Slashdot Mirror
Sony DRM Installs a Rootkit?
An anonymous read writes "SysInternals.com guru Mark Russinovich has a detailed investigation of a rootkit from Sony Music. It's installed with a DRM-encumbered music CD, Van Zant's "Get Right with the Man". (Mmmm, delicious irony!) The rootkit introduces several security holes into the system that could be exploited by others, such as hiding any executable file that starts with '$sys$'. Russinovich also identifies several programming bugs in the method it uses to hook system calls, and chronicles the painful steps he had to take to 'exorcise the daemon' from his system." This house is clear.
Now is that *sony's* rootkit, or a soon-to-be-former-sony-employer's rootkit?
corporations exploit YOU!
:/
hrm, so much for humor. I don't find it funny at all
DRM wasn't intrusive in the first place.
perpetually dwelling in the -1 pits
And let me guess, it offers you an EULA and exempts Sony from any liability for damages caused by this thing?
We *really* need to get a anti-spyware bill on the books. Something along the lines of, "It shall be a criminal offsense to install non-application software on any computer when the user has not been reasonably notified in advance and/or agreed to have the modifications made. This bill will be reevaluated for its effect in three years."
Anything running in the background, rootkits, and other forms of spyware (which generally rely on the user not knowing they're there) would immediately become illegal.
Javascript + Nintendo DSi = DSiCade
I RTFA (submitted it too, not fast enough) and honestly it goes way over my head. Is it actually a root kit, ie can Sony or Sony's adgents (in a legal sense, not a black helicopters sense) push arbitrary code onto the machine and have it executed?
I'm downloading RootkitRevealer now. I wonder how long it is going to take for Norton and McAfee to upgrade their Rootkit detection abilities? Next years anti-virus release? The last rootkit that Norton found on a computer at work was well spread and had been out for 6 months. It still was unable to remove/fix the infection. :(
Microsfot needs to make it completely impossible for any software to do something like this unless the user runs in some special maintenance mode or logs in as some special account. They can make an exception for windows updates which are signed by them.
Not that this makes it better in any way, but I liked how he said
I hadn't noticed when I purchased the CD from Amazon.com that it's protected with DRM software, but if I had looked more closely at the text on the Amazon.com web page I would have known
followed by a picture of the amazon web page in question with [CONTENT/COPY-PROTECTED CD] clearly visible in massive letters.
Since spyware WITH a proper EULA has been held to be in violation by the FTC, and since this EULA doesn't really mention the rootkit's difficulty of removal, this might be litigatable.
Of course, Mark Russinovich did (inadvertantly) dissasemble content protected by the EULA.
Test your net with Netalyzr
It's one thing to copy protect your CDs to make it difficult to rip but it's another thing to install a rootkit that is by definition difficult to remove. Who'se going to clean up this mess when a Microsoft patch or SP comes around and breaks any computer with this installed?
I am very glad to hear about this. That CD WAS on my birthday list for next week.
Sony just lost a sale, end of story.
Professional Politicians are not the solution, they ARE the problem.
Do people actually install the crap that comes with audio CDs?
Sounds like an opportunity for a class action lawsuit. Everyone who played the CD on their windows system would be eligible. ...good opportunity for a group of lawyers to get rich. (The members of the action never do.)
But I know a lot of people here do. Please, every one of you that have bought faux-CDs with this junk on them, get together, find some lawyers, sue the bloody bejesus out of Sony, ok?
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
a DMCA violation to put that thingie in there.
What is next? Drm that will rewrite your bios and turn your pc into an expensive doorstop for copyright violation?
As if spyware itself is miraculiously legal and now we have this? Rootkits and spyware programs that append to windows in the mbr so even a reinstall wont delete thim IS TOO FAR!
I agree with a previous poster that is should be a criminal offense the same catagory as spypainting someones house or breaking an entry. Why do we allow this crap to be legal?
Its time we wrote our elected officials and inform them about what is happening and about Sony's drm and demand civil and criminal responsibility for malware makers. I dont care if its the CEO of some company spraypainting my house vs a teenage kid. Its still illegal and Sony should be held accountable.
I was reading on cnn about the drop of ecommerce even though there is still a rise in internet usage. This is due to all the spyware/scams/malware that is infecting pc's at record rates. This is killing out economy and many companies such as Google, Amazon, and Ebay are already getting hit with their wallets over these scams.
Lets organize and make a difference. This is a slippery slope and I fear what is coming next.
http://saveie6.com/
Man, Sony'll do anything to make sure your system has their Cell in it.
If brevity is the soul of wit, then how does one explain Twitter?
Turn off autorun.
Slashdot - where whining about luck is the new way to make the world you want.
To make matters worse, not only is everything hidden, but you can't just delete the files and reg keys or you'll cripple your system...the author of the article is a developer and he spend a lot of time just getting rid of the damned thing...I know I couldn't do it
There's a slight difference between a copy restricted CD and an "install a rootkit on your computer" CD, though...
Quote from AKAImBatman "We *really* need to get a anti-spyware bill on the books."
Remember two Law's don't make a Right.
I think I speak for all of us when I say someone should sue their fucking ass off. Talk about a double standard! Sony doesn't want the people to infringe on their content, but they themself are perfectly fine with destroying a users system. I don't live in the US, but weren't there laws passed against malware in several states? I do hope so.
Heck, Sony and RIAA treat their CD's as physical property (for example, they use the word theft and stealing instead of copyright infringement). Isn't this the equivilance, using their logic, of breaking into my house and installing cameras (or whatever the rootkit actually does).
Clearly, this man has been using Windows for too long!
More like... nerdular nerdence!
I swear, it's crud like this that makes me want to walk into Circuit City with a hammer and smash all the copies.
Look at the manager any say...."send them back to SONY...explain to them that installing of viral code is illegal" because it's pretty well known that "illegal" only applies to "us - the individuals" and NOT large corporations. Because they "purchased" the laws...therefore, they do not have to abide by them.
- The Saj
the album in question is a country album. almost the exact opposite of rap.
Don't Tread on Me
they could face lawsuits for jeopardizing a computer's security with this rootkit?
Will Sony now sue the author of the Article for violating the DMCA and reverse engineering their technology that was intended to protect their copyrights and trying to help people illegally copy their music? I'm not saying he did any of that, because he certainly didn't. But, I'm just wondering if Sony will try to take that position...
Randy.Flood@RHCE2B.COM
Read Slashot
Get Van Zant's "Get Right with the Man". Cd
Install Cd
Get pwned
Call lawyer
Sue Sony
Profit!!!! for you and Van Zant
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
I know you can disable auto-run and such to get around this type of crap. But what happens if you just 'disagree' or whatever on the EULA? I assume that Sony will then not install the rootkit and you can rip the CD with whatever tool you normally use? Or does Sony install the rootkit anyway, setting themselves up for criminal prosecution? Does anybody have a copy of this thing to try and answer that question?
It just seems kind of silly to have DRM which is totally dependant on the user to request it be installed. Or can refusing an EULA be considered a violation of the DMCA?
"the author of the article is a developer and he spend a lot of time just getting rid of the damned thing...I know I couldn't do it"
But thanks to his hard work, now we can! I for one love this guy.
Now I have another reason to dump Windows, this rootkit won't run on Linux or Mac.
-nB
whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
Getting a cockroach with my just purchased pizza.
This is exactly the same mentality that brought us the memory stick and the mp3 walkman who could not play mp3's, only ATRAC. Incidentally, Sony profits are down 46% this quarter. I can only add that this is another nail in the coffin of a company once known for its innovation, high standards and uncanny understanding of the consumer's mind. They better hope the Ps3 saves their collective asses
You can't enter into a contract which violates the law. Thus a "contract killing" is not a valid contract.
...after he tried to rip another Sony produced CD "Healthy in Paranoid Times" by the Our Lady Peace:
Disappointing, to say the least..., October 14, 2005
A Kid's Review (Amazon.com)
I tried copying this CD, not knowing that it was protected. So, I ripped it to my hard-drive and burned it. But, when I inserted the burned copy into my computer, the screen froze for a while, and an installer icon appeared on the taskbar in the bottom right. It installed somthing - and now I cannot burn anything, with any program. I've even tried using a different, external CD burner. A disk error comes up during burning, even if I am not not burning audio CDs. This was not a fluke. I've talked to other people this has happened to. Avoid anything with "copy protection." Sony might as well burn viruses onto the CDs they distribute.
Stick to the gaming business and let us play our fsking music.
Arigato -_-
I suppose I could look this up if I wasn't so lazy, but isn't Van Zant from Lynard Skynard? Not exactly country and definately not Rap or Hip Hop.
Real SUV's don't have cupholders
It's 5:42 A.M., do you know where your stack pointer is?
I used to buy a lot of CDs but stopped around the time of the napster lawsuit. I would probably still be buying 2-3 discs/month if I didn't consider it immoral to buy CDs.
At http://www.sonymusic.com/about/feedback.cgi
On this CD's product page, there are several negative reviews on account of spyware. My favorite puts into plain English why this is bad: "I am very unhappy, since I now listen to all of my music using my IPod."
I think this is the way to fight DRM. When we complain about DRM rights, we're fighting a crusade on principle, and few people really get what's wrong. When you say, "This CD that I paid for can't be transferred to my iPod," people will see that it's outrageous. When people see that it's installing spyware on your computer, they'll flip. Cheers to whoever's left this feedback.
________________________________________________
suwain_2
we used to pop in a CD in the server room into the servers to listen to something other than that warm fuzzy hum, or cold blowing of the airco, or the shouting of the 5 vents on the cisco access servers .....
....
