Slashdot Mirror
RIAA/MPAA Contractor Deploys Malicious Adware Trojans
RichardX writes "Overpeer, the organization responsible for seeding many peer to peer networks with damaged, corrupt and fake files has now found a way of hiding spyware and adware inside Windows Media files by using a DRM loophole and is using this technique to further pollute p2p networks." Several readers sent in a PCworld article on the same subject.
exactly are they getting away with this?
I'm not the devil.. just his advocate.
Isn't that blatently illegal?
"Remember, there never were pineapple-almond cookies here."
High that explains why that Jessica Simpson song I downloaded suddenly made my head explode. :-)
Hack it so that it sends out complaint emails to RIAA and DOSes the RIAA website. Also make it crawl and fill out any RIAA forms on the website. Use random algorithms so they can only statistically cut down on the traffic.
If they can do it, so can any hacker/cracker/virus writer. That's a good enough reason to never touch DRM inflicted Microsoft media files.
- For the complete works of Shakespeare: cat
why people trust wmv files when this can happen. Combine it with some ie security holes and you got a real problem. It'd be pretty easy to create a p2p wmv worm that infects the entire network.. no?
-- these are only opinions and they might not be mine.
It seems anyone the least bit concerned about DRM/sharing/etc wouldn't be using windows media anyway.
Sweet informative mod.
This should be the last straw to all the fire sharers out there.
People should stop taking such a passive stance to all the criminal acts commited by the MPAA and RIAA. Fight fire with fire.
This proves once again that you can't out-evil the major recording industry. Do something bad to them and they will do something worse to you. Only now it's the customers at the shit end of the stick and not just artists. Hell, Satan probably attends seminars on reprisal given by these folks.
US Democracy:The best person for the job (among These pre-selected choices...)
One more reason not to use Windows Media. How many do you need?
...I'd think these people should be prosecuted to the fullest extent of the law. ;)
After all, two wrongs don't make a right, no?
SNACKS ARE AWESOME
Now your DRM can be used a weapon against you, how do you feel about that?
~ I am logged on, therefore I am.
It would be pretty funny seeing someone suing the MPAA for infecting their computers. After all, there're laws for that matter.
PS: Stuff like this is why i stick to stream formats like MP3, with no extra bullshit.
People and companies that see their lucrative source of income starting to dwindle get desperate. Desperate companies (SCO) and organizations (RIAA, MPAA) make drastic moves, and those drastic moves are always overhanded.
record companies employ illegal tactics to enforce their view of the world, expecially when they think they see recognizeable dips in their revenue. Nevermind that they're not actually losing money - the perception of loss is all it takes.
right now they're saying to themselves (as justification for illegal activities) "desperate times call for desperate measures".
These are not desperate times, and those are overly-desperate measures. They're weak, and owned by the music, not the other way 'round.
I don't know, the MPAA and RIAA have done a pretty good job of convincing the public that pirating music and movies is basically the same as grand theft, and therefore perpetrators deserve everything they get. They have been remarkably devious in their propaganda.
For example: My son watches a lot of Disney Channel, and on that channel there is an animated show called the Proud Family. On this show, about a year or so ago, there was an episode that involved the daughter of the family downloading music. It was 100% blatant propaganda, complete with the corner record store going out of business, and people there losing their jobs, because she downloaded music. It truly made me sick to my stomach that such ridiculous propaganda was being so shamelessly peddled directly to children.
The "average user," and especially the media, is already convinced that p2p is synonymous with illegal activity, so this is unlikely to raise much of an uproar outside of the geek and college student communities.
The problem is that the only people with standing to make a legal complaint about this practice (i.e., sue them) are people who have downloaded the files and had damages caused to them from the spyware being installed.
However, at the same time, said people are admitting in court that they downloaded (or attempted to download) media for which they didn't hold the copyright.
One possible way around this is if someone already has purchased the CD/DVD and wanted to download a copy so they could archive the original (because they have CD/DVD hardware that couldn't rip the original to disk). Of course, this idea has not been tested in court, and would probably be a protracted and expensive battle to fight.
A copyright holder's agent (RIAA) offered it for download. Perfectly legit I would say.
I would bet they don't.
...But I digress. TREMBLE PUNY HUMANS!ONE DAY MY SPECIES WILL DESTROY YOU ALL!
