Breaking News

Samsung announces Galaxy Tab S11 and Galaxy S25 FE series TEAMGROUP Launches EXPERT P34F Find My External SSD NIKON RELEASES A NEW SILVER EDITION OF THE Z F FULL-FRAME MIRRORLESS CAMERA JSAUX Showcases Upcoming Switch 2 Ecosystem Solutions Ahead of IFA Berlin 2025 Viltrox Joins the L-Mount Alliance, Expanding Creative Possibilities

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

CD Emulators May Use Rootkits To Defeat Copy Protection Schemes

CD Emulators May Use Rootkits To Defeat Copy Protection Schemes

Optical Storage Feb 7,2006 0

Mark Russinovich, a security software engineer, announced Monday on his blog that he has discovered that stealth mechanisms deriverd from rootkits is being used by two popular CD emulator programs Alcohol and Daemon Tools. Russinovich had previously discovered the presence of stealth technology derived from rootkits to hide the presence of digital rights management drivers in Sony BMG audio CDs.

A CD emulator or virtual drive, is a program that allows its user to set up a cache on his hard drive that pretends to be an active CD-ROM drive for the operating system. CD emulators help individuals copy data CDs, such as games, to their hard drives for faster execution than obtained when running from the optical disc.

Alcohol, is a leading commercial CD emulator and Daemon Tools is a freeware alternative.

While many criticize the act of copying a copy-protected disc, an image used for a CD emulator such as Alcohol generally qualifies as a backup copy, which has often been considered "legal" under most statutes.

According to Russinovich, both programs appeared to indicate the use of stealth techniques.

In one test, Russinovich demonstrated that a reference to one of the program elements installed by Alcohol, in the Windows System Registry, actually points to a different location than where the program appears to reside.

When using Windows'Registry Editor to search the entry for the element's actual location, Russinovich turned up a blank product name. In other words, the Registry entries that point to Alcohol's central location are inaccurate, and the identifying information for that central location is blank.

Normally, such a split should disable an installed program from appearing in the "Add/Remove Programs" list of the Windows Control Panel. However, Russinovich noted, Alcohol does appear there; so he thinks that whatever stealth Alcohol is employing does not appear to be intended to hide any part of the application from the user.

According to Russinovich, the stealth technique may be intended to hide Alcohol's presence from other programs, especially games, whose own DRM routines always try to discover the presence of CD emulators in order to bypass them. For more information visit Russinovich's blog.

Update: DaemonTools Member Admits Rootkits

The administrator of the DaemonTools online community has posted his comments on the DaemonTools forum, admitting that the software uses "rootkits". Read his reactions to the Russinovich's aspects here. The DaemonTools/Alcohol developing team has not commented the news story.

Tags: rootkits
Previous Post
First Blu-Ray Disc Publisher by Primera
Next Post
Toshiba Develops High Density FeRAM, MRAM Memory

Related Posts

  • Who Uses The Carrier IQ Rootkit Software

  • Researcher Claims Carrier IQ Smartphone Software Is a Rootkit

  • Symantec Reports Rootkit in Master Boot Record of Windows XP

  • Sophos Offers Free Rootkit Detection Tool

Latest News

Samsung announces Galaxy Tab S11 and Galaxy S25 FE series
Smartphones

Samsung announces Galaxy Tab S11 and Galaxy S25 FE series

TEAMGROUP Launches EXPERT P34F Find My External SSD
Consumer Electronics

TEAMGROUP Launches EXPERT P34F Find My External SSD

NIKON RELEASES A NEW SILVER EDITION OF THE Z F FULL-FRAME MIRRORLESS CAMERA
Cameras

NIKON RELEASES A NEW SILVER EDITION OF THE Z F FULL-FRAME MIRRORLESS CAMERA

JSAUX Showcases Upcoming Switch 2 Ecosystem Solutions Ahead of IFA Berlin 2025
Gaming

JSAUX Showcases Upcoming Switch 2 Ecosystem Solutions Ahead of IFA Berlin 2025

Viltrox Joins the L-Mount Alliance, Expanding Creative Possibilities
Cameras

Viltrox Joins the L-Mount Alliance, Expanding Creative Possibilities

Popular Reviews

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Terramaster F8-SSD

Terramaster F8-SSD

Noctua NH-D15 G2

Noctua NH-D15 G2

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Pure Base 501

be quiet! Pure Base 501

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed