Hackers are using the newest DRM technology in Microsoft’s Windows Media Player to install spyware, adware, dialers and computer viruses on unsuspecting PC users. Security researchers have detected the appearance of two new Trojans, Trj/WmvDownloader.A and Trj/WmvDownloader.B, in video files circulating on P2P (peer-to-peer) networks.
Hackers Tune In to Windows Media Player
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
…and because the spyware is then DRM protected, you have no control over getting rid off it. This is one reason it is bad to lose control over your machine.
I think that DRM is a Spyware…
Why? Cause it’s embedded in Windows XP with WMP and we can’t remove it, like other embedded programs…
Windows Users: Warning! You’re being watched right now!
..yet another reason not to use WMP and its shitty proprietary formats.
“Cause it’s embedded in Windows XP with WMP and we can’t remove it”
Actually, you can. See
http://nuhi.msfn.org/index.html
I do agree with your premise, and realize that the above option isn’t viable for most people, though.
Just disable the search for licences,better yet disable everything not cdb related.A proper setup would have most likely prevented the havoc.
remember the discussion yesterday about spyware, and someome was trolling saying media player was spyware…. wow, someome who hangs around here is psychic!
I am really glad I dumped windows off my pc and used the install discs as frisbees for my dog, and the manuals as toilet roll etc etc etc
I’m really surprised that no on else has commented on the author’s misuse of the term “Hacker”.
Yeah, MeToo(TM). When I read the headline I thought, “Oh, someone’s using WMP to do something cool”, not “Oh, malware lowlifes are exploiting WMP”.
———————————————————
After attempting to download the DRM, Edelman said: “On a fresh test computer, I pressed Yes once to allow the installation. My computer quickly became contaminated with the most spyware programs I have ever received in a single sitting.”
“All told, the infection added 58 folders, 786 files and an incredible 11,915 registry entries to my test computer. Not one of these programs had showed me any license agreement, nor had I consented to their installation on my computer,” he added.
———————————————————
Those are amazing numbers. And I love the naive protest in the last statement, it’s so cute. Maybe next he’ll be complaining that there’s no justice in the world.
Wow cool app.
the Principle of Economy of Mechanism is only of one 8:
• Principles
– Least Privilege
– Fail-Safe Defaults
– Economy of Mechanism
– Complete Mediation
– Open Design
– Separation of Privilege
– Least Common Mechanism
– Psychological Acceptability
http://www.awprofessional.com/articles/printerfriendly.asp?p=30487
by the way – this text by Matt Bishop is the best I’ve seen on security. unlike most texts which are bottom up fad-led technology guides, this text discusses teh notion of security itself, its components and processes, … proofs and theorems if any, … it takes a top-down and bottom-up approach – and is not led by teh latest buzzwords. i recommend it.
So DRM does allow anyone to write data and code that can be completely protected by the OS and may also further be supported by the hardware (trusted computing and all that). The virus’ of the future will all be DRM protected to stop anyone from looking at and modifying the code, and anyone going around the DRM in MS Windows will be sent to prison! Ha!
Once hardware DRM comes along, the virus’ and worms can use hardware DRM to seriously embed itself in your machine, – you’d have to buy new chips!?!
I don’t think that virus authors are real hackers. They are sad, pathetic little bastards, still living in their parents basement (“Jay and Silent Bob strike back”
). For me only real programmers are hackers, because they create useful stuff, not harmful to user data. Sometimes I wonder why those “chackers” & crackers don’t create their own bugfree operating system and software. Oh yes, they can’t ? I’m not against real hackers that don’t destroy data and don’t ruin peoples life.
IMO authors of dangerous viruses and spyware should be shot.
These are CRACKERS exploiting it not HACKERS! – learn your words “Eugenia Loli-Queru” and “Sid” – hackers are the guys working on real OSes, the ones not affected by this
But the virus writer exposes flaws to the large amount of people who have difficulty determining if their mouse is plugged in. The nerds(non-derogatory) know that DRM was a bad idea but a large amount of the population don’t care so it’s going to take some virus writers to show them. Oh well enough ranting from me.
/*
“I don’t think that virus authors are real hackers. They are sad, pathetic little bastards, still living in their parents basement (“Jay and Silent Bob strike back”
). For me only real programmers are hackers, because they create useful stuff, not harmful to user data. Sometimes I wonder why those “chackers” & crackers don’t create their own bugfree operating system and software. Oh yes, they can’t ? I’m not against real hackers that don’t destroy data and don’t ruin peoples life.
IMO authors of dangerous viruses and spyware should be shot.”
*/
Seems to me that this is a problem with ANY DRM technology (yes, there is more than just WM DRM) that attempts to aquire the correct licensces online (you can make it so that WMP will not automatically try to aquire the licences), not just Windows Media.
Anyone reads full articles?
It says: “these Trojans have been detected in video files on P2P networks such as Kazaa or eMule.”
In my opinion, if you pick your free food from the dumpster, you should not complain about flies.
Of course, some overzealous people will now jump to read the full article, and will point me to: “these files can be distributed via e-mail, FTP or other Internet download avenues.”
Well, it is possible, but wait, there is more: “If you use Windows XP with Service Pack 2 and Windows Media Player 10, you are completely protected.”
Case closed.
Picking a nit. Hackers are not the bad guys. These asshats are crackers and script kiddies who think it’s fun to compromise other peoples’ systems and make them do bad things, or install malware on them.
Hackers don’t appreciate these mischaracterisations, and while I’m not one, I don’t appreciate them either. Get it right Eugenia!
I just realised it might look like I’m insulting OSNews and Eugenia. I’m not! Sorry about the comment subject being so vague!