A failed business model is one that fails to generate a profit. If no one paid for CDs at their current price, but everyone downloaded them, that would not mean people are "too cheap," it just means that the demand for CDs only exists at a lower price point than the supplier is trying to sell them at. If the prices are lowered, sales would increase.
Of course, if there is an easy way to get a product free, people are unlikely to demand it at any price other than free, and so the business will fail unless it can either stop the free distribution of its products, or start selling products that are more difficult to distribute for free.
Under these criteria, the model of selling content that is easily obtainable for free IS destined to fail, whether demand exists or not, since the demand exists at a price point (free) that is by definition unable to generate profits. This is why these organizations are so afraid of filesharing. They can't figure out a way to maintain their current business model, and they haven't figured out a viable alternative business model, in the presence of filesharing.
However, they do have all right to do this in some respects. They are putting up crap on a P2P network, just like any other idiot. Still, what gets to me is the system in general. When a lone hacker writes a virus, he gets jail time. When a corporation writes a virus...
But then, what should P2P users do? If they're so serious about P2P, they'll either take the risk or find a new way of sharing files that finds the trojans and whatnot.
Although really, I'm suprised the government isn't stepping in right abou... Wait, nevermind.
When is spyware a virus? Don't ask your average anti-virus vendor. When I tried to nail down Sophos on this issue they were evasive - to say the least.
If this trojan is killed by an anti-virus program, is it securing your machine or committing an illegal act? I had this very discussion w/Sophos' techs. I had just cleaned the VX/2 trojan out of a computer - and it took HOURS of work to get it fully out of there. I sent a sample to Sophos and they told me that it was legal adware.
My question was obvious: What methods are allowable for adware, and how is that any different than a virus/trojan.
VX/2 was installed on one of my workstations here through a fault of the OS (unpatched at the time). It installed itself without permission. It left no way to uninstall it. It attempted to shut down Adaware and resisted any attempts to kill it.
So.... THIS ISN'T A VIRUS? Then what the hell is?
And so, overpeer's actions come as no big surprise to me. And I have no doubt that the anti-virus people will continue to turn a blind eye because of their FEAR of a lawsuit.
Damnit, don't we PAY THEM to protect us against this sort of thing?
"...Well, there's egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam..."
Heh, reminds me of the anti-piracy adverts run by the Federation Against Copyright Theft in UK computer magazines during the 80's.
The one involving the market stall is a particular classic.
No, really. It's like peeing in your own pool. You need DRM in order to sell music to people and to "control the rights". But at the same time, they're using DRM to attack people who are outside the system. So it kind of makes you feel unsafe about using DRM in the first place. Life is better outside of the DRM system.
BTW, I remembered the option for something like "automatically download rights management software" when installating Windows Media Player, what, 10 is it now? I hesitantly clicked yes. Now that I've done so, I can't find an option inside of the program to say no. Odd.
Hmmm... Isn't there supposed to be some anti-Spyware/Ad-ware legislation in the works?
If so, how long until that goes MIA?
Insert Sig Here
What many of you seem to fail to realize is that the purpose of this has nothing to do with actually damaging computers. Rather, what the recording industry is trying to do is stop people from using P2P. And they do this through fear. That's why they do the suing (your chances of getting sued are minimal, but plenty of people get scared and stop downloading). Now, plenty of morons (for who else would this tactic work on?) will hear that downloading music can give you viruses and adware - rumors will fly wildly.
At least, that's their hope. We'll see whether it works.
While I appreciate the variety, I agree with most of the other comments more: avoid Windows Media, not P2P.
Do you work for Microsoft, by chance? Perhaps the RIAA?
I've got more mod points and GMail invi
This is pretty old and not a 'binary-payload' issue with WMA files, more of a good old IE flaw. Windows media format has the ability to launch a web-page from a media file (i think it actually forces IE, not your default browser which is a violation of the anti-trust crap). Obviously this is just an instruction in the file and a patch could pretty easily turn it off, once the page is opened (in our favourite browser) the skys the limit. You could also disable this by filtering all windows media files through some program that took out the call, if anyone knows of the program or file format that would be cool?
Obviously no one with any know-how actually uses this format, but sometimes the file you want is in it, just be sure to play WMV/A files offline until you find a patch for Windows media player.
This comment does not represent the views or opinions of the user.
That's correct, isn't it? The RIAA is *publishing* their works on a P2P service. I bet a valid argument could be made in court there.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
This plainly doesnt make sence. If the government goes after hackers for planting trojans and adware; hacking, why does the RIAA get away with planting trojans and aware it's self? If they wish to do that, then why do they stop hackers and not the RIAA? It's the same thing, just different people. With this downloading thing with all these torrent sites going down and all, I wouldn't really get too worked up about the torrent sites. I would get worked up about the sites that have all the cracks and cd keys. 'Cmon, where do you think the people who host these torrents get the keygenerators, serials, and cracks? They get them from crack sites! Just a few thoughts about that.. I still think it doesnt make sence though.
There's no place like 127.0.0.1
n.
The unlawful use or threatened use of force or violence by a person or an organized group against people or property with the intention of intimidating or coercing societies or governments, often for ideological or political reasons.
How is what the **AA are doing (hacking into music downloaders' computers and installing malware to further their cause against piracy) any different?
If this is the way they think they must do business, lets give 'em h*ll!
The Hacker's Guide To The Kernel: Don't panic()!
for laughs in colleges on friday nights alongside "reefer madness" and the more ludicrous "reds under your bed" government propoganda films.
My rights don't need management.
Cars that breakdown if they go over 65 and require expensive repairwork to fix
You mean that ISN'T a safety feature? That used car salesman will wish he never met me!
I'm scared of numbers that can't be written as a fraction. It's an irrational fear.
The media may be convinced that p2p is synonmous with illegal activity, but they love scaring viewers by "exposing" crimes that may be happening in your neighborhood! Right next door!
However, the "average user" is much more concerned with their pocketbook than with nebulous notions such as "intellectual property" and "digital rights management". When I bring up the subject to family members, friends and students, their eyes just sort of glaze over. I honestly don't think the average person gives a shit about copyright. The only people who care are those who make money by creating copyrighted works, and those who market/produce/protect those works.
At the high school where I teach and do tech support, the first RIAA lawsuits a few years ago sent a number of students and teachers scurrying to me to see if they might be in trouble for downloading music. My two favorites were the stoner kid who didn't realize he was sharing 4000+ songs on Kazaa, and the evangelical principal who subscribed to Roadrunner for the sole purpose of downloading Christian music (illegally).
The RIAA/MPAA fight is not one that they can ultimately win, because the rules have changed with the ease of copying. They should really look to the model that Scott Kurtz of PVP and Epitonic - give the content away as a means of promotion, then make your money selling related items such as t-shirts, books, concerts, etc. Sure, books and videos can also be pirated, but until they're as easily accessible as music is via an iPod or something similar, there's still money to be made. Hell, most bands make their money on tour from t-shirt sales.
Anyway, don't think for a second that the "average user" thinks p2p is "wrong" - most users I've encountered are just annoyed that it isn't easier to find things.
First they ignore you, then they laugh at you, then they fight you, then you win. -- Gandhi
The problem is that the difference between a trojan and legit adware is that legit adware is backed by a company that can sue an anti-virus company. The two can be identical in every other way.
The same nonesense about "their terrorists, our freedom fighters" some decade or two ago in Central America, Middle East, etc. In the end the "accomplishments" by both sides are equally bad...
ELOI, ELOI, LAMA SABACHTHANI!?
The one thing that I find strange about this story is that try as I may, I can't seem to find any information from the "usual" security sources about exactly how this works--as far as I can recall, bugtraq and full-disclosure haven't touched these. Moreover, the only articles about this are the p2pnet one and the PC World one--and the former appears to be derived from the latter.
Both articles are also oddly vague--"security experts" are mentioned, but no specific names dropped, and there are no technical details given at all.
Can anyone provide independent confirmation of this? In particular, if you have details of how one can embed executable code in a wma or provide a sample of such code, please send them my way via brendandg [at] colby.tjs.org
Except for one thing: File sharing does have a "cost." It may not cost anything monetary, but it costs quite a bit of time and effort to hunt down good quality files that are what they say they are. Not to mention then correcting any incorrect meta-data. Combined with bad/corrupted files, files that are mislabeled, disconnects, incomplete albums - file sharing has a cost in time and effort.
This is why Apple's iTunes Music Store is working as well as it is. It's an easy way to download good quality files. It may cost some money, but it's not excessively difficult. I believe that currently Apple doesn't actually pull in a profit off the music store, but it shows that there is indeed demand for online music stores - even though a "free" alternative exists. (Although it remains to be seen whether or not Apple can make money off of it.)
As another example, Linux is free, but there still exists a market for selling pre-packaged Linux. Well, except that people give away pre-packed Linux. But people are willing to pay if they get something "extra" like an easy-to-use installer and a number to call if things go wrong. Making something "easy" is worth something.
There's still a cost with filesharing, it just isn't monetary. It's in time and effort. As long as the total cost (in time, money, and effort) of downloading music remains less than the total cost of legitimately purchasing the CD, there will be a large market for downloading music.
The RIAA needs to find a way to make paying them cost less than going around them. One way would be online music stores, since being able to download a track for a small fee is much nicer than having to go to a store. Their current plan appears to be to push the total effective cost of filesharing above the cost of CDs, which while a solution, probably isn't totally feasible and doesn't offer people what they really want (a cheap, easy way to download individual tracks).
Apple's iTunes Music Store looks like a good solutions. Of course, they'll never totally elliminate filesharing, because for some people, their time and effort will always be less than whatever price they can offer them. But they can lower that group's number enough to remain profitable. (Kind of like they are right now.) And those people wouldn't be paying for music anyway.
You are in a maze of twisty little relative jumps, all alike.
However, at the same time, said people are admitting in court that they downloaded (or attempted to download) media for which they didn't hold the copyright.
All they are admitting is that they downloaded a file and got malware installed by the RIAA. Perhaps they were not aware the music was copyrighted. There's plenty of bands I don't know about.
I can't tell by looking at a filename if I'm downloading a signed artist or a local group just trying to promote itself. And P2P isn't just used for copyright infringement, so the fact I used Kazaa to get the file doesn't implicate me.
Even the fact it's a nationally recognized band doesn't prove anything. I have an mp3 file of U2's "Beautiful Day". It is NOT stolen. It was downloaded from Interscope's website back when they were promoting All You Can't Leave Behind.
But the record industry can't deny they're ruining people's computers with their files. Is a single download mistake justify a computer being wrecked and the user perhaps loosing data?
Also, given that Microsoft's loophole is making all this possible, and the RIAA is exploiting that loophole. Since it is now a recognised error M$ either will have to fix it (putting an end to the music industry's little scheme) or they could be named as co defendants in any lawsuit that might arise from this (but then, IANAL, and there is that pesky EULA with 'at your own risk' clauses).
Actually, in my experience it doesn't work as intended.
I have encountered a few protected DRM files which didn't actually required any license - They just opened a webpage... And I have had this unchecked ever since I installed WMP.
However, as I don't use internet explorer, I make sure it is in 'offline mode' - This seems to stop all of this nonsense, as the internet explorer object is what WMP uses for DRM.
Proxies are another way to go about this...
In general, though, Microsoft doesn't really give you any options when a DRM'ed file is encountered - It calls the mother site no matter what options you check/uncheck in WMP itself.
This will more likely kill the WMA format than P2P networks. If I were Bill Gates, I'd sue the RIAA, the MPAA and their hired guns.
How about someone creates a patch that removes the DRM exploit from the file? P2P users then download WMA files and patch them all just to be safe. Whenever the exploit is found in a file, let the user know which file was cleaned. That file is then known to have been obtained legally from the {RI|MP}AA.. convert and spread!
A computer makes it possible to do, in half an hour, tasks which were completely unnecessary to do before.
If this is scripting, which it sounds like, it can easily be disabled. Disable Windows media scripting. This will disable videos from opening webpages and such. Nice. The article is vague, but this is what it sounds like. The webpages, would then load spyware through normal ie holes.
2*31*37*263
...of another loophole in a M$ product. The *AA doesn't discuss the fact that M$ has left a hole in the DRM that a Mac Truck could drive through, or if M$ will even patch it. They love this hole - only until something goes wrong where an affected file is uploaded to a legit music site. Then they'll be screaming to have it "fixed".
It is not our abilities that show what we truly are... it is our choices.
WindowsMedia files have a command stream as well as audio and video streams. This command stream can do all sorts of bad things (such as open web pages) at specific points in the timeline. You can easily remove it using various windows media editing tools (and by creating a directx graph that doesn't use the connect stream). However, there are two points to remember here: 1) You can't edit a DRM-protected WM file, and therefore can't delete the stream (I think it is still possible to play it w/o the command stream, tho) 2) What seems to be going on here (according to the article) is that the DRM mechanism itself is used for the pop-ups, rather than the command stream. The way the DRM in WM acquires a license is by connecting to a licensing site and basically executing a URL - This is where the pop-ups/Xware come from, not the command stream. It is interesting to note that while WMP has an option to turn off 'automatic acquisition of licenses', in my experience that option does not prevent WMP from accessing license acquisition URLs. The only ways I found to stop WMP from doing that was to put IE in 'offline mode' and/or block the DRM URLs on a proxy server.
"Tauzin, when he was chairman of the House Energy and Commerce Committee earlier this year, negotiated to take jobs with two major lobbying groups, the Motion Picture Association of America and the Pharmaceutical Research and Manufacturers of America; he just took the PhRMA job."
Source: www.msnbc.msn.com/id/6771489/
They're hiring former Congressmen and Committee chairman. lol. They can buy their way to the kind of clout it will take to get their sweetheart legislation through our Congress, which is more than happy to sell the America public if the donations are high enough. Lobbyists are expecting to spend 2 billion dollars this year.
Don't complain, you elected them. And the first thing they do is loosen up the ethics rules so they can bone the taxpayer even more blatantly than they already are.
This is what the red state mentality considers good government. Chumps.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
This like all Malware is a very clearly against the law in the UK and most of Europe. The UK Computer Misuse Act makes it a criminal offense for a person to
"causes a computer to perform any function with intent to secure access to any program or data held in any computer"
Computer Misuse Act 1990
Depending on what the Company does with the data obtained they are likely also be in breach of the Data Protection Act 1998 which allows a £5,000 fine for each person offended against.
Similar legislation exists throughout Europe as part of the Information Society Policy Framework agreement.
While I hardly approve of the measures that the **AA's are using to enforce their business model, I think that you are not quite grasping the concept of what is illegal and what is not. The television show you mention clearly was demonstrating an illegal activity. Just because you don't agree with a company's business practice, you don't have the right to steal from them. So, if you think Walmart is the evil anti-christ of retail...are you going to teach your son to shoplift from there? That's what your comment implies. Yes, the RIAA and MPAA are acting in the interests of the record labels and movie studios at the expense of just about everyone else (including the artists). However, anyone who is blatantly stealing intellectual property, through any mechanism, deserves to be prosecuted and punished to the full extent of the law. Don't like it? Work to get the law changed, or move to another country. The only reason that p2p is synonymous with illegal activity is that unfortunately the vast majority of its use is in fact illegal. That's not propaganda..that's realism. And it's people like you who help to perpetuate this, and screw over the rest of us who use BitTorrent for distributing Linux kernels and the like.
As long as you advocate turning a blind eye to blatant theft, please park your high horse at some other address that doesn't respect IP. You are not part of the solution...you are part of the problem.
Actually i think it's a great idea. We've had problems with break-ins in our neighborhood. Been hit twice the past two years, and nearly every neighbor has been hit too. Police dept says they can't do much about it.
So how about we set a stereo system out on the front porch and shoot the thief when he sets foot on our property? Like hell they're gonna steal my music!
When recording industries become vigilantes and the justice dept looks the other way, it certainly makes it acceptable for the rest of us. Road rage justice (I just DARE you to cut me off), merchants hanging shoplifters, etc. all is acceptable now. Even more interesting is that the punished party may not necessarily be the owner of the affected PC. Imagine Best Buy rent-a-cops torching your apartment building because they're getting even with you for shoplifting some CDs. So what if the building is owned by someone else? If the RIAA can torch anyone's PC if it has an infected file, it legitimizes any business coming after any property associated with any crime.
Quite a monster you've created, Justice.
seems the youthful art of vigorus protest has been replaced with typing crap on the internet. I blame video games and cheezits myself....
The goons have never given a rats patootie about words, never. It's held up as the sacred thing, the right of speech, well yes and no, speech is only as good as the intentions acts and deeds that backup that speech. If all you have is speech, you've lost, might as well move on and accept defeat.
;)
Back in the day, we protested, both ways, uphill and downhill and it wasn't all via zap comix and underground newspapers, what passed for the internet you have now.
Bah, must be the additives in the junk food or something.
heh heh heh
It's time for a concerted effort to mass mail our files back to them. I thing 200GB per day for the next three years to the MPAA/RIAA and overpeer members and any and all named individuals in those organizations would be the minimum.
I would also like to see a concerted effort to indentify the personal email accounts and personal websites to bombard them with several hundred GB of files per day.
Generally the Republican party is very pro business.
This is a myth that does not hold up under scrutiny, yet some slashdotters continue to propegate it. Consider:
1. Generally the Fortune 500 is very balanced in donations to political parties.
2. The recording and film industry is exceptionally pro-Democratic (in donations and political support).
3. The richest businessmen in the US are strongly affiliated with the Democratic party, not the Republican party. Microsoft founder and chairman Bill Gates (who was called this week by former President Clinton in order to donate money per the tsunami disaster and embarress the Bush administration) has a growing relationship with predominant Democrats. Warren Buffet, chairman of Berkshire Hathaway, is a long-time established Democrat with great distain for Republicans and their pro-small business tax policy.
4. The Digital Millenium Copyright Act (DMCA) was supported by and signed into law by President Clinton. It was also sponsored by Republicans Boucher (VA), Doolittle (CA) and Barton (TX) and had very strong bipartison support.
5. Unions are businesses that are overwhelmingly pro-Democrat. Many industries lean overwhelmingly one way or the other due to lobbying efforts and recognition/support by the parties. So are powerful lobbying efforts such as the NRA, AARP, etc. In fact, about the only industries that are consistently pro-Republican and do not scatter donations to both parties are those that have been the target of Democratic looting (e.g. the fleecing of the healthcare industry by trial attorneys).
7. Nearly all trial attorneys, owners of much of the wealth in th US, are exclusively Democrats and have significant distain for the little guy. Think about all the class action settlements you've witnessed discussed on slashdot. While the trial attorneys receive tens of millions of dollars *each* in compensation (up to several billion dollars each as was experienced in tobacco class action settlements), the most the "little guy" consumer receives is a coupon for a discount off another purchase, or a few dollars with proof of purchase, etc. A recent Alltel class action settlement resulted in millions in cash being paid to the attorneys, while affected Alltel customers were provided with a $50 coupon off the purchase of a new Alltel phone (at list price, with an extension of their service contract for another service term). One was better off getting a regularly discounted phone at the electronics store rather than the settlement coupon offer.
8. Enron was greasing both parties (although the mainstream media portrays it as a "Republican scandel", prominant Democrats including Sen. Kerry were very closely affiliated with Enron). So was Worldcom, Global Crossing, etc. Marc Rich of Oil for Food scandel fame received a critically timed pardon from Pres. Clinton minutes before Clinton left office, freeing Rich from almost certain capture by Interpol authorities. Chinese businesses are notorious doners to the DNC and congressional Democrats.
Why does the "Republicans are pro-big business" myth continue to propegate? Primarily because it is effective in rallying members of large labor unions against the Republican party (by presenting a fictional advisary for them to hate in traditional Orwellian "5 minutes of hate" fashion). Those that actually believe the myth are referred to as useful fools by both parties. The reality is that businesses donate to whoever is effective in pursuing their objectives.
If you'd like to learn more about this myth, check out opensecrets.org which details donations by various demographics.
(Score:2, Insightful)
Looks like more than just mpa files are becoming corrupted. Slashdot moderation is looking a little green around the gills too.
Wonder how long it would take a dedicated corporate group to work their way into the modding group to a point where they could actually begin to influence what shows up on /.?
/tinfoil hat
Is it fascism yet?
The whole AV industry is based on a ridiculous premise: that users habitually execute untrusted software, and the users want to be protected from anything bad happening. If the very premise is a contradiction and impossible to achieve, then the question of whether fraud (or incompetence) is happening, gets a little fuzzy.