:) other than cleaning staff to take the 256^2 dirty coffe cups from the corner and to clean up the "accidentally damaged" remains of shattered keyboards ....
of course then there wasn't drm, nor we had software, just the play button on most of the cd drives....
not a good idea anymore?
it wasn't a good idea either since those over used cds messed sometimes with the drives (e.g. when linux refuses to eject or do anything other than presenting a LOOOOOONG atapi error running on the console
but well back then sysgodz (OK, that is a lame word) were allowed to do all kinda crap, besides no puny humans entered the restricted refrigerator area
Has "Van Zant" or their agent made any comment on how they feel about what Sony is doing to their audience in their names? (Would they even understand what Sony has done?)
I'm glad I get my music off of p2p networks and don't have to worry about trojans and rootkits and that evil hacker stuff!
I think the article provided enough evidence as is. Yes, it is "DRM shovelware", which is an offense in itself. Yes, it's hard to uninstall, which is bad. But it's also trying to hide itself, which is really nasty, and it hides stuff indiscriminately, which is worse.
It is a rootkit, because it messes with the OS to hide specific files. It is a dangerous rootkit, because it hides all files that start with some prefix, not just the specific files used by the DRM mechanism - this could be potentially used to hide more mischief from the same source.
1. Most extreme case: writing a letter saying someone is allowed to kill you, doesn't give the killer the right to kill you. They will still get tried, because they are still breaking the law. It is my understanding that the law is more important than any document you write, right? This is why euthanasia is such a hard issue in the USA ...
2. Now back to the EULA, where it seems that somehow I can waive my right to expect stuff not to break my computer.
Which is right here? 1. or 2.?
No no no no no - lets get this right - rootkits only permit you to root a *nix system. On Windoze systems, the System Administrator is already rooted.
It does almost exactly what Hacker Defender does.
Are you saying Hacker Defender is not a rootkit?
It's worth noting that the DRM in question, which prevents a CD from being ripped into an iPod-compatible format, can be circumvented by the following step:
1.) Insert CD into a Macintosh
(And yes, little Timmy, Linux/BSD/FreeDOS/whatever)
I did a quick search on Sonymusic.com for EULA, and got nothing in return. I looked in their help section, and saw nothing. Gee, I wonder why they won't post that..........
Now, if that makes sense to anyone, could you please explain it to me? I think I've confused myself.
Well if the reader base of Slashdot alone used a non-mainstream OS, Google statistics would shold an increase in the number of alternative OS's, and this would in a round-about way remove this root-kit problem all together, since at the end of the day, there would be no financial incentive by Sony (or others) to finance a DRM and copy protection scheme which would only be effective for
Want to stop this nonsense from happening in the future? Actually run a non-mainstream OS. That shouldn't be hard for most of the visitors of this website, shouldn't it?
Revolution = Evolution
Don't confuse the included media player with the rootkit files. The author clearly states that 'Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software', and that is exactly what is happening here.
If you do this, then you are deliberately disabling a copy protection system, which is illegal under the DMCA. So Sony can sue you.
[Note: this varies with your jurisdiction. No DMCA in Canada, yet.]
Doug Moen.
I have written a truly remarkable program which this sig is too small to contain.
The ability to run arbitrary code as a regular user is bad enough. It'll turn the computer into a zombie anyway. Microsoft does makes the problem worse, but they can't prevent it.
The Raven
I've been randomly having to stifle laughter for the past fifteen minutes. Thanks a lot ;)
"99 dead duelists of Dios on the wall. 99 dead duelists of Dios! Take one's ring, pass it around..."
Work hard to make sure that CDs using intrusive and possibly illegal DRM are the ones MOST ACTIVELY distributed via P2P.
This should be done not because "information wants to be free", but rather because businesses who engage in these sorts of practices should be made to fail financially.
When the labels have their annual shareholders luncheon and are forced to show the fancy Powerpoint presentation entitled "Effectiveness of DRM Solutions at Limiting Piracy", the graphs should be embarrassingly skewed in the wrong direction.
The only thing that works is money. So make sure they, and the band, see none.
"The band?! Surely you can't be serious?! They're probably just innocent victims." Bullshit. No one forced them to sign away their souls like whores. It doesn't take a rocket scientist to know that Sony and all others of their kind are customer hostile. Take your music elsewhere. Because that's what I'm doing with my money. And if you're only in it for the money, then you don't get to have any.
shovelware? wtf? the author used "rootkit" because the DRM software:
-was installed without the users knowledge
-hid itself deep inside the registry/filesystem
-hooked itself to system calls
-monitored its components at the cost of the user's CPU resources
-protected itself ""
-didn't include an uninstall method
-had the potential to destroy the machine (if they attempted to incorrectly remove it)
it ran under the localsystem account ("root") and wasn't a single binary - it had several components all maliciously working together (a "kit").
http://en.wikipedia.org/wiki/Rootkit for more
smattawichu
The problem with rootkits is that once you've been infected, there's no way to clean the infection without booting to another OS.
For a great movie showing the author of hacker defender defeating most all of the current rootkit-defeating programs see the following link:
http://www.hxdef.org/download/brilliant.php
I patented screwing your mom. But it got revoked for "prior art."
Seriously speaking, this shows two things. One is yet another demonstration of the fundamental evil of Microsoft's "security" model. Even if you weren't running as root/Administrator (and everyone does, don't they?), then the "reputable" installation from the "reputable" company would just ask you to elevate your privileges.
The other thing is that power is always abused. If not now and by Sony, then tomorrow by some other "reputable" company. (Or put on your tin hat and say "Yesterday by the NSA.")
I hope they track this story, and if it is not another misguided /. rumor, I certainly hope that Sony repudiates the technique and the software. Soon.
Then they should apologize.
Then sack the person responsible.
Then sack the person responsible for not sacking the responsible person earlier.
[Infinite loop warning.]
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Boycott their stereo's, TV's, PS-Whatever, and their movies.
I wonder if the next version of the rootkit will also have a blacklist of web sites (those describing what it is and how to remove it), and block any access to them. That's just about the only thing they forgot to add, apparently.
Its UnBOOlievable that Sony would pull the trick of letting a vampire company suck the life-blood of out a normal villagers computer, instead of treating the users to a safe use of their music.. They should be helping to prevent zombies on the web. I might just use google's spider to carve out my solution to this proverbial black cat move of the industry. But, witch query should I do!?!
DYWYPI?
America - well, there's no privacy in the US of A. The trade in personal information is open and widespread. There is an excellent chance that if anyone tried to prosecute Sony over privacy infringements that it would be laughed out of court. You can't protect what you don't have. Posession is 9/10ths of the law, and Americans posess very little - much as they often like to believe otherwise.
Sony actually has a much stronger case. Reverse-engineering their DRM scheme is in direct violation of both the letter AND the spirit of the DMCA, which is explicitly intended to prohibit exactly this kind of research (ie: the study of the spyware) and this kind of result (ie: the removal of it, afterwards). Depending on who Sony licensed the rootkit from, there is a possibility it might also violate aspects of the PATRIOT act. (If the rootkit is also used by any law enforcement groups, then this study could compromise wiretapping provisions in the act.)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
... CLEAN.
m0nstr42.blogspot.com
do they do a mac or linux version?
My refrain to the copyright holders: The people being hurt by this DRM software are people who have already communicated their intent to do the right thing by purchasing the CD. Sony has just guaranteed that a lot of people will never make that mistake again.
Welcome to a Brave New World: People who pay for their music get viruses, while people who download it at no cost from illegal sources get clean MP3s that they can freely copy and use on whatever devices they own.
Currently downloading:
Van Zant - At least I'm free.
The only result in a gnutella search.
Van Zant the group is comprised of the two Van Zant brothers Johnny and Donnie. You're correct that they both have "country-styled" rock roots, but this album is basically known as their first full-blown country album. So I see where you're coming from, but this is a country album.
http://www.first4internet.co.uk/
w ww.osronline.com/showThread.cfm/
Google Groups thread with Ceri from first4internet.co.uk looking for help to write his fucked-up CD drivers...
http://66.249.93.104/search?q=cache:hDmbqX5yahgJ:
What's depressing is that Sony undoubtedly paid them a good deal of money to write this shit.
I don't know the full details as I'm not beta testing Vista, but I do know that Vista has some protections like this in it. This is in large part why MS talks about Vista being much more "secure" than past windows releases. A good example of this is is device drivers. As started in this article(a Q&A with the head of ATI's driver team):
& file=article&sid=6
http://hardwarefanatics.com/modules.php?name=News
"Vista requires a brand new driver model. It is actually called WDDM (Windows Vista Device Driver Model). Whereas before, device drivers were something called kernel mode based, they are now user mode based. This means that drivers do not directly talk to the operating system and have the ability to crash it. The end result will be greatly improved stability for devices on Vista. The amount of work to support the new driver model is tremendous. It is basically a re-write of the entire driver. However, we are very much ahead of the game, and feel good that we will have the best Vista support when it is actually released (and even sooner with our beta drops)."
You are who you are, let no one tell you different. But, never close your mind to a new point of view.
if i wanted to play that disk in my car cd player ? or my Diskman ? or in my HiFi setup in the home theater room ?
Err, he provides plenty of evidence. The one I can mention here off the top of my head is that the software patches the system service table to intercept system calls and redirects those calls to the drivers that came with the CD.
Sorry, but any software that is patching the *kernel's system service table* and intercepting calls to those services without my permission is a rootkit. It alters the fundamental behavior of the machine, does so without user's permission, and tries to cover it up. Not OK.
As the 2% of the population that actually understands what this thing is, does, and means we can and should be angry and vocal. The vast majority of computer users run Windows, with autoplay on, and will get thoroughly owned by this. They'll just think their computer is broken and keep buying RIAA crap with that assumption.
