depressed, and then simply rip the tracks to the hard disk. You can then use the CD in other devices, and listen to your corresponding MP3s or whatever on your computer.

 

You can also disable the autorun "feature" on your Windows machine permanently so that this and other CDs infected with viruses won't affect you in the future.

 

To do this, go to the Start menu ==> Run, and type in the command regedit. Your registry editor will launch. Navigate to the following key, and edit as shown:

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDRom and set Autorun DWORD=0

 

It might be necessary to create the value, thus: Data Type: DWORD Value Name: Autorun Value: 0

 

As usual, you must reboot your Windows box for the changes to take effect.

 

Disinfection

The above procedure assumes that you haven't previously installed the suspected Capitol Records virus, or a similar one from another fine entertainment conglomerate. But if you have, you will need to find and uninstall the malware first. The autorun.inf file on the CD will likely indicate the name of the relevant file(s), the locations where they're installed, and any registry changes made.

 

Armed with that information, go to the Windows 'uninstall' utility:

 

Start menu ==> Settings ==> Control Panel ==> Add or Remove Programs ==> Change/Remove.

 

Look for any program files referenced in the autorun.inf file and uninstall them. If no related programs are listed, you will need to launch the Windows Search Companion and search for any files named in the autorun.inf file and delete them manually. Be sure to activate the options in the "more advanced features" dialog allowing you to search the entire disk (search system folders, search hidden folders, and search subfolders).

 

Now, a word of caution: if the Capitol Records virus has updated a library file or driver, deleting it might affect your system's functioning, and you might need to re-install Windows to put things right again. (Carefully log the time needed to do this and include it in your criminal complaint.) However, deleting a foreign executable file is safe, so long as it's not one you actually need. So be careful about file name spellings so that you don't accidentally delete an important file that's spelt similar to the one you wish to be rid of. ®

 

Thomas C Greene is the author of Computer Security for the Home and Small Office, a comprehensive guide to system hardening, malware protection, online anonymity, encryption, and data hygiene for Windows and Linux.

Share this post


Link to post
Share on other sites
Guest Choken One

That's fucking stupid and retarded.

 

What If I wanted to listen to it on my cpu at work instead of using a cd player?

 

They can just go back to being irrelevant again.

Share this post


Link to post
Share on other sites
Guest Choken One

I didn't say me...I was using "i" in the general sense of the word.

Share this post


Link to post
Share on other sites
Guest cobainwasmurdered
That's fucking stupid and retarded.

 

What If I wanted to listen to it on my cpu at work instead of using a cd player?

 

They can just go back to being irrelevant again.

Yes...the beastie boys were the ones who installed this...

 

fucknut.

Share this post


Link to post
Share on other sites

Beastie Boys could very well have told Capitol to fuck off with their virus bullshit. They probably have enough clout within the industry to cause them a bunch of problems at least. The fact that this story hasn't blown up before this and the fact that the disc still has the virus on it shows me that they were at least privy to the plan and all that. Fuck Beastie Boys and fuck Capital Records nazis for trying to fuck my computer up. I'm glad that 98% of the bands I listen to wouldn't even imagine doing this kind of bullshit. Immortal would never virus my system yo.

 

And as far as the virus fix goes, the article makes it look easy as pie, but anytime you go tap dancing in the registry(if you're an unexperienced user), you can seriously fuck your shit up with one wrong click or keystroke. This thing sounds like quite a beast if you're someone who isn't a knowledgable user.

 

In summation, fuck Capitol Records until they are permanently Goatce'd

Share this post


Link to post
Share on other sites
Guest cobainwasmurdered

until there's proof that the Beastie knew I really doubt it.

Share this post


Link to post
Share on other sites

the beasties are business men. Beastie Boys is essentially a franchise by now. I would have a hard time believing that they would be oblivious to someone loading extra goodies onto their albums.

 

I'm no expert buy any stretch of the imagination, but I no for a fact that if a label tried to put anything but music on one of my albums, I will be knowing it.

 

I'm playing the cynic in this story, I don't think the beasties(with all their experience in the business) could be ignorant to something this big going on with their records.

Share this post


Link to post
Share on other sites
Guest Fook

It's basically saying that EMI denies any shennanigans (virus, spyware, or otherwise) with the Beasties cd.

Share this post


Link to post
Share on other sites
Claim of spyware on Beastie Boys CD denied

 

15:10 23 June 04

 

NewScientist.com news service

 

 

Suspicions that a new Beastie Boys CD automatically installs sinister software on a user's computer have been denied by music company EMI, which released the CD.

 

The suggestion, which started on an online message board, has caused a storm of controversy among fans of the US rap band and computer enthusiasts. Some of the CDs do carry copy protection software, which aims to reduce piracy.

 

A posting on the bugtraq message board on SecurityFocus.com claimed that when a copy-protected version of the album is inserted in a PC, software installs itself “automatically” and “silently” and stays there even when the CD is removed. That "sounds like viral malware behaviour to me", the user wrote.

 

If so-called spyware was installed, it could monitor a user’s habits and send back evidence of illegal behaviour says Barry Ritholtz of the Maxim Group in New York City, a consultancy for technology and media investors.

 

But EMI and Macrovision of Santa Clara, California, which developed the software, refute these claims. “There is no spyware on the discs,” an EMI spokesperson told New Scientist.

 

Currently, EMI only puts copy protection software on CDs sold outside the UK and the US, but it has been routine in 40 countries for the past 18 months. However, the Beastie Boys album, To the five boroughs, has become the highest profile release to have such software. Furthermore, EMI plans to roll out the software in all countries.