The only rational thing for a user to do, is to stop executing untrusted software. And it works. It is very, very easy to use a computer without any sort of AV protection at all, and remain uninfected by viruses, spyware, etc.
In this particular case, the untrusted software is Windows Media Player. The very fact that it is capable of complying with DRM, proves that the software was not written with the users' interests in mind. If you run this stuff, you're giving your computer to someone else. Whether that someone else is Microsoft or the media companies or Joe Script Kiddie, is an unimportant distinction. If such a user then pays an AV company to protect them, then I can't see how they're dealing with the AV company in good faith. Thus, I have little sympathy for them if they are unsatisfied with the AV software's performance.
<sarcasm mode></sarcasm mode>
As sad as it is, all that really happened...
You don't have to be even mildly coherent to understand why people are downloading/trading movies.
Looks like its time to build a karma system into these P2P networks?
misdemeanor, punishable for up to $5000 and up to 90 days in the clink for every instance of deliberate malware causing loss or damage to a computer.
somebody should document their machine, and when they get hit by this kerrrrrrrrrap, file a case with the police, and drag the overpeer weasels into court.
it would be nice to see some RIAA execs sitting in the can for years and years because they play like russian script kiddies.
if this is supposed to be a new economy, how come they still want my old fashioned money?
This is NOT a problem.There is a tool out there that can disable wmp scripting ability.http://www.javacoolsoftware.com/wmpscripti ngfix I got it to get rid of those annoying pr0n scripts and have NEVER had a problem with pop-ups on wmp since.And it's free!!
ACs don't waste your time replying, your posts are never seen by me.
Seriously. It sounds illegal when it mentions trojans (beacuse there is nothing legal about them) and installing adware without any permission from the user is illegal as well. So are do they think its ok to murder someone if they already stole something from them? You can't break the law if they broke the law by stealing your music. Thats not how it works. Two wrongs don't make a right according to US law at least. Also lets consider the fact that I doubt any BitTorrent site will start hosting .wma files that point to adware. I also doubt that Microsoft will give the go ahead for their technology to be insecure so that the MPAA and RIAA can illegally screw file sharing computers.
So what does this boil down to? It basically means that it will do more harm to their PR then it will help them with their never ending war that isn't possible to win.
I thing 200GB per day for the next three years to the MPAA/RIAA and overpeer members and any and all named individuals in those organizations would be the minimum.
That would be rude and might be called a DDoS attack. Double foofoo on you for even sugesting it.
What would not be rude is asking the MPAA/RIAA every time you want to make a backup. You are required according to the flyleaf to contact them to get written permission to copy it after all. Everytime you download something you should ask them if you have permission to share it with others. Before you buy anything ask if they are members of the MPAA/RIAA and if so ask them to mail/fax you specific rights should you choose to buy it. Commit an act of civil obedience today.
There is no sanctuary. There is no sanctuary. SHUT UP! There is no shut up. There is no shut up.
And as far as the legalities go, your guess is as good as mine. First off, I Am Not A Lawyer... My take is that they're commiting the same crimes that any other AdWare/SpyWare/Virii/Worm writer is guilty of and therefore has unclean hands with regards to ANY act of enforcement of the IP rights of the labels that use this bunch.
As for avoiding this- there's two answers...
1) Don't listen to their stuff in the FIRST place.
2) If you can't keep from doing that and insist on sharing the stuff, use MP3 or Ogg Vorbis, not WMA. I don't care how much "better" it sounds, like all things Microsoft, there's some nasty catch waiting for you in the end.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
all but three of the independent, locally owned, record stores within sixty-five miles of here have closed. that leaves three stores to serve a metro population of 1.7 million.
We had 3 local hardware stores in our area close in the past year. Who's pirating screwdrivers?
Independant businesses going up against big chains always run the risk of failure, especially when the chains they're up against step up their advertising as they have in the wake of the increase in piracy awareness (at least I think that's the reason - I've certainly seen a two- or three-fold increase in the amount of ads for CDs or DVDs from the major chains since the piracy crackdown, but that could be coincidence). I think that's likely to be just as big a cause, if not bigger.
Dealing with lawyers would be a lot less tedious if they all looked like Casey Novak.