(What's more, if I have to clean up another non-technical friend/relation's owned computer I think my head's gonna explode.)
As I said above, any software that patches the kernel's system service table to redirect system calls to trojan software without permission while hiding (and making itself impossible for your average user to remove) is a rootkit. It only makes it worse that it *never stops running* and *starts up even in safe mode*. These are all hallmarks of a rootkit. Just because it doesn't send spam and all your passwords/credit card numbers to a server in Russia doesn't mean it isn't a rootkit.
What's supposed to be the logic behind this move? Curb piracy?
And its in that respect that record companies simply don't get it. First of all, they're completely punishing their fans for purchasing their product. After all, how do these CD protections benefit the consumer in any way? The only thing that results is more nuissance for that consumer - thanks to Sony's protection, they aren't able to put the music they bought on an MP3 player for instance. They aren't able to put the MP3s on their computer so that they can listen it from there.
Do they not realise that people use their computers for music these days? Nearly every student I know has some kind of MP3 jukebox set on their machines, where they shift songs between their entire music collection. The companies have been operating on a basis that their products should not be compatible with computers at all, going so far as deceivingly installing these virus-like programs. They think that that will reduce piracy. Fact is: it hasn't, nor will it ever.
As the old addage goes: where there's a will, there's a way. And I've yet to see a CD where its contents could not be ripped. So this does not curb piracy in any way - meanwhile, it makes the CDs less appealing to the fans. Why spend $20 on a product that only half-works? A product that behaves like a computer worm and installs a rootkit?
Piracy doesn't exist because people can do with their CDs as they see fit. It exists because people are getting fooked around by the record industries left, right, and center. Infecting PCs with worms, preventing people to listen to music they legitimately purchased, are hardly steps forward to make the CD format more appealing.
The record labels simply do not get it.
The real "Libtards" are the Libertarians!
It's a piece of DRM software that hides itself.
... attempt to hide their presence...". Arguably, DRM isn't malware, but I take the stance that it is as it prevents me from exercizing my rights (hence, malicious). Would you disagree?
It's a piece of software that hacks into, essentially, a kernal function lookup table... isn't that by definition a rootkit? Sysinternals defines a rootkit as "the mechanisms and techniques whereby malware,
Are you saying Hacker Defender is not a rootkit?
Hacker Defender is a root kit because it has the capability to backdoor the system it is installed in. As in remote attacker can connect to this port and control the machine.
The DRM that Russinovich describes does't seem to make or listen for network connections nor does it seem to do anything other than hide itself, stop user from ripping CD's and other stuff.
At least as far as Phillips are concerned, anyway.
Sony still hasn't agreed to come on board with iTunes, which I find damn annoying. Everytime I search for an artist and don't find them (considering they're a big artist), I go and search for that artists publisher.. and what do ya know, always sony.
I'm really starting to hate that company. This BS "DRM" is just the icing on the cake. Sure, iTunes has DRM, but it's quite benign (5 computers, unlimited ipods, unlimited burns per song, 7 burns per album).
They're too big, and have their hands in too many pots. Time for Sony artists to take a stand and go with somebody else (quite difficult, considering the ass-raping contracts they probably had to sign). Essentially, Sony are denying their artists a source of income to satisfy the needs of their consumer electronics department. I'd be pissed.
Is that Russinovich actually chides the DRM developers for weaknesses in the implementation meaning that it could be made more stealthy and stable.
Maybe someone should hire Russinovich to write a DRM.
... the little guys are more likely to crumble. Why not target the source of this crap? I did. Though, admittedly I'm sure SONY keeps their wallets fat enough to ignore us. See below:
o tkits-and-digital-rights.html) for the disreputable practices they are, and for identifying "First 4 Internet" (sounds like a shoddy store-front operation for a bunch of Black Hat rejects) as the company directly responsible for the most vile intrusion my system has ever received. And the fact that your ill-conceived product leaves my system open to additional intrusions of this nature is unforgivable.
===
Mail-To: info@xcp-aurora.com, info@first4internet.co.uk
Subject: attn: Mathew, Tony, Peter, Nick; re: Extreme displeasure with your XCP product.
To Whom it may concern:
I would like to address the outstanding issue regarding the software your company licensed to SONY BMG here in the United States. This software proposes to be a harmless DRM solution for the corporate customer as a method of protection against malicious users. However, what your software critically FAILS at is conscientiously protecting the end user against exploits of your poorly, shit-house written utilities.
Personally, I'm glad that your nasty parlour tricks were recently exposed by SysInternals.com (http://www.sysinternals.com/blog/2005/10/sony-ro
May whatever sink-hole from whence you rose quickly swallow you back. You have no right to voilate my computer's integrity. You have no right to scan the contents of my computer. You may have the right to hide in the darkness of Windows' subsystem like cowards, but that does not mean you won't be seen. You have no right to abuse the trust garnered by SONY from the citizens it regularly calls customers (or, perhaps more appropriately, "guinea pigs"). I hope the light of truth sends you roaches scurrying.
With the wretched taste of bile at the back of my throat,
[my name]
[my email addy]
===
Personally, I purchased "The Dead 60s" latest album, and sure enough it had the exact same copy-protection crap as described on sysinternals.com. That article sure shed some light on the behavioral difference in my system since I got that CD (significantly slower start up and execution times on a 1.2 GHz, and constant 5 - 10% CPU usage with almost nothing running). Fuck them. Fuck them right in the ear.
It was stated before, and I'll reinforce it: This kind of DRM ADVOCATES piracy. You are safer without DRM. I intend to zap my Windows machine and go to Debian (as I've been considering, but now have good reason for security purposes), and return this CD by mail to SONY BMG in a thousand tiny pieces, but not before I copy it and distribute out of sheer spite.
Thank you for reading One Man's Opinion. No participation necessary. Offer void where deemed by law or PATRIOT Act.
Can it say "AFLAC"?
The "hiding itself" part is what makes it a root kit. It disrupts the normal operation of your operating system without permission. With it installed any file starting with "$sys$" will become undetectable to everything but the most specialist tools. Network connections are not required.
"Taligent is still pure vapor. Maybe they'll be the last who jumps up on Openstep... "
Backdoor has nothing to do with whether or not it's a rootkit, that is simply one of the common things a rootkit is used for.
It's kernel level code that hides itself and other things. As other posters have said, if it looks like a duck and quacks like a duck...
The "rootkit" does indeed do the things you specify, but this does not make it a rootkit, IMO. A rootkit maintains a backdoor for another entity -- one should look at intent as well as behavior when classifying these things. IMO, if there is no backdoor, there is no rootkit, though the software does indeed incorporate many behaviors in the style of a rootkit to achieve its purpose, which is to try to prevent Customers from having direct access to some data. This is isn't even a virus because it does not want to propagate. I am not sure what to call this crap other than a trojan, but I thought rootkit was hyperbole derived of the author's outrage at finding it so hard to detect and remove, which does the otherwise excellent article a disservice.
I tend to think of software more in terms of purpose than behavior, as behavior can be incorrect. Regardless of anyone's disagreement with the way I categorize this software, my comments do not intend to diminish the article's value or the pertinence of Sony's ignorance. It is clear that Sony's executives either have no clue about what their DRM software is doing or do not care -- either way, a change needs to be made.
They don't put it there. You do. They just packaged it for you. If you didn't want to give them permission to run arbitrary executables on your computer, then WHY DID YOU RUN THEIR EXECUTABLE??
IANAL, however, I believe that contracts that are made in bad faith, or with the intent to decieve a particpant are not binding. If this is the case, I think that I wouldn't be hard to argue in a court that you have no obligation to keep Sony's rootkit (by deffinition an illicit and deceptive tool) on your computer. Moreover, you might also be entitled to damages resulting from said 'bad faith' agreement.
Even if my assessment isn't quite correct, it seems to me that it is probably fuzzy enough of a point to invite litigation. If I were a multimillion(billion?) dollar company I wouldn't be the one to test the legal water on something like this.
HA! I just wasted some of your bandwidth with a frivolous sig!
* This story will not make it to high-profile offline (TV, etc) news sources.
* Most of the people you know will keep buying CDs in stores without checking for the "CD digital audio" logo.
* Most of the people you know will keep doing business with such companies.
Can we do anything about any of it?
Can I copy it using Linux or a hardware CD duplicator and wind up with an exact image?
How about if I stick it in a Windows box and hold down the SHIFT key and use run-of-the-mill CD-copy software?
Assume the software or hardware duplicator is neither designed to overcome nor honor copy protection, that is, they to their best to faithfully copies any bits they can read, failing on "unreadable" bits but not aborting the copy when they see readable bits that indicate a copy-protection "signature."
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
RTFA, the EULA does not mention this at all...the writer of the article made a specific point with respect to this.
It's awful hard to conceal a rootkit if it is mentioned explicitly in the EULA....
You, the user, will not remove or tamper with the rootkit we have installed at c:\winnt\system32\secretsonyrootkit. You will not interfere with it communicating with servers at 64.27.129.244 on ports 62001-62004, or stop the windows service labeled 'svchost_mgr'. If you fail to comply with the terms of this binding legal agreement, you will be forced to by Brittiny's next five (5) albums.
HA! I just wasted some of your bandwidth with a frivolous sig!
It indescriminately hides any file beginning with "$sys$". Not just its own files. Any file. Now tell me this isn't a rootkit.
Don't just stand there, get that other dog!
Sony, you have gone too far...
No PSP for Christmas!
No PS3 next year!
So you protected a $15 CD by killing ~$700 of hardware purchases plus whatever games I would have purchased.
No wonder your stock sucks and your revenues are down!
Your DRM works, I'm exercising my right not to purchase your products any more!
