Princeton's Ed Felten and Alex Halderman continue to post excerpts from their forthcoming major paper on the lessons learned from Sony's covert infection of millions of its customers' computers with malicious software that was intended to restrict their ability to use the music on the CDs they bought.
Today's installment discusses installation of CD-DRM, wherein CDs try to convince you to install anti-user software on your computer, and to prevent you from ripping the CD while it's doing so. As with previous installments, this is really fascinating, top-notch work.
The greatest limitation of the XCP temporary protection system is the blacklist. Users might find ripping or copying applications that are not on the list, or they might use a blacklisted application but rename its executable file to prevent the installer from recognizing it. Since there is no mechanism for updating the blacklist on existing CDs, they will gradually become easier to rip and copy as new applications not on the blacklist come into widespread use. Application developers may also adapt their software to the blacklisting technique by randomizing their process image names or taking other measures to avoid detection. [Footnote: An extreme extension of this would be to adopt rootkit-like techniques to conceal the copying application’s presence, just as XCP hides its active protection software.]Link
(Sony taproot graphic courtesy of Sevensheaven)