homepage Welcome to WebmasterWorld Guest from 54.197.147.90
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

This 72 message thread spans 3 pages: 72 ( [1] 2 3 > >     
Trojans Exploit Sony CD Copy-Protection On Music CDs
digitalghost




msg:318208
 8:26 pm on Nov 2, 2005 (gmt 0)

Sony, in their futile digital rights management efforts, has taken to playing dirty with the music CDs. Multiple security sources are confirming the existence of spyware in the form of rootkits on Sony's music CDs. This behavior is unethical in the eyes of many and the legality may be questionable as well.
emphasis mine

Full Story [securitypronews.com]

Hidden software no less, and difficult to remove. So you buy a CD from SOny BMG, pop it into your PC to play it, and bam, you have unwanted software installed on your PC and Sony made it difficult to get rid of.

Both F-Secure and SysInternals said conventional means won't get rid of the file. They said if you just delete it, it could "cripple" your computer.

 

Leosghost




msg:318209
 1:18 am on Nov 3, 2005 (gmt 0)

to avoid such ...run reg mons , worm hooks , critical file checksum monitors ..and keep all your sys files in backup off machine in usb keys in constantly updated over written files ..

there are sites which run sell give away digital rights management kill apps ..but they cant be linked to from here ..

digitalghost




msg:318210
 1:24 am on Nov 3, 2005 (gmt 0)

Yeah, I popped in a Sony CD to test and my registry monitor tossed up a warning. What is Sony thinking?

encyclo




msg:318211
 1:26 am on Nov 3, 2005 (gmt 0)

An amazing story, and one that could cost Sony dear. As we are actually talking about a music CD, you should reasonably expect it not to contain any software at all, let alone a rootkit. Not withstanding the legal aspects of the case, it is another example of the utter futility of attempting to copy-protect a digital work - the rootkit is Windows-only, so anyone with a Mac or Linux can still rip the CD safely and share the music. Copy protection is an utterly pointless masquerade more designed to give the impression of control where none actually exists (or can exist).

When are we going to get at least one major record company who actually has the slightest notion of understanding of the phenomenon they are facing?

grandpa




msg:318212
 1:30 am on Nov 3, 2005 (gmt 0)

I can understand the WHY of their actions, but not the HOW. As I understood from the article, the rootkit they used is a common tool for hackers and it's only a matter of time before someone exploits it. That argument was dismissed as "academic", as if, sure it can be done but who would do it. That seems kinda irresponsible...

encyclo




msg:318213
 1:47 am on Nov 3, 2005 (gmt 0)

>> I can understand the WHY of their actions

I can't. Seriously, I just don't get why they are doing this. Is is mass insanity within the recording industry or total miscomprehension of the issues involved? The facts are simple: you cannot "protect" digital content. How hard is that for them to understand?

iamlost




msg:318214
 4:39 am on Nov 3, 2005 (gmt 0)

Western (world?) Economics remains based upon the 1776 world view of Adam Smith who in Wealth of Nations laid the foundation of current free-market economic theory. Industrialisation just beginning, everything (except human life/labour) scarce and therefor individually valuable.

Many things these days are abundant not scarce. This is true of electronics (Apollo 11 went to the moon on less computing power and memory than my calculator...yesterdays supercomputer power in todays X-Box...); agriculture (many countries now pay farmers not to grow crops to prop up prices...); communications (bandwidth that used to cost thousands, became hundreds, became tens, is almost free...radios that cost hundreds now given away free in promotions...satelite television dishes that were 4-metre diameter and 2-thousand dollars now under 0.5 metre and free with a years subscription...)

And of course the audio recordings that were expensive, analog, and individual are now affordable, digital, and abundant. But the monoliths of government and business (and most of academia) only know/understand the economics of scarcity. The economics of abundance will cause even more ridiculous luddite behaviour as the dinosaurs of economic scarcity go extinct.