It may be difficult to create a business madel that maintains the control they desire to keep. They might not consider it viable if control is lost, even if profits increase. It may be possible that it's not the industry itself that wants to maintain this control, but the government's desire for it. Like in the original copyright law, these laws are designed control access to high tech. It's in the government's interests to have a "gatekeeper" to control what gets distributed to wide audience. It's very little different from what the Chinese are trying to do with the net itself. The Americans have to be a little sneakier about it, so that it doesn't appear to be censorship. So everything becomes copyrighted and controlled by private industry not under the influence of the American Constitution. The "church" of Scientology makes good use of these laws in the attempt to stop criticism leveled against them, for example. Keep possibly embarrassing information under copyright, and there you go.
What?
Besides this disgustingly hackneyed attempt at 'securing' musician's rights, could this be part of an agreement between MS and the RIAA? With the plans for Microsoft to be releasing an online music store all of its own (much like iTunes), this could be part of their agreement with the RIAA in order to please the corporation? This is obviously a stretch, but Apple worked at pleasing the RIAA by not allowing music to be copied off the iPod. Maybe Microsoft is trying to please the RIAA by allowing them to take advantage of their DRM and use it to 'protect' their labels. The comment from Microsoft certainly seemed complacent enough that they didn't really care about this much.
By definition, it's not their copyrighted material that's being downloaded - it's trojan software that's being installed on someone else's computer without the owner's foreknowledge and consent.
This is like saying "Some people have burgled my house and escaped in a white car, so I'm gonna slash the tires of every white car I see."
IF those who deploy the software: >don't know that the person getting the trojan has broken the law (and there's no way they could know), and >don't know whether the person getting the trojan would consent to receiving it, then >those who deploy the software are criminal-crackers just as much as someone who defaces a website.
At least *some* p2p users *are* violating copyright, but statistical probabilities are no excuse for widespread harmful, criminal behavior.
Pavlov wouldn't be so famous if he'd used a can opener instead of a bell.
It's great where a company also can "claim" freedom of speech because they want to advertise like this. I though the 1st Amend. was o.k. along as it didn't disrupt or cause harm? If I have Trojans rolling around because a POS company decides I should have mass amount of Porn and "as seen on tv" products, can't I use my 1st amend to convince them not to do this by using the same tactics?
This SIG pulled due to lack of funding. (This damn war is costing too much!)
Does this mean that if I write a worm and embed it in a file say IbelieveIcanfly.wma or the something along those lines I will go away with it?
Or should they sue all those that click on it and get infected because they were obtaining copyrighted content illegally?
Yes email has been accepted by almost everyone and the law as a legal way of communication and sending files, plus the technology system and laws are trying to protect its integrity by tracking spammers, phishers, virus writters and all those bad guys.
However, this does not mean that the bad guys using p2p should go away with it. Worst of all this is a company that is endorsed by the RIAA a well known association though not sure whether it is still well respected by the masses, but this is an association that is always in court suing everyone from kids to big companies and sponsoring ads about moral behaviour and respect for the law. Aren't these double standards by the RIAA?
Okay, they may have calculated right, they have millions to dish to the lawyers and they may well be acting within the law or somewhere in the grey areas but they have no moral integrity. THEY ARE SADDISTS.
You may ban your child from eating candy and you are right to spank or ground him if he does but placing a thorny object carmouflaged as candy under you kids' pillow is not something humane.
"Get legal by avoiding the P2P clients"
What on earth makes you think that avoiding P2P clients stops you from being vulnerable to trojan wma/wmv files?
TVstationxyorzy.com gets hacked. Their promo wmv file(s) is(are) replaced by wmvs with a trojan payload. Suddenly, downloading what you thought was a safe file, isn't. And your pc is now on the zombie network.
So now, wmv/wma files are on my 'Must Avoid' list, along with DRM'd MP3 files (the only mp3 files my Sony player won't play are the ones I purchased from a legal-download provider), and anything Real. So are Windows updates. And the entertainment industry has bitten yet another hand that feeds it.
"legit adware" Error... does not compute... How can something that hijacks your computer to shove advertisements in your face ever be legitimate, backed by a company or not?
If they were totally upfront about what their program did in every (reasonable) respect, and didn't pull any nasty stunts like not uninstalling properly, then they would have every right to be considered "legit adware".
BTW, being able to intimidate someone legally does not necessarily make something "legit".
"Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).