"I say we take off, nuke the site from orbit. It's the only way to be sure."
rootkits are an example of DRM gone horribly wrong. at least with online music stores, they let you make copies of a CD and it doesn't run buggy Sony code and screw with your already insecure windows environment.
DRM is acceptable if it's consumer friendly and is only made to stop mass illegal distribution. Ideally DRM should make copying and sharing digital music over the internet equally inconvenient as it is for analog mediums.
DRM shouldn't be a way to make up for lost music sales due to piracy. the industry needs to adapt. they have to realize, if they embrace online distribution with extremely light DRM, then piracy won't be an issue.
If the industry sold songs for around $0.39, or something low like that, people wouldn't find it worth the effort to even download illegal copies. lowering the outrageous prices for music is a DRM in itself. Everyone knows that it costs way less to put a song online than it does to package it and distribute it to 900,000,000 WalMarts. Heck, with BitTorrent I could distribute a whole album at absolutely no cost to me, no real bandwidth concerns, nothing.
Okay I'm straying from the topic...but what if online music stores used technology like that in BitTorrent plus light DRM so that the online music stores could make more money? They would eliminate bandwidth costs, and they could possibly set up some backup servers to do normal http/ftp downloads if a songs aren't popular enough to find enough peers.
even i can think up so many ways to squeeze out more money of music sales without taking advantage of the consumer.
I read this article not 30 minutes ago. Thought it was very insightful and good investigative work. What happened? Now the link is dead, no mention of the article on the sight, coral cache can't dig it up, nor can google cache?
Where did it go? Anyone got it in cache? How about a mirror?
Cat's out of the bag now. Congratulations, Sony. You fucked up big time.
I'd like to take this opportunity to dissect the article in question here, to point out just how positively obscene this is. There are a few key points I'd like to highlight that I feel we should all take into consideration.
It would appear that Sony has deliberately begun shipping rootkits with its DRM protected CDs. According to the article - and this is a pretty good definition, by the way - "Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden." In a nutshell, this means that the program shipped with the CD in question here - and possibly other Sony CDs - is designed to hide itself and other programs from view. In other words, once installed, it will allow Sony and any other interested party familiar with this particular rootkit to operate programs on a compromised system without the user knowing it.
Let's take a step back here to consider the implications of this. Sony is distributing a rootkit, but what does this have to do with DRM? Well, if you really think about it, it has everything to do with DRM. A DRM program that cannot be seen or easily accessed can operate secretly, monitoring and manipulating the system behind the user's back. Any future DRM software Sony distributes could infiltrate a computer secretly, and burrow deep into the system files of said computer.
According to the article, the rootkit was produced by First 4 Internet. Upon investigating the company itself and the products and services it offers, the author dredged up this lovely little nugget of joy: "... However, the fact that the company sells a technology called XCP made me think that maybe the files I'd found were part of some content protection scheme. I Googled the company name and came across this article, confirming the fact that they have deals with several record companies, including Sony, to implement Digital Rights Management (DRM) software for CDs." That right there should be proof enough that this is no accident, and anything but legitimate DRM. Not only does having a rootkit handy make the DRM difficult to thwart, but also allows it to operate secretly.
Now, you'd think that you could just remove this software, right? Wrong. Dead wrong, as a matter of fact. The author of the article had a hell of a time removing the rootkit, actually, and not only that, at any given time, it was consuming between one and two percent of the CPU's power - a small 'penalty' for even having it. (And any programs it's hiding would also have to leech off the CPU and RAM as well.) As he attempted to remove this shit, he discovered even more about the software: "As I was deleting the driver Registry keys under HKLM\System\CurrentControlSet\Services I noted that they were either configured as boot-start drivers or members of groups listed by name in the HKLM\System\CurrentControlSet\SafeBoot subkeys, which means that they load even in Safe Mode, making system recovery extremely difficult if any of them have a bug that prevents the system from booting." Suddenly, this is more than a performance issue. This software could theoretically disable a system should it break or be manipulated by the software it's hiding. It would appear, however, it is possible to remove, but only after eviscerating a handful of driver files, registry entries and keys, and other lovely goodies from your system. The rootkit and the DRM attached to it do not have an uninstaller, and unless you take the same steps the author took to remove this flaming pile of garbage from your system... Well, he puts it pretty well:
"The entire experience was frustrating and irritating. Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files wit
How long for another, slightly different DRM rootkit starts fighting with this one with each trying to take control away from the other as both run on your system?
Of course, it needed some level of privilege to run. Does this CD simply refuse to play if you're not Administrator or Power User?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
I'm glad I get my music off of p2p networks and don't have to worry about trojans and rootkits and that evil hacker stuff!
Modded funny? If I have to put up with rootkits when I buy a CD, this might as well have been modded "Insightful".
What we *can* do is write a detector (only takes one of use) and hopefully a remover. Distribute it widely. Make it plain where this malware came from too... the non-technical will soon understand that playing a Sony CD will break their computer - that's all the knowledge they need.
First they come out with copy protection that's easily defeated by a magic marker. Then they they come out with a rootkit as part of DRM.
No wonder they're losing piles of money. They're wasting it all on stupid stuff like this!
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
Given the "duck" reference and it being Hallowene and all, what do we do with witches? Burn Them!
it's a 5/$5000 penalty, class C felony, to knowingly distribute harmful software to a PC in Minnesota. 1992 law, I believe it was. demonstrating this is a rootkit is prima facie evidence that this would be harmful software.
somebody with means should get a case opened....
if this is supposed to be a new economy, how come they still want my old fashioned money?
If I kill you to prevent you from killing me, killing you is self defense and not a crime. Seems reasonable that if I kill Sony's process to prevent it from stealing my ID that it's self defense and not a crime. The DMCA is one of those laws that is so out of whack, nevermind the US Constitution. It probably violates Brittish common law, the Magna Carta, and if you look hard enough it probably violates the code of Hammurabai and the social order of primitive hunter-gatherer cultures too.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
I thought I was ahead of time, when I implemented a rootkit DRM just a few days ago. My rootkit is a part of my project, trying to show how malware and DRM systems can get really close to each others, and both get protected by law. Under EU Copyright Directive, it's going to be illegal to remove this rootkit.
You can read about my copyright projects here:
http://muzzy.net/files/copyright_projects_en.txt
-- Matti Nikki
as you pointed out, it says "CD." "CD" is a trademark, and can only be used (per Philips) to describe optical media meeting certain standards. In the case of audio CDs, that would be the "Red Book." As this piece of plastic clearly does not meet that standard, it should not be have been called a CD. It is (legally) safe to assume that anything called a copy protected CD has only benign protection, such as the copy protection offered by copyright law. Anything which uses technical means of copy protection is not a CD.
"National Security is the chief cause of national insecurity." - Celine's First Law
Why should Sony be able to get away with blaming it on an errant employee?
Digital Citizen
Ronnie Van Zant is from Lynyrd Skynyrd. He's dead now.
The band Van Zant is his brothers doing a southern rock sort of sound that gets played on country radio. The title track from the album is a good song IMO, but I guess I won't be hearing much of the rest of the album.
Procrastination -- because good things come to those who wait.
So, um, what's going to happen when this gets out (if it does) and DRM is equated with virii/malware/trojans/hackers etc?
Somehow, I don't think Sony wants to be known as the guys who put illegal software on your computer to protect "digital rights".
This kind of stunt will only boost Apple's iTunes profits. People could just buy it from their store when available.
As for the legal discussion for disabling the rootkit. No one should assume if Sony would win or not unless they are a lawyer.
Copy Protection is copy protection. If Amazon.com says it has copy protection, then it includes whatever method the manufacturer used including the rootkit.
To avoid this rootkit, then don't buy the cd. Show your disgust for Sony's actions.
\
Shouldn't MS be upset at this? After all, here is Sony, willfully damaging MS's intellectual property in order to protect their own. The battle has been joined - the giants are at war and the battleground is your windoze pc...
So, with things like this going on, what's the relative prevalence of rootkits on music purchased on CD from a store and music downloaded (legally or illegally) from file trading networks?
It's starting to look as though it's more secure to go with the file trading networks than the stores.
Here's what happened to me last month: american brother of a friend comes to visit. He brings a handful of DVDs, we try to watch them but lo, I haven't dezoned my DVD writer. After 30 minutes of trying to find the patch I give up, and spend about 30 secs to look the movies up in a bittorrent site and initiate download.
We watch them the next day with excellent quality and no FBI warning crap.
Norton actually REMOVES viruses?!
The sounds like something the National Enquirer would do a story on. "Norton Actually Removes Viruses instead of just showing you you're infected!"
And just how is such a device going to reach the Internet?
iptables -A INPUT --mac-source XX:XX:XX:XX:XX: -j DROP
And they can hardly send in the storm troopers based on this sort of evidence, "Midunno, the house got hit by lightning, maybe that screwed it up? I can't show you the device, it was broken so I threw it out".
That would also make for a nasty payload for a Windows virus. Not only does your DVD player get turned into a paperweight, the victim might also get raided by the DRM police.
Xix.
"Everything is adjustable, provided you have the right tools"
Dear Sony Regarding the rootkit you are attempting to install on the computers of customers who purchase Van Zant's "Get Right with the Man": my relationship with you is over. I will never again purchase -any- CD from Sony Music. Period. Your intentional introduction of security holes and your undisclosed modification of the operating system is simply unacceptable and uncalled for. Your application of excessive, intrusive and unreasonable DRM has ensured that I will -never- purchase any work with the Sony logo. The number of pirated copies this prevents me from downloading or sharing? Zero - I don't pirate. I don't give people copies of my music. The number of future dollars your DRM (which is sure to be broken within weeks anyway) has cost your company? Beyond calculation: my life expectancy has me sticking around - NOT buying Sony music, by the way - for decades to come. Was this worth the trade? If you want my business then I demand nothing short of full public disclosure, an appology, and the very public firing of the executive who gave the green light to this horrible, horrible concept. Please note that I intend to share this letter with others. With luck they too will refuse to purchase Sony music in the future.