A very good time not to be employed by a dinosaur.
Or stand too close to one.

timchuma




msg:318215
 10:55 pm on Nov 3, 2005 (gmt 0)

Also in Australia the only legal way you can get music onto an iPod is to buy it from the Apple iTunes store and they don't have access to all the artists people want.

httpwebwitch




msg:318216
 8:17 pm on Nov 6, 2005 (gmt 0)

what this means to me?

I will NEVER buy another Sony disc again.

hannamyluv




msg:318217
 2:07 am on Nov 11, 2005 (gmt 0)

Wow, that didn't take long:

Viruses Exploit Sony CD Copy-Protection [news.yahoo.com]

The Trojan horse programs — three have so far been identified by antivirus companies — are named so as to trigger the cloaking feature of Sony's XCP2 antipiracy technology. By piggybacking on that function, the malicious programs can enter undetected, security experts said Thursday.

So, do you think they can be sued since they install the software without telling you?

httpwebwitch




msg:318218
 4:38 am on Nov 11, 2005 (gmt 0)

if there are losses caused by their "malicious" action, and you can get a lawyer to take your case... I think yes

I'd like to hear lawman's opinion on this one

martinibuster




msg:318219
 10:05 am on Nov 11, 2005 (gmt 0)

According to that article, someone in Los Angeles has already filed suit and is going for class action status.

mifi601




msg:318220
 10:21 am on Nov 11, 2005 (gmt 0)

I think it might be a smart move for Sony to say 'OOPS' and do a major recall. That's the only way they will be able to take this blow and not lose too much.

lawman




msg:318221
 10:26 am on Nov 11, 2005 (gmt 0)

I'd like to hear lawman's opinion on this one

Webwork's opinion would matter more than mine. I don't do that kind of law.

twist




msg:318222
 6:32 pm on Nov 11, 2005 (gmt 0)

I feel more like a criminal buying movies and music than stealing them. I bought Terminator 2 WMV-HD and felt like I was committing a crime everytime their flaky server wasn't working and I had to send 20 or 30 requests to their DRM server so I could watch the movie I paid for. Not to mention I had to install special software (Interactual) to play the movie that didn't allow me to fast foward or rewind. The DRM license only lasts five days, so everytime I want to watch the movie I have to hope their DRM server is up and working otherwise I can't watch the movie. What happends if they close down that division of the company, do they shut down that DRM server also, meaning I can never watch my movie again? If DRM isn't bad enough, now they are infecting machines with trojans.

They treat their customers (the ones that pay for their products and keep them in business) like criminals. Soon they'll want a background check and fingerprints to hear a preview to the new Vanilla Ice album.

grandpa




msg:318223
 9:53 pm on Nov 11, 2005 (gmt 0)

Sony is backing down from this one. They have announced that they will no longer embed this anti-piracy software (XCP copy protection system) into its CDs. I wonder it they'll recall those CDs or, will one of them get sold at a garage sale one day, and yet another PC gets infected that afternoon...

From the article I read.
We also intend to re-examine all aspects of our content protection initiative..

.. Sony did not admit any wrongdoing, nor did it promise not to use similar techniques in the future.

Rugles




msg:318224
 10:22 pm on Nov 11, 2005 (gmt 0)

>>>Soon they'll want a background check and fingerprints to hear a preview to the new Vanilla Ice album.

How about a sobriety test, or something for mental illness if you still want to hear Vanilla Ice.

carguy84




msg:318225
 10:47 pm on Nov 11, 2005 (gmt 0)

Easy fix = limewire

Leosghost




msg:318226
 10:54 pm on Nov 11, 2005 (gmt 0)

there's always one ..limewire is a very good way to catch nasties ..less you know the exact checksum and data map etc of what you are "inviting" ..which if you did ..you'd have it already ..would n't you ..:)..

and wouldn't feel the need to join one of these "own me" clubs ..

theBear




msg:318227
 11:11 pm on Nov 11, 2005 (gmt 0)

But it gets better it seems that the DRM copyright protectors made a "small" error:

dewinter dot.com slash modules.php?name=News&file=article&sid=215

Leosghost




msg:318228
 11:32 pm on Nov 11, 2005 (gmt 0)

silly me ..disregard that..(changes batteries in optimouse) ...:(

read it ..love it :))

and these are the people whom we should trust with the linux patents :o

further reading..

[sysinternals.com...]

Leosghost




msg:318229
 11:57 pm on Nov 11, 2005 (gmt 0)

more ..
[news.bbc.co.uk...]

The wave of indignation isn't helped by this ..

Thomas Hesse president of Sony BMG's Global Digital Business division:

“Most people I think don't even know what a root kit is so why should they care about it”

well ..do we care?

theBear




msg:318230
 12:22 am on Nov 12, 2005 (gmt 0)

But you need to understand the true irony here.

Sony's bought and paid for congress critters put laws on the books dealing with this sort of thing and there goes Sony puting pirated code on million(s) of CDs at 150K a pop it comes out well above Sony's current asset size.

theBear




msg:318231
 12:55 am on Nov 12, 2005 (gmt 0)

Oppsy.

'A senior Homeland Security official cautioned entertainment companies against discouraging piracy in ways that also make computers vulnerable. Stewart Baker, assistant secretary for policy at DHS, did not cite Sony by name in his remarks Thursday but described industry efforts to install hidden files on consumers' computers.

"It's very important to remember that it's your intellectual property, it's not your computer," Baker said at a trade conference on piracy. "And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days."'

From:

[thedenverchannel.com...]

[edited by: Woz at 2:19 am (utc) on Nov. 12, 2005]
[edit reason] Made link live [/edit]

Leosghost




msg:318232
 1:12 am on Nov 12, 2005 (gmt 0)

Sony's bought and paid for congress critters put laws on the books dealing with this sort of thing and there goes Sony puting pirated code on million(s) of CDs at 150K a pop it comes out well above Sony's current asset size.

Now if you hadn't drawn my attention to that little peice of maths I wouldn't have to be typing this on my spare keyboard and wiping the wine off of the screen ..:))

A small price to pay for such a thought tho ..

How fast can sony stock fall ..

interesting side issue in there about the competence or lack of it shown by the emails from "ceri" ..and also the ISP sticky services they do ..the largest ISP here in France ..semi government owned wanadoo uses their tech ..I wonder if they are legal in doing so?

well ..I can now spend sunday afternoon translating the form letter thats to be found in the blog for the benefit of non english speaking french IT sites ..

I remember some folks thinking that I was joking when last year I posted a list of possibles ..( including letting people play music CD's on PC's ) how to compromise the security of someones system ..that the "Lan guy" said was OK ..

Didn't think at the time that Sony were gonna be the next "ninja hackers" ..

theBear




msg:318233
 1:37 am on Nov 12, 2005 (gmt 0)

We will see, at least Sony has suspended the DRM mess for the time being.

This will be a fun one to watch.

Leosghost




msg:318234
 1:45 am on Nov 12, 2005 (gmt 0)

But
Have they recalled all the cd's ..via prime time TV and radio " we got it wrong and it's our fault your pc wont work" ads in all languages ...in all countries ..

and posters in all music stores in all countries
and offered to pay for the fix to all machines affected..?

how come I don't think so ...

walkman




msg:318235
 3:21 pm on Nov 12, 2005 (gmt 0)

>> and one that could cost Sony dear

let's hope so. They sue people when they get harmed so a bit of payback would be nice. Hopefully it's a large enough settlement to send a message

theBear




msg:318236
 3:47 pm on Nov 12, 2005 (gmt 0)

Well it could also be a huge problem for them in another sense, for they have an legal obligation to provide some things and because of what they have done would amount to a little clash with the anticircumvention provisions of the DCMA.

Hollywood




msg:318237
 9:50 pm on Nov 12, 2005 (gmt 0)

Wow this entire thread blew me away, I agree, when will anyone get it. SONY looks like a bunch of spoiled brats/executives that have no clue AT ALL!

Hollywood

This 72 message thread spans 3 pages: 72 ( [1] 2 3 > >
Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved