http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
All parts of DRM--should be cropping up on a system near you soon
All parts of DRM--should be cropping up on a system near you soon
Sony releasing malware
- Thread starter LiamC
- Start date
CougTek
Hairy Aussie
I hope they'll be sued and that they'll have a HUGE penalty for this. I think there are laws in the states against malware. Send those @$$ holes "in" for a while.
Gilbo
Storage is cool
That appeared on a bunch of RSS feeds I subscribe to and boy did it piss me off. Can't criminal charges be filed in many countries and/or states for something like that?
Mercutio
Fatwah on Western Digital
I'm not sure you could make a judge fully understand the ramifications of the problem.
sechs
Storage? I am Storage!
That's what a special master is for!
Tannin
Storage? I am Storage!
The Inq said:
Fushigi
Storage Is My Life
Malicious software is software that installs itself unbeknownst to the system owner/user. Check.
Malicious software doesn't provide an uninstall routine. Check again.
Malicious software degrades system performance by consuming RAM or CPU when the software is not actively in use. Yep.
Malicious software actively disguises itself. 4 for 4.
Malicious software violates it's own EULA. Wake up and smell the coffee, Sony.
I could go on, but feel no reason to. Sony has officially gotten caught with their pants down. Now it's time for them to bend over and take it like a prison b**ch.
Malicious software doesn't provide an uninstall routine. Check again.
Malicious software degrades system performance by consuming RAM or CPU when the software is not actively in use. Yep.
Malicious software actively disguises itself. 4 for 4.
Malicious software violates it's own EULA. Wake up and smell the coffee, Sony.
I could go on, but feel no reason to. Sony has officially gotten caught with their pants down. Now it's time for them to bend over and take it like a prison b**ch.
Tannin
Storage? I am Storage!
One thing that The Inq doesn't say is that "Sony will be withdrawing the offending software from sale". Did anyone notice that? No announcement that they are actually going to stop the unethical (and probably illegal) behaviour, just a release of a software patch that no-one except a few tech-heads like us will ever even know exists. Let's think it through by analogy, shall we?
POLICEMAN: Hey, I hear you have been picking people's pockets and strealing their money.
ME: Who? Me? Nope. Wouldn't dream of it, officer. Well, just a little bit. Ummm .. yes. All the time, actually.
POLICEMAN: Well, son, I'm running you in.
ME: No, no, it's OK. Look, anyone who noticed that I was picking his pocket and feels (for some weird reason) a bit unhappy about it, hey, no worries. He just has to ask me and I'll give his money right back. No problem.
POLICEMAN: Oh, that's OK then. Have a nice day.
POLICEMAN: Hey, I hear you have been picking people's pockets and strealing their money.
ME: Who? Me? Nope. Wouldn't dream of it, officer. Well, just a little bit. Ummm .. yes. All the time, actually.
POLICEMAN: Well, son, I'm running you in.
ME: No, no, it's OK. Look, anyone who noticed that I was picking his pocket and feels (for some weird reason) a bit unhappy about it, hey, no worries. He just has to ask me and I'll give his money right back. No problem.
POLICEMAN: Oh, that's OK then. Have a nice day.
Buck
Storage? I am Storage!
Is the firing squad still used as a form of punishment in some countries?
Likely, but that's too quick and probably painless (unless you botch it)....what we need here is some good ol'fashioned torture....or botched summary executions.
I just can't stand most media companies and organizations. As another example, how many times will the MPPA try to tack the broadcast flag on as a ryder to some other piece of legislation?? Man these people deserve a beating badly.
I just can't stand most media companies and organizations. As another example, how many times will the MPPA try to tack the broadcast flag on as a ryder to some other piece of legislation?? Man these people deserve a beating badly.
Buck
Storage? I am Storage!
Firing squad of midgets? 
I wonder if they've changed their (as opposed to there) EULA yet.
Anyways, it would be nice to see MS stand up and do the right thing by strongly condemning this - i.e. "This component is not malicious and does not compromise security".
Tannin is right though - their just going to walk away from this affair without even so much as a slap on the wrist (I don't count two days of negative publicity as doing much). If legal action was brought against them I would be so delighted.
Public: The nerve of you! What have you got to say for yourself?
Sony: Uhhhhhhhhhhhh....Hey! Isn't that Elvis over there!
Public: [Turns back on Sony] Where? Where? Where?
Sony - scurries away to the left when Public's attention is diverted.
Public - runs off to the right screaming something about "Elvis come backkkkkkkk!
Anyways, it would be nice to see MS stand up and do the right thing by strongly condemning this - i.e. "This component is not malicious and does not compromise security".
Tannin is right though - their just going to walk away from this affair without even so much as a slap on the wrist (I don't count two days of negative publicity as doing much). If legal action was brought against them I would be so delighted.
Public: The nerve of you! What have you got to say for yourself?
Sony: Uhhhhhhhhhhhh....Hey! Isn't that Elvis over there!
Public: [Turns back on Sony] Where? Where? Where?
Sony - scurries away to the left when Public's attention is diverted.
Public - runs off to the right screaming something about "Elvis come backkkkkkkk!
Tannin
Storage? I am Storage!
I guess my point wasn't so much that they wouldn't be punished in any meaningful way for it (though that too is certainly a valid point to make). It was that (at least on the evidence before us so far) they haven't even promised to stop committing the crime!
All they have done is provide a downloadable patch for that tiny minority of technically aware victims who are capable of using it. On the evidence so far, they have not promised to stop inflicting their spyware on the public at large.
