From collectibles to cars, buy and sell all kinds of items on eBay
home | pay | site map
Shop for itemsSell your itemTrack your eBay activitiesLearn, connect, and stay informed-for business and for funGet help, find answers and contact Customer SupportAdvanced Search
Home > Listing Index > Games > Extended Copy Protection

Games - Extended Copy Protection

Extended Copy Protection (XCP) is a software package developed by the British company First 4 Internet and sold as a copy protection or digital rights management (DRM) scheme for compact discs. It was used on some CDs distributed by Sony BMG
and sparked the 2005 Sony CD copy protection controversy
; in that context it is also known as the Sony rootkit.

Security researchers beginning with Mark Russinovich
in October 2005 have described the program as functionally identical to a rootkit: a software program used by computer criminals to conceal unauthorised activities on a computer system. Russinovich broke the story on his , where it gained attention from the media and other researchers. The publicity, which grew to include a civil lawsuit and criminal investigations, soon forced Sony to discontinue use of the copy protection system.

While Sony eventually recalled the CDs that contained the XCP system, the web-based uninstaller was investigated by noted security researchers Ed Felten and J. Alex Halderman, who that the ActiveX
component used for removing the software exposed users to far more significant security risks, including arbitrary code execution from any site on the internet.

Description

The version of this software used in Sony CDs is the one marketed as "XCP-Aurora". The first time a user attempts to play such a CD on a Windows
system, a program will be installed after a dialog box prompts the user to agree to a license agreement. It will then remain resident in the user's system, intercepting all accesses of the CD drive to prevent any media player or ripper software other than the one included with XCP-Aurora from accessing the music tracks of the Sony CD. No obvious way to uninstall the program is provided. Attempting to remove the software by deleting the associated files manually will render the CD drive inoperable due to registry settings that the program has altered.

The included player software will play the songs and allow only a limited degree of other actions such as burning the music onto a certain number of other CDs or loading it onto certain supported devices such as a few portable music players. The popular iPod, sold by Sony competitor Apple Computer
, is not supported.

XCP conceals itself from the user by installing a patch to the Windows operating system. This patch stops ordinary system tools from displaying processes, registry entries, or files whose names begin with $sys$. Other XCP components include "Plug and Play Device Manager", which continuously monitors all other programs being run on the computer.

Security research

In the short period that XCP has been publicly known, security researchers have been quick to analyze it and publish their findings. Many of these findings have been highly critical of Sony and First 4 Internet. Specifically, the software has been found to conceal its activity in the manner of a rootkit (a common computer criminal's toolkit for hiding evidence); and moreover has been found to expose users to follow-on harm from viruses and trojans.

XCP's cloaking technique, which makes all processes with names starting with $sys$ invisible, can be used by other malware "piggybacking" on it to ensure that it, too, is hidden from the user's view. The first malicious trojan to use this technique was discovered in the wild on November 10, 2005 according to a by the BitDefender antivirus company.

Follow-up research by Edward Felten and J. Alex Halderman has shown that the Web-based uninstaller Sony later offered for the software contains its own critical security problems. The software installs an ActiveX
component which allows any Web site to run software on the user's computer without restriction. This component is used by First 4 Internet's Web site to download and run the uninstaller, but it remains active afterward -- allowing any Web site the user visits to take over the computer.

Since it is specific to Microsoft Windows, XCP has no effect on all other operating systems such as Linux, BSD, Solaris, SkyOS or Mac OS X
, meaning that users of those systems do not suffer the potential harm of this software, and they also are not impeded from "ripping" (or copying) the normal music tracks on the CD. However, at least some XCP-bearing discs have also contained a program, MediaMax from SunnComm, which attempts to install a kernel extension on Mac OS X.

[ Visit the complete Wikipedia entry for Extended Copy Protection ]


Searches on eBay

Some related entries: Wallmaster | Nomic | ZX Interface 2 | BSP | Lakitu | Family | Simon the Sorcerer series | Susan Polgar | Solar Realms Elite | Seejur Defender | Frank Scoblete

eBay Pulse | eBay Reviews | eBay Stores | Half.com | Kijiji | PayPal | Popular Searches | ProStores | Rent.com | Shopping.com
Australia | Austria | Belgium | China | France | Germany | India | Italy | Spain | United Kingdom

About eBay | Announcements | Security Center | Policies | Site Map | Help
Copyright © 1995-2005 eBay Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this Web site constitutes acceptance of the eBay User Agreement and Privacy Policy.

eBay official time