If the g'vt kept the data on you that google does you'd better believe you'd be calling it "doing evil"
How hard would it be to keep a checksum of every important file in C:\WINDOWS on a CDROM, along with a program to verify each file against the externally stored hash?
The only problem I can see is that the rooted kernel may interfere with the program which does the check, but I suppose you could get around this with a bootable CD.
http://michaelsmith.id.au
But now the legitimate users are getting rootkits installed while the pirates can download a DRM-free version of the album? I'd rather take the chance on an illegal download than put something in my computer that I know will install a rootkit on my system.
If Sony's DRM ever gets popular enough (and I hope to god it won't) then what's to stop virus makers using the cloaking abilities of a rootkit ALREADY INSTALLED for nefarious puposes? Sony is bound by their EULA not to collect information, although that EULA mentions nothing of removing the software. Hell, they could even claim under the "reverse engineering" clause of the DMCA that removing it requires disassembly and then sue you.
I really hope this goes to court and Sony gets handed their ass on a platter. Otherwise this will be a real blow to privacy and (even though corporations/government don't care about it any more), fair use.
Stay away from this Sony crap.
Sony is distributing this as part of some larger, possibly effective DRM system for music CDs.
What I see here is an endless amount of whining about how awful this is. You are overlooking the potential of this. The key here is that this is now out in the wild and can be exploited. The contest should be to come up with creative (and possibly destructive) things to do with these drivers when packaged with other software.
The result of this should be interesting. I think the responsiblity for all of this rests with Sony and First 4 Internet, but I would really like to see something creative done with this, such as an ActiveX control that disables the CD drive of anyone who visits a web site. The point is to make as much use of this as possible. Sony has provided the tool, it is now up to everyone to make as much use of this as possible.
Whoever has the gold, makes the rules.
In the US, we have a powerful group of people who buy and sell legislation on a daily basis. We call them Lobbyists.
---
Just because I'm paranoid doesn't mean they aren't out to get me.
And this doesn't even get into business partnerships with Michael Jackson!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
It seems like the dems took away our rights for fair use and the republicans are taking our rights to sue. So your guess is as good as anybodies. Maybe even better.
I prefer the "u" in honour as it seems to be missing these days.
Evidently Russinovich ran the executable and clicked "Agree" on the EULA. He didn't look into what happens if the user opts out.
If you click "Don't Agree" and it installs the rootkit anyway, I'd say there's a crime and a tort, maybe more than one of each.
/ not a lawyer, but am a LS grad.
The technology used in this rootkit appeared on Slashdot about six months ago.
At least now we know how it works.
It is most likely that this is actually an elaborate ploy to ruin the lives of Van Zant fans by die hard Lynrd Skynrd fans.
And I'll use my favorite game as the example. Enemy Territory. It's perfectly legal. It tells you that you will need to enable punkbuster (a separate piece of software) in order to play on many servers, in order to prevent cheating. You're given the option of disabling the software, and even playing on servers that do not have punkbuster enabled.
Punkbuster counts as application software, IMHO. Now, what Sony is doing, I do not believe is application software. First off, this is an Audio CD. It's application is to play music. Installing software on your computer, let alone a rootkit, is not part of the application function of playing audio, to me. IANAL. I think Sony's rather fucked on this, as long as someone actually bothers to think of this sort of point.
Though, I hate to see it when playing an audio cd requires even a hardware-enabled DRM chip in your cd player to tell the laser how to read the data, or integrate the rootkit as an essential function of the game (I.E. the game system crashes because a 'critical' file has not been found.) At that point, I think I'll be playing classics for a LONG time. Well, that's not too bad, I think. Old games kicked ass and were innovative. Now everything follows the same pattern (for the most part, not EVERY game is a damned rip-off or clone,) in almost every genre. Asides from neat games like Katamari Damacy, and a few others that I'm too drunk to recall, there hasn't been much innovation. Shoot, kill, rinse, repeat. Fly, bomb, land, repeat. Look for items, talk to people, fight monsters, save game, repeat. *sigh*
I'll stop my rambling, now. My head hurts. Damned cheap Aldi beer.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Are you nuts? What would it take for you to accept the fact that Sony is using rootkit technology? What is your definition of a rootkit? Rootkits are stealth technology that enable processes/files/directories/ports/even user accounts to be hidden even from the OS itself. That seems to sum up what Sony has done here (rather clumsily actually).
I bought a CD from Amazon that was protected 2 or 3 years ago (it was imported from Germany, US didn't have protected discs yet). Amazon didn't say it was protected. When I got it, I saw it was protected, so I didn't open it, I returned it. Then I went to Amazon and posted a review that said don't buy this, it is protected, you can't use it with your iPod (not that that meant that much back them). Amazon deleted my review!
I'm glad to see Amazon now not only allows these reviews, but marks the CDs as protected at the top. I will not buy protected CDs.
Really, it's important we not buy protected CDs from retailers. And return each one we buy by accident, even if you think you can beat the protection. Our only hope to stop the sale of protected CDs is if retailers stop stocking them because they don't make them any money.
SO DON'T BUY PROTECTED CDs!
http://lkml.org/lkml/2005/8/20/95
Is this CD playable without the drm software after using cdparanoia or some other tool? SonyBMG is now added to my list of labels not to buy due to copy protection, which previously included ToshibaEMI and Avex Trax for their (cdparanoia breakable) copy protection. In fact I don't buy CDs any more, I just keep a copy of cdparanoia around because sometimes people give me CDs as presents and often they seem to have some kind of copy garbling, erm protection.
IMO, if there is no backdoor, there is no rootkit,
You're welcome to your opinion, but be aware that it differs from those that work in the AV industry, InfoSec companies, and Rootkit authors themselves.
Although I'm sure they'd be noncommital in their official response, I'd love to hear what they think internally about this kind of thing. If "security" really is their #1 corporate focus as they've been so eager to tell us, this should have them screaming at the top of their lungs.
The chances of us slackers motivating our corporate-owned legislators to smack Sony is comically low, but if we could get a second big player in there on our behalf, there's a real chance to get this awful idea blackholed like it should be.
Anyone have any high-up connections within the Empire?
I forget who the artist or publisher of the CD in question was, but the software that auto-ran on the user's workstation installed software (after the user clicked 'yes' of course) immediately started to attack (attempt to modify) SAV10. (Symantec Antivirus) I was then called by the user who claimed he was getting rapid-fire popups from the antivirus software. When I arrived, several hundred messages had come from SAV and I just kinda laughed when I saw it. I asked to borrow the CD for study. I found that the CD was fairly easy to duplicate under Linux... but I was also able to duplicate it under Windows using Nero wile preventing the autorun from starting. (The autorun program disliked Nero a great deal and wouldn't run with Nero installed on the machine!)
...rant ad infinitum...
It is getting rather ridiculous these days and there needs to be some clear-cut definitions on what the device-owner has the right to do with his own equipment without any consideration for media or content providers. Essentially, we need the consumer's bill of rights to declare unlawful any attempt to prevent a user from being able to do whatever he wants with stuff he owns. It should be illegal for a content or media provider to attempt to prevent me from doing what they might presume is illegal or otherwise undesireable to the provider. It is overstepping their bounds to attempt to control the consumer. It is an act against the free-market philosophy and should be ruled against. Such a bill of rights, if created and made law, should first be applied against DVD region-coding and Macrovision.
I wonder what would happen if somebody brought a small claims court case based on this...
[waves fingers in front of face Wayne's World style]
Judge Judy: So I understand that this man's company facak'ded up your computer? And it cost you 600 meshugena dollars to get it fixed?
Random Dude: Yes, your honor. I bought some lame ass CD that Sony price gouged me for (they have DJs to pay off you know) and when I put it into the CD drive on my Sony laptop, the drive stopped working and the computer didn't function properly. I went to my local Sony authorized dealer to have my computer serviced, but they weren't able to fix it. Since they said it was a software issue and not covered under the warranty, they charged me $200 (they have call centers to outsource you know). So then I was going to reload Windows XP, but my Sony laptop didn't come with the original CD (they have Politicians to bribe you know). So that set me back $400 for a new copy.
JJ: That is unconscionable. What is your side of the story?
Howard Stringer (CEO of Sony): He forgot to mention that we sued his kid brother for having music on the computer.
JJ: You, sir, are below slime. I find for the Plaintiff.
Or if it was on Texas Justice:
Larry Joe Doherty: Hey boy! I hear this guy cost you some mucho dinero 'cause of your computer or something?
[same as above, but with a different end]
LJD: Give that boy his $600! Now come sit in this chair and put this hat on!
The same scenario on Judge Joe Brown:
Joe Brown: I'm from the streets, but I've never heard of this scam. Tell me how it went down.
[yadda yadda from above]
[the judge sticks a shiv in the CEO and then hands the wallet to Random Dude]
JB: Case dismissed.
And on Night Court:
Harold T. Stone: $50 and time served...and Dan will fuck your wife and sister while Bull pulls out your arms and beats you with them.
[the judge disappears in a puff of smoke]
Here is the developer, on a kernel mailing list, asking for help with getting his rootkit off the ground.
w ww.osronline.com/showThread.cfm
http://66.249.93.104/search?q=cache:hDmbqX5yahgJ:
Is there a way that I can get the CDAUDIO filter driver example in the DDK to load and unload dynamically?
So you're telling me that if I prepend a file name with "$sys$" it will be nearly undetectable? Finally! An easy and effective way to hide my pr0n. I can't wait to buy this CD
https://rn.ftc.gov/dod/wsolcq$.startup?Z_ORG_CODE= PU01
Bring this whole debacle to the FTC's attention. Innundate them with requests so they'll be forced to take action.
...and you've eaten your pen. simply stunning.
You sure? I know Windows XP asks you what to do if there's no autoplay file on the disc. Do you know if it will ask you if you want to autoplay in the final version of Vista? Or is this just experience from a beta? And what happens when you double click on the cd icon?
This is, of course, a very, horribly bad, wrong thing. But it is, like jack thompson, so obviusly bad that it makes similer, less bad efforts, look bad, and could therefore be a good thing in the long run. opinions?
Anyways, in the mean time, just don't buy drm'd cds.
This crap is going to cripple their CD sales. The maliciousness of this is probably enough to get them out of their contract with Sony with *massive* damages. Nobody who hears about this will buy a Van Zant CD - this could very well kill off the band entirely because they'll be the band best known for a connection with this insanity, simply because Mark Russinovich happened to be a fan!
I'd say that this little rootkit might just f*ck it for anyone who listens to music at work. I remember laughing at a friend because his mom made him virus-scan all his CD's before putting them in the computer, because I big corp wouldn't bundle a virus, right?
So what happens when it gets out that music CD's will install a backdoor into you system. You will *not* be allowed to listen to you CD's at work.
On the bright side though, I'm hoping that a big corporation gets infected with Sony's little backdoor and then has them for lunch in court. There is no consent given to install the software, and installing a rootkit on a music CD is for all intents and purposes no more legal than sticking a spycam in with a light-fixture or something similar...
1) pretend you never read this story on Slashdot. 2) Ask someone you know from some 3rd world country to create a simple keylogger and prefix all executable with $sys$omgCo0LHackingPref1xS0nYIsL33t 3) Go to that someone's webpage and by chance your Internet Explorer 5 just happens to automatically install keylogger. 4) next day you find your computer ravaged by digital vandals from some far away country 5) you contact a good friend who just "knows a bit about computers" to help you and OMG!!! he finds that Sony Corp. (and throw in Microsoft there too for the full effect) aided those cyber fiends by opening the doors to your machine and so they contributed to the stealing and removal of priceless family photos, banking details etc etc. You tell the media how the cyber terrorists have been aided by SONY and how SONY is a threat to middle class suburbanville America. 6) sue Sony 6.5) ? [warning - obligatory South Park reference] 7) $sys$profit
I followed that link to Amazon's product page and "modded up" all the user comments that complained about the rootkit and DRM, so they will appear higher on the product page. I imagine both Sony and the artist will get the message if their high-profile page at Amazon.com is a big diatribe against them.
I encourage others to mod up such comments on the Amazon pages for this and any other playback-prevention CD they come across.
He who lights his taper at mine, receives light without darkening me.
As I've said many times in the past.... RIAA and MPAA members are evil. Quit buying their products. For those that can't quite wrap their mind around it, that means: 1. don't by music from RIAA artists. 2. Quit going to the movies. Simple.
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
SONY is WRONG to do this! Not law - shove the law! - they are MORALLY WRONG. Anybody who does anything on my hard drive for any reason and hides it from me is morally wrong. And thus am I ever justified in wiping it, cracking it, disabling it, or reverse-engineering it. It happened on my computer: therefore, it is entirely between me and whatever Deity I care to name what happens with it. And yes, Sony owes money to everybody they've done this to.
My God, don't people have any sense of basic human rights, anymore? Do you all want to be kept in dog kennels and fed dirt? Do you want ANY of the money you earn to go towards your personal enjoyment, or do you just work for the corporations for the priveledge of giving the tiny pittiance back to them? It's about time we brought back that term "MORALLY". Morals were here before laws, and they will be here long after the tinpot dictators who declared themselves God to make their stupid "laws" have crumbled to ashes and dust. And rightly so!
If you do this, then you are deliberately disabling a copy protection system, which is illegal under the DMCA. So Sony can sue you.
Wrong. You are not disabling it, you are removing it.
The DMCA prohibits breaking digital encryption or protections that are in place to protect data from being freely accessed and distributed.
Software on your computer is neither encryption nor protection; it is a program. As long as you don't break or alter that program, you can add or remove it from your computer all you want. Adding or removing a program is not breaking it, as the capabilities the program provides are added or removed at the same time.
It's only when you alter the program, or design a new program that circumvents its protections to gain free access to the content that you tread on the DMCA.
My computer has a DVD player program that it shipped with. Do you really think it is a violation of the DMCA for me to remove this program from my computer?? Hint: it's not.
Build a man a fire, he's warm for one night. Set him on fire, and he's warm for the rest of his life.
Anything which uses technical means of copy protection is not a CD.
Not entirely true. While you're correct that this is "not a CD", it's not because it installs malware onto your computer. Previous copy protection schemes did that. Anything bypassed by disabling autorun or holding down the Shift key falls into that category.
But those *are* CD's. Why? Because Red Book isn't the only standard out there. Specifically, those can fall into the Blue Book standard, also known as "CD Extra" or "Enhanced CD". Basically it's normal Red Book audio on the first session, and a second data session that only computers see. What's on that data session is irrelevant to whether it's a CD or not.
Now, in the case of Sony's new licensed malware product, yes, the CD contains malware using rootkit like methodologies, however it is also know to contain a bad/malformed Table of Contents (TOC) in order to break ripping software even if you have prevented the software from installing. This can be bypassed with some software (like CDEx), and appearantly Mac's have no problem ignoring the bad TOC anyway, but this malformed TOC is what makes it "not a CD" in Philips eyes.
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
enough said not?
This happened to me when inserting a friends original Beastie Boys CD in my PC to be ripped for my friend mp3 player; since he rips all his cd's here and uses his mp3 collection at home and at his work.
This was the biggest mistake of my life; I needed to reinstall fully; patches did not work anymore, my cd-rom didn't work anymore and I couldn't start my invoicing on my PC.
My complaint to BMG was never answered back; my post on the official beastie boy website was never answered back; so much for "customer satisfaction"...
I felt rather screwed by the ones that sell/sends corrupted audio cd's into this world...
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
To say that the author is "a developer" is an understatement. This is Mark Fucking Russovich! He has spent his life dissecting Windows and making it dance for him. He knows more about the internals of Windows than many of Microsoft's Windows team. If Mark says something on Windows is hard, it is. Take it as you might a comment by Alan Cox on Linux.
Search 2010 Gen Con events
It's a kinda ironic how nobody ever uses irony in the right context...
There is no way that optional software, which only MS Windows users are even capable of installing, can possibly be a "technological measure that effectively limits access" to the CD, assuming that the CD can also be played in audio CD players, read with cdparanoia, etc. The "technological measure" is one that wouldn't even be encountered in many people's daily use of the product, whether they are attempting to "bypass" it or not.
OTOH, if it's really just a CD-ROM that only contains files which are only playable with Microsoft's player (i.e. it will not work in any redbook audio CD player), then maybe Sony has a DMCA case. But I haven't heard of anything like that existing on the market (yet).
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
I don't like seeing these summaries and being left to think that my OS X and Linux systems could be compromised, then having to scour the linked article just to be sure.
This is becoming a common occurance on Slashdot: Articles about viruses and other Windows exploits are posted with no hint as to their platform-specific nature. "Systems" are attacked. Is it so difficult to write "Windows systems"?? And then of course, when vulnerabilities of non-MS stuff like Linux are reported, the platform in question is Big News. So on top of vagueness WRT Windows, I get bias. Its like reading the front page of ZDnet.
Please just mention the friggin platform, thank you.
I was considering buying a console, and had been somewhat torn between an XBox360 or a PS3. Thanks for making my choice for me, Sony!
It's official. Most of you are morons.
Yeah, yeah. Ok, everybody, go ahead and don't not have a little laugh at my expense.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
It's SUPPOSED to be a fucking AUDIO CD!!
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
After reading the article, the controls / restrictions on recording and playback sound very similar to the restrictions on my recently purchased ColdPlay X&Y CD and my Paul McCartney (Chaos and Creation in the Backyard) CD. I've not tried to play these CDs on my PC, nor have I tried to rip them to MP3 yet... I wonder if anyone would know if these EMI discs use the same *cough* wonderful DRM *cough* scheme as the Sony Disc from the article?
My CD collection exceeds 1000 titles - I've no need to steal ANY music...but I'd be happy to pay a $1.00 'tax' per future CD purchases to cover the loss of revenue from people who steal music - IF that will eliminate all this DRM crap. (hopeless dreamer, I know)
Unfortunately, you're wrong.
It is indeed possible for a passive piece of software to commit tresspass. By not informing the user of the full range of capabilities of the program, particularly those that the user would not expect from the nature of the software, you're running a trojan, not a legitimate piece of software. (Don't give me crap about how a user should 'expect' to be screwed in this circumstance; it doesn't work that way.) A rootkit like this essentially is akin to a person asking you over to their house for a while, and, while they're there, they take your keys and make copies. Then you tell them you want them to leave and never come by again, but they don't give you back the keys -- or tell you that they were made. This is certainly conspiracy to commit tresspass. Oh, and furthermore, if you try and change your locks, the plumbing in your house stops working. Whoops!
Sthe program be so poorly designed (or maliciously designed) as to interfere with the functioning of the computer, -particularly- when the user decides to (quite legally) cease to be bound by the licensing agreement (by removing the software necessary to access the content,) then you're committing a crime against chattel -- essentially a kind of vandalism.
IANAL
I'm a HUGE Idlewild fan - I paid upwards of 26 American dollars for an Idlewild t-shirt to have it shipped here from the UK. Your bit of news is extremely saddening to me.