My analogy above with the pickpocket not promising to stop stealing, but only promising to give the money back to victims if they request it was exact.
Unless the Inq hasn't told us the whole story yet, Sony's behaviour was and continues to be despicable and should be punished by the full weight of the law.
All they have done is provide a downloadable patch for that tiny minority of technically aware victims who are capable of using it. On the evidence so far, they have not promised to stop inflicting their spyware on the public at large.
My analogy above with the pickpocket not promising to stop stealing, but only promising to give the money back to victims if they request it was exact.
Unless the Inq hasn't told us the whole story yet, Sony's behaviour was and continues to be despicable and should be punished by the full weight of the law.
Yes, that is why I pondered aloud:Tannin said:
Changing their EULA will, of course, have the effect of changing the status of future transgressions from criminal improprieties to, well, simply dumb Draconian practices.....Changing their EULA will, of course, have no effect on changing the status of previous transgressions from being anything but criminal.
DIE Sony, Die :evil: .... (that's German for "The Sony, the")
CougTek
Hairy Aussie
They'reCityK said:
[/nitpicking]
I haven't checked to see if the rootkit removal kit mentioned in this quote is the same as P5-133XL's post but it swaps one flavour of DRM for another.
"Thank you for contacting Sony BMG Online.
Sony BMG and First 4 Internet have just released an update that will completely remove the rootkit based DRM content protection software and replace it with a non-rootkit DRM technology that is compatible with all current security protocols. To ensure the security of your system, please visit their software update website to obtain and install Service Pack 2 at:
http://updates.xcp-aurora.com "
"Thank you for contacting Sony BMG Online.
Sony BMG and First 4 Internet have just released an update that will completely remove the rootkit based DRM content protection software and replace it with a non-rootkit DRM technology that is compatible with all current security protocols. To ensure the security of your system, please visit their software update website to obtain and install Service Pack 2 at:
http://updates.xcp-aurora.com "
Bozo
Storage? I am Storage!
From Slashdot 11-7-05
"Also on this topic, Matt Nikki in the comments section discovered that the DRM can be bypassed simply by renaming your favourite ripping program with "$sys$" at the start of the filename and ripping the CD using this file, which is now undetectable even by the Sony DRM. You can use the Sony rootkit itself to bypass their own DRM!"
I love it :lol:
Bozo :mrgrn:
"Also on this topic, Matt Nikki in the comments section discovered that the DRM can be bypassed simply by renaming your favourite ripping program with "$sys$" at the start of the filename and ripping the CD using this file, which is now undetectable even by the Sony DRM. You can use the Sony rootkit itself to bypass their own DRM!"
I love it :lol:
Bozo :mrgrn:
Mercutio
Fatwah on Western Digital
CityK said:As long as there aim remains below the belt, then I'm all for it
Two words: Garlic Press.
Actually, as long as we're talking about Sony, I think that might even be merciful. So we'll skip straight to medieval torture devices.
Like this friendly little guy:
They deserve nothing less.
e_dawg
Storage Freak
I thought a lot of copy protected CD's secretly install a driver to prevent the CD from being copied.
GMac
Learning Storage Performance
The first lawsuits against them have already been filed according to the Reg, and there are more in the pipeline.....
The Register article
GM
The Register article
GM
Bozo
Storage? I am Storage!
After this post I'm going to resign from continuing to update this thread, but just in case anyone is interested (and lives under a rock), there has been plenty more news - both mainstream and off the beaten track - on this story over the past few days ...including a part 5 from sysinternals, statements and action from MS, offthecuff comments from an official at dept. of homeland security, 3rd party analysis which shows Sony's "uninstaller" leaves an even greater risk then the rootkit did, calls for boycotts, mainstream anger, assessments of network exposure to the rootkit, etc etc etc....
Tannin
Storage? I am Storage!
Thanks for the updates, CityK. I'm fresh back from reading up on this disgraceful scandal - I wouldn't have known it was still going on and getting worse and worse if you hadn't prompted me to go looking. thanks for posting!
Mercutio
Fatwah on Western Digital
LunarMist said:
That is not a garlic press.
However, a garlic press, applied to appropriate body parts, should send a clear message.
Sony makes SACDs, which I like, and big DVD changers, which I also like.
Sony also makes a lot of other thing that I think are complete and utter shit.
On the balance I find myself hoping that this bites them in the ass badly enough that they're forced out of music publishing/production. I may hate Sony at this point more than Microsoft (AOL and nVidia are still tied for the lead though)
Gilbo
Storage is cool
Although my disdain for them has now reached remarkable levels, I do have to admit to having a serious attraction to the firewire connected DVD changer that comes with this system.Mercutio said:
You can fill it with CDs and it will rip them all, switching through them autmoatically. It can also burn DVDs the same way, cycling through them autmoatically until everything you want burned is burned. Spectacular! If I could program, I would buy it in the hopes that I could make it work with Linux my own sweat and blood. It won't rip DVDs of course, on Windows. Stupid Sony. Stupid Microsoft.
Gilbo
Storage is cool
My disdain for Sony has reached remarkable levels. Obviously there are select pieces of hardware that I like.
Mercutio
Fatwah on Western Digital
Sony ES-grade DVD jukeboxes can be daisy chained to form one logical unit. They have RS232 ports for all kinds of interesting applications. I wouldn't want to rip something that I already had on physical media, but I do wish I could computer-control 'em.