 

 

Graphical skin

 

EMI admits that one piece of software is downloaded on to a computer’s hard drive, but say this is only a graphical “skin” that provides the user with the stop, start and volume buttons needed to play the music. This also uninstalls when the CD is removed, the company says.

 

The Macrovision media player and the compressed music files needed to listen to the music both run off the disc itself and are never downloaded onto the PC, EMI says. New Scientist has been unable to obtain a copy of a disc and has therefore we have not been able to test it for ourselves.

 

The CD provides the proprietary media player so users can listen to the music through their PCs, but cannot in this case make copies or convert the files to MP3 format. Music companies hope this approach will reduce illegal online sharing of music.

 

Even programmers who oppose copy protection software say that the software is unlikely to be spyware. “They are in enough hot water as it is,” says Slaven Radic, a professional programmer. But he and others think that automatically downloading any software is unacceptable.

 

The issue has stoked an already heated debate. On the band’s official website, outraged Beastie Boys fans complain that the copy protection prevents legitimate uses of the music they have bought, such as making back-up copies and transferring the files to an i-Pod player.

 

“You are essentially turning the person’s computer against them,” argues Alex Halderman, a PhD student at Princeton University in New Jersey, who in 2003 publicised how to circumvent another type of copy protection software, made by SunnComm Technologies of Phoenix, Arizona.

 

 

Permission first

 

Another high profile album release has also attracted recent attention because of its copy protection. Contraband is by Velvet Revolver, a group made up of some ex-members of the hugely popular Guns ‘n’ Roses.

 

Its copy protection, supplied by SunnComm, is present on CDs sold in the US. It does download software onto a user's computer, but asks for permission first. It also allows users more options than the Macrovision software, permitting three back up copies to be made and conversion to MP3 format. However, it is not compatible with i-Pods.

 

The album far exceeded predicted sales and Sunncomm says this success is an example of the effectiveness of copy-protection software in battling piracy. But opponents say the high sales are simply because the members of the band are famous. “It is selling despite the copy protection," says Ritholtz.

 

Halderman argues that copy-protection software will not combat music piracy. “It makes illegal music even more desirable,” he says, because the software decreases the value of the paid-for music by reducing the number of devices it can be played on.

 

Furthermore, some protection mechanisms can be easily circumvented. But Bill Whitlock, who markets SunnComm Technologies products, believes most people will not hack the software. Making them realise they are breaking the law is enough to discourage most people from illegal copying, he believes.

 

 

Celeste Biever

Share this post


Link to post
Share on other sites

The Beasties respond

 

1. There is NO copy controlled software on US or UK releases of Beastie Boys' "To the 5 Boroughs."

 

2. The disk *IS* copy controlled in Europe - which is standard policy for all

Capitol/EMI titles (and a policy used by ALL major labels in Europe).

 

3. The copy protection system used for all EMI/Capitol releases including "To the 5 Boroughs" is Macrovision's CDS-200, which sets up an audio player into the users RAM (not hard drive) to playback the RED book audio on the disk. It does absolutely NOT install any kind of spyware, shareware, silverware, or ladies wear onto the users system.

 

You can find more information on the technology used here:

http://www.macrovision.com/products/cds/cds200/index.shtml

 

This is what EMI has to say about it:

Reports that "spyware" is being included on the Beastie Boy's CD, 'To The Five Boroughs' are absolutely untrue.

 

While the Beastie Boys CD does use copy control in some territories, there is no copy control on the Beasties Boys discs in the US or the UK. Where copy protection is used, it is Macrovision's CDS-200 technology; the same technology being used for the past several months around the world for all of EMI's releases in those territories. This Macrovision technology does NOT install spyware or vaporware of any kind on a users PC. In fact, CDS-200 does not install software applications of ANY KIND on a user's PC. All the copy protection in CDS-200 is hardware based, meaning that it is dependent on the physical properties and the format of the CD. None of the copy protection in CDS-200 requires software applications to be loaded onto a computer.

 

The technology does activate a proprietary Macrovision player in order to play the CD on a PC, and that player converts WMA compressed files to audio on the fly. It also temporarily installs a graphic "skin" for the player. Nothing is permanently installed on a hard drive. These details can be verified in the 'install.log' file in the computer's root directory.

 

 

No thanks. I don't think I'll be buying any Capitol Records goods while they are putting this on it. (just pretend for a minute that I actually would have bought the Beasties' cd for the sake of arguement).

 

1. The Beasties don't give a lick about this issue I think considering the joking nature of their responce. Most kids out there are scared shitless of spyware and malware as it is. Now they have to contend with this thing occupying their system and taking up resources when a lot of them won't even know it. It's not the same thing I was arguing earlier in the thread, but I do consider this to be the same as a virus or malware application because it installs a program on your computer. It's like an invasion of privacy without the keylogging or auto dialing.

 

2. I run 5 year old computer technology that has a hell of a time sometimes just running websurfing and simple applications (for example I'm running IE, WMP 9, and AIM and I get slowdown at times), I don't need some mysterious gremlin burrowing into my system's RAM when I should be able to, just as easily, play the fucker in my windows media player.

Share this post


Link to post
Share on other sites
Guest FrigidSoul

If you're listening to the Beastie Boys then you deserve to get a virus...both computer wise and life threatening wise.

Share this post


Link to post
Share on other sites

I think it's funny that all the news organizations running the story have been "unable to obtain a copy of the album," and test it themselves. What kind of shit is that?

 

This never would have happened on Grand Royal!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×