Naturally, it's their label and not their fault, but still...
+++ATH0
...you can report Sony's illegal acts here!
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
I think it's possible that Our Lady Peace just suck so hard that the kid's computer had some kind of stroke.
Voodoo Girl is the bomb!
I am under *NO DOUBT* whatsoever that Sony will simply point the finger at first4internet, and simply say "We simply contracted them to provide a content protection scheme - we are unaware of the implementation" (or words to that effect). Given that the tech has been sold to several other record companies, I'm pretty sure that's close to the mark as to what actually happened, too.
So, it's first4internet who will take the heat in a criminal case, not Sony, no doubt.
Sony is evil and all, but I don't think it was Sony who was responsible for the way it works...
smash.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
It would be sweet if that file "$sys$bittorrent_client.exe" was under the radar and sharing the same music that it was suppost to be protecting. Sony would have a SERIOUS beef with... themself. Infected people might not care less.
...When an audio CD roots your box. Never fear though, Vista comes pre-rooted with DRM goodness!
Working in a DevOps shop is like playing in a band made up entirely of keytarists.
There's no 'on' position on the Slacker switch!
This is NGTCB. The submitted obviously hasn't been keeping up with Newspeak. Don't worry, I've already reported them to Minitrue.
There is no warning on the Amazon UK site for this CD.
Any rootkit would be clear violation of sections 2 and 3 of the Computer Missuse Act. This Act comes from EU treaty obligations so substantially similar legislation exists throughout Europe. The territorial scope of this Act only requires one of the parties to the offense to be in the UK. So buying this from Amazon UK should cover you even if you dont live in the UK.
Here in the UK they (sony's execs) should be able to get jailed for this under the Computer Misuse Act, hell didn't we just jail/convict some poor guy for accessing a website with ../../.. (cos he wanted to check that the site/cause he just donated to hadn't been compromised)
Oh wait, induhviduals get jailed, corporations get fined a miniscule fraction of their revenue.
Silly me.
You seem confused - which is it? A CD or not?
If the TOC isn't valid, it doesn't meet the spec, and isn't a CD. If it meets the CD specs, then a PC won't have any problem reading it without the software.
"National Security is the chief cause of national insecurity." - Celine's First Law
I think the answer to this outrageous abuse is simple: stop buying all DRM CDs, beginning with Van Zant's "Get Right with the Man". If the artist feels he is being harmed by Sony's use of DRM, they will force the use of standard CDs. [ ]s, Pedro RJ/Brazil
I think it is very inaccurate to call what Sony did "trespass,"
No, the person clicking on the icon has a reasonable expectation that all they're doing is playing music, not triggering the deliberate compromise of the basic integrity of their system with a root kit.
Of course the marketing parasites will try to wriggle out of admitting this with the usual marketing spin and lies.
---
Marketing talk is not just cheap, it has negative value. Free speech can be compromised just as much by too much noise as too little signal.
...I have nothing of value to add to the conversation, but I want to share how mad this makes me! Grrr! I'm steaming!
F-secure's page about the XCP DRM Software: http://europe.f-secure.com/v-descs/xcp_drm.shtml
The truth or interpretation..
Once again, we see a total lack of understanding on the side of content creators. Instead of providing us with added value, the provide us with hard to remove malware that will cost us, honest customers who bought an actual cd, cpu and memory resources, not to mention possible back doors into our home computers.
In a world where a computer more and more becomes a tool for content creation and is used more and more as a media hub, unfortunately most of the time based on an operating system known for its insecure architecture, this is a very worrying trend.
We see the same thing happening with content creation software. Dongles, challenge-response systems, it is made harder and harder for legitimate users to use the software, while the odd cracker is very capable of evading whatever copy protection or DRM scheme might exist in the software.
Now I am a firm believer that it is quite okay to pay for quality. I am also a firm believer that I should (and I do) pay for the software I use for my content creation (photoshop for my digital darkroom needs, pro tools for my music making needs). But why the hell should I, as a legitimate customer, pay for insane copy protection mechanisms? They do not add value for me, instead they take value away, in terms of storage, CPU cycles and memory.
This is crazy, and some interprising IP lawyer who's tired of doing billable hour work is going to be all over this.
Make love, not reality television.
At least, not by sony!
:)
Now really, who wants to buy a cd that will render your system unusable, and your privacy invisible?
Not me.
Thank god I do not use windows or drm-based hardware
Buanzo Consulting - 15 Years of GNU/Linux experience, for you.
exhibit one for the GPL - this is why linux has not penetrated the desktop. because of vendors, companies pulling crap like this.
man - I am so glad I do not have windows in my life. Just because of this crap.
the riaa and mpaa are going to go broke if they continue to do this crap - the sheeple will follow only so long and then revolt.
so knock it off you knuckle heads. you are telling people are guilty that are legititmately buying your product of stealing.
how insulting is that?
My First RootKit!
So run the setup as Administrator. Either right-click on the icon and select "Run as..." or use the command line and use the command "runas."
F-secure's BlackLight detects it, although they advise against using the removal tools to get rid of it - it might disable the access to that drive letter. http://www.f-secure.com/weblog/
OK. So I, and many other Slashdotters, are usually roped into tech support for family and friends. Just why I thought I was getting some way on top of things with SP2, firefox and AV, this comes along.
.....
So after all my hard work, my little cousins just go out, buy one Sony CD and WHAM! All my efforts gone to pot as the worlds biggest backdoor is slapped straight onto the system. It's not like you can tell teenagers NOT to buy CDs. And really I shouldn't have to.
Gods what if they put this stuff on the CDs the Adults buy!?
It's going to be a llllooonnng christmas season.....
May the Maths Be with you!
It's not Linux compatable; sigh....
I am the unwilling control for my Origin.
Would this result in multiple instances of the DRM rootkit beng installed if multiple CDs with the same software were run by the user? Or after the first one would it just see it is already there? Just wondering if eventually, if it is cumulative, if the machine would just bog down into 100% CPU usage and become non functional.
See:k it_drm/
Removing Sony's CD 'rootkit' kills Windows
http://www.theregister.co.uk/2005/11/01/sony_root
The lean toward calling it exceptionaly bad DRM, rather than a rootkit. Fair enough. It doesn't contain anything that maintains a cracker's ability to reenter a system, which is part of most people's definition of a rootkit.
But its good to see that they've picked up. Other media outlets often seem to follow what's seen on el Reg.
What you do with a computer does not constitute the whole of computing.
It's a bit more serious than how your computer might get screwed up if you try to undo this. If a staff member innocently tries to play music in their bank, and this introduces security holes that could be used to hack into the bank's systems, then the legal implications are probably quite staggering.
Now, after I run Adaware, Spybot, CWS Shredder, Panda Activescan, AVG, and other spyware/AV/ect products on someone's computer, I'm going to have to ask them one more question.
Have you bought any music CDs lately?
And when I tell them that buying legal music and playing it on their computer can slow it down... People are going to be completely upset and thinking "WTF."
Here's an article mentioning the XCP technology written from a shamelessly pro-DRM point of view. Very little technical detail given (unsurprising given it's a puff piece), but still interesting to see what's currently being done (the XCP-1 watermarking technology) and what business would like to see done (RFID-tagged CDs and players which only play CDs that are correctly tagged).
No. If you really want to fight clearly illegal activities like this, then sue Sony in small claims court and name the store you bought the CD from as a co-defendant.
Sony probably won't care if they lose a customer or two. They will definitely care if they lose a few retailers because of the fear of exposure to litigation.
We're always complaining about how broken our legal system is, right? Well, maybe their tactics work in both directions. Remember, the GPL is a clever hack on copyright law. Perhaps we need to start hacking other legal constructs as well.
Dewey, what part of this looks like authorities should be involved?
1.) It's a rootkit
2.) It deliberately hides itself from the customer
3.) They deliberately deceive the customer by hiding certain processes with names such as "Plug And Play Device Manager".
Why aren't people going to jail/being heavily fined for this? Wtf?
OK, so it has this service that sits around eating up all your CPU monitoring all your running programs, checking their names and file sizes and looking for something... What is it looking for? Illegally copied software perhaps? What is it going to do when it finds it? If that is not what it is looking for, then what is the point of collecting all that information? Where is that information logged? In the oct.sys file perhaps (since it seems to be growing in size in the two pictures in the article and have an updated time stamp)And if it is not going to use it for the purpose of reporting "pirated" software, then is it just logging it locally somewhere so that if you had a lot of copyright infringement going on then they would have some kind of log of your activities? Or, is there also a way for them to trigger a report somehow?
Randy.Flood@RHCE2B.COM
Using the right software on Windows, you can prevent unwanted registry modification. In this case my own software called RegDefend ( Free version available ) would have alerted you to Sony trying to install the driver in the registry, and also if the user has set it up, to be alerted if the cdrom filters changed at all.
This doesn't change the fact that the Sony software might not "work" without the "rootkit" it wanted to apply to the system, but at least you would have known about it with something like RegDefend installed. In this particular case, Mark would have known that the CD software was installing a driver and wouldn't have needed to check with a rootkit detector several days/weeks after it was installed. Installing linux and hoping it isn't targetted in the future by companies/malware is basically security through obscurity which nearly always involves the most cleanup if something bad happens.
And i mean everything and anything from Sony, not only CDs.
It all boils down to:
- Do you trust this company?
I haven't trusted them for the past 4 years so i haven't bought NOTHING AT ALL from Sony. I actively boycot all their products.
Vote with your wallets people, all you have to do is resist the temptation to go all "uuuuh shinny!" whenever Sony puts out some new gadget.
That's so twentieth century. I've long ago said "goodbye" to the small round silvery discs, and said "hello" to iTMS.
Despite what EULAs say, most software is sold, not licensed.
Thank God I do not buy music anymore.
This space intentionally left blank
C'mon folks, fire up your editors and compilers and have some fun!
"What in the name of Fats Waller is that?"
"A four-foot prune."
Most people don't like it, but I have to fall into "blame the victim mode" here. What the guy who just shot your brains to the wall did wasn't a murder. It is 100% impossible for a few grams of lead to kill you. The molecules of your own head, working as parts of you, actively moved away from the lead atoms.
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
Yes I was aware that Ronnie Van Zant was killed in a plane crash, but Johnny Van Zant was also in Lynard Skynard and is still the lead singer in the current tours.
I didnt know about Donnie.
Real SUV's don't have cupholders
It's 5:42 A.M., do you know where your stack pointer is?
Here is my 2 Cents on what is so Dangerous that Sony should be sued for it!
When Sony Installed this Root kit according to mark's Sysinternals Blog - http://www.sysinternals.com/blog/
I quote:
I studied the driver's initialization function, confirmed that it patches several functions via the system call table and saw that its cloaking code hides any file, directory, Registry key or process whose name begins with "$sys$".
To verify that I made a copy of Notepad.exe named $sys$notepad.exe and it disappeared from view.
This means that ANYONE who has this ("Sony Root Kit") installed ("And not looking for Root Kits 24/7, The person that found it, Mark, did not even know it was there, and would have not found it had he not been testing the latest version of RootkitRevealer") CANNOT view ANY file, directory, Registry key or process whose name begins with "$sys$" in Windows Explorer or the registry, or process viewer and actually files and directories may not be seen from the command prompt as well, in some cases, I quote from Mark's Blog:
I therefore checked to see if I could examine the files within the hidden directory by opening a command prompt and changing into the hidden directory. Sure enough, I was able to enter and access MOST of the hidden files
From the Sony EULA, the ONLY reference to any software being installed http://www.sysinternals.com/blog/sony-eula.htm I quote:
As soon as you have agreed to be bound by the terms and conditions of the EULA, this CD will automatically install a small proprietary software program (the "SOFTWARE") onto YOUR COMPUTER. The SOFTWARE is intended to protect the audio files embodied on the CD, and it may also facilitate your use of the DIGITAL CONTENT. Once installed, the SOFTWARE will reside on YOUR COMPUTER until removed or deleted. However, the SOFTWARE will not be used at any time to collect any personal information from you, whether stored on YOUR COMPUTER or otherwise
Hmmm, well they just created a BACK-DOOR for anyone who has this root kit of theirs to get ("Personal Information").
Sony even made sure the Root Kit would Load in Safe Mode as well, I quote from Mark's Blog:
As I was deleting the driver Registry keys under HKLM\System\CurrentControlSet\Services I noted that they were either configured as boot-start drivers or members of groups listed by name in the HKLM\System\CurrentControlSet\Control\SafeBoot subkeys, which means that they load even in Safe Mode, making system recovery extremely difficult if any of them have a bug that prevents the system from booting.
For all Practical purposes Sony has disabled ALL protection from Viri, Spyware, Trojans and Root Kits on the computers that installed their Root Kit IF that Malware uses a $sys$ cloak! for the vast majority of Microsoft Windows computer users.
So IF/WHEN someone creates OTHER Root kits, Viri, Trojans, Spyware that uses this $sys$ cloaking ("Installed Courtesy of Sony") and ANY damage is done to a system because of it, who is responsible for said damage?
Any comments?
Black Gray White Hats Unite to protect http://testing.OnlyTheRightAnswers.com
From xcp-aurora.com ("The Alleged creator of this ROCK-SOLID protection methodology")
http://www.xcp-aurora.com/xcp1.aspx
Quote:
"XCP1 - Burn Protect
XCP1 pre release technology is designed to provide copy protection onto compact disc recordable media (CDR). Its methodology is an encapsulation process that wraps around the audio content controlling device access. This technique enables the information contained on the disc to be protected without being altered or affecting sound quality. The control program provided as part of the disc management system does not install any programs that alter your access to the content. XCP is deployed through Aurora Software and provides two options for CDR protection."
End Of Quote.
I think it WRAPS around any prior functional protection method the vast majority HAD to protect their Windows Based computer ("Lets Not Forget NETWORK, if you happened to have installed this stuff on a system that's logged on with FULL Network Privileges")
True, the control program does not ALTER your access to the content, it just allows potential World-Wide access to any content on your Network it is installed on and makes WEP look like Quad-WPA encryption when compared to the holes this opens.
Quote From xcp-aurora.com
"XCP1
XCP1 is designed for CD Audio and PC & MAC playability. Levels of protection are very high and recipients of XCP1 copy protected CDs will find it difficult to digitally rip or burn the Red Book content of the CD."
End Of Quote.
Yes however it appears that it was just made much easier to FTP the entire contents of any and all system and possibly Network Media device(s) this stuff has been installed on.
All comments in this post made by ZOverLord are strictly the opinion of ZOverLord and do not reflect the opinions of any other person or entity including the site it was posted on.
Black Gray White Hats Unite to protect http://testing.OnlyTheRightAnswers.com
If you do this, then you are deliberately disabling a copy protection system, which is illegal under the DMCA. So Sony can sue you
You can disable copy-protection to your hearts content, Doug. What you can't do is circumvent it.
If I don't have a copy-protected CD in the drive, their copy protection rootkit/driver isn't doing anything. I can remove it with no legal reprecussions. It will just install itself the next time I put the CD in the drive.
Now, if I try to rip the songs by cirucmventing the DRM rootkit/driver, then yes, that's a violation of the DMCA.
Nevermind the fact that if you complain to sony that you can't play your DRM'd CDs on your iPod that they'll TELL you how to circumvent the copy protection.. but I suppose then you're doing it with their conscent.
Most people don't like it, but I have to fall into "blame the victim mode" here. What Sony did, was not trespass. It is 100% impossible for a passive piece of media (a CD) to trespass on a computer. The computer, working as the user's agent, actively loaded and executed code from the CD.
So that explains why it's perfectly legal and justified to trick someone into loading a virus onto their computer, because if they're too stupid to know not to run it, they deserve what they get?
What we're talking about here essentially boils down to a Trojan horse program. No one expects the CD to install a rootkit when they put the CD into their computer.
Do you think the creators of a massively destructive virus would get let off the hook because they displayed a EULA that says "Whatever happens to your computer is not our fault" without mentioning the specific threat they intentionally created?
The libertarian solution to the failures of capitalism is to apply more capitalism til the failures are fixed.
Well, it it pretty much the same thing. The software (Corporate or otherwise) just automates the running-amuck.
BTW, if Andy Tanenbaum The Great had wanted to comment on this SONY disaster, he would have published his opinion directly under his own name on his own hp.
Greetz,
Waran
Sig? What sig?! Ah, sig! Sigh.
Not really
-------- In Soviet Russia, "Soviet Russia" sigs hate Slashdot.
I have been talking about running untrusted code in general, but especially if we look at this particular example, there's even more to say about "expectation." This particular CD is known to be copy-protected. I don't know if it says so on the packaging, but it's pretty blatant on the Amazon page.
How else, other than compromising the integrity of the reader, can copy protection possibly be implemented? The user knows that normally, he can read a CD and do anything with the data. What does he think is going to happen if he runs code from a CD that is labelled as protected? Please, give any possible example of what the executable code even might do, other than act in a hostile manner. Copy protection either does something bad, or it fails to work.
In general, a person has a reasonable expectation that clicking a CD is a safe thing to do. Windows users, however, are special. Windows users have a reasonable expectation that clicking on a CD, will not just play a CD, but also may execute foreign code, which is a behavior that always comes with risk.
CD buyers, in general may have a reasonable expectation that commercial CDs do not contain dangerous code (I think that's naive, but I'll give the benefit of the doubt here), so it is irrelevant whether or not they execute whatever code may be there. Buyers of copy-protected CDs, have a reasonable expectation that whatever code is on that CD, is intended to compromise the capabilities of whatever device executes it and work against the user's interest. (Working against the user's interest is what copy protection is about. That's the whole point of copy protection.)
Ergo, Windows users that buy copy-protected CDs, have a reasonable expectation that clicking on a copy-protected CD will execute hostile code that was written with the intent to work against the user's interest.
I guess we can argue about to what degree that hostile intent should be manifest, but the user knew that something bad was going to happen.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
You also failed to mention that gun was actually labelled "may cause harm to target" (the CD was explicitly said to have hostile intent against its users, therefore whatever foreign code it contained, could be assumed to do something bad). It wasn't accidental suicide, it was either deliberate, or at best, due to extreme recklessness/carelessness (e.g. someone pointed a gun at their own head and pulled the trigger, thinking it wasn't loaded -- oops).
When it comes to deliberate suicide, hell yes I blame the "victim."
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
To continue these analogies, you didn't know it was a gun. It looked like a CD, but in reality blew up when you tried to play it, and propelled a piece of plastic through your head. But the CD case contained a warning that that would happen, hidden in a long text and worded very vaguely, so obviously it's your own fault for not realizing that you must be on your guard against explosive CDs.
Because it is perfectly reasonable to expect that when one buys a CD, the first thing one does is search any warnings that the CD might install malware when played. Is that really reasonable ?
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
Probably the best way to show that not all the consumers are as stupid as Sony hopes that we are is to vote with our pockets. Boycott them until they offer a suitable solution to this mess, apologize to the consumers whos computers may have been damaged and change their strategy all together. I have started a petition which I hope will make its rounds. You are all welcome to sign it and send it on to everyone you know. http://www.petitiononline.com/sonydrm/