Slashdot Mirror
More on Sony's "DRM Rootkit"
A couple of days ago we posted a story about Sony DRM installing a rootkit. Since then we have seen many more stories on the subject that I thought were worth sharing.
manno gave us a link to the inquirer and salemnic sent us a page from the washington post. smallfries gave us one from PC Pro.
It's nice to see this story not getting lost in the cracks since the implications are gigantic.
"infected with DRM"
Love it. Great phrase. Maybe it'll catch on.
Ok sure, so boycotting Sony is not realistic. Or is it...? We can really do without them. Screw their stupid DRM'ed Memorysticks, we have our SD and CompactFlash. Screw their VAIO's, we have Dell and Taiwanese laptops.. Screw their TV's, we have better ones from other brands. Screw PS3, we have XBOX2 and Nintendo Revolution. Screw PSP, we have Nintendo DS. Once they get the collective shaft, well, other companies will think twice before pulling shit like this.
That this sets a precedent, and that Sony don't wriggle out of this, at the very best it could point out some of the absurdities of the DMCA.
Based on the grounds that it re-routes the windows instructions on how to play *all* audio CDs. If you remove the DRM by force, you lose the ability to play other music as well.
Interesting.. Some reports Finnish reader of this news in Sektori.com (in Finnish) reports Contents\GO.EXE file seems to contain parts of the LAME player. Can anyone verify this? Is Sony distributing LGPL software on the CDs?
"Although it is not true that all conservatives are stupid, it is true that most stupid people are conservative."
I guess I'll send them a sharply worded letter first, but I really don't see any way that I can do any business with a company like this. Not even as a shareholder.
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Even if you do agree to give Sony the rights to your first-born child in the EULA, wouldn't this violate laws in some states, such as the Consumer Protection Against Computer Spyware Act in California?
English is easier said than done.
If you can manage to find the hidden software files and do delete tehm as suggested in the EULA, you will no longer be able to access your CD drive.
Funny how no mention of those points are made in the agreement.
As soon as you have agreed to be bound by the terms and conditions of the EULA, this CD will automatically install a small proprietary software program (the "SOFTWARE") onto YOUR COMPUTER. The SOFTWARE is intended to protect the audio files embodied on the CD, and it may also facilitate your use of the DIGITAL CONTENT. Once installed, the SOFTWARE will reside on YOUR COMPUTER until removed or deleted. However, the SOFTWARE will not be used at any time to collect any personal information from you, whether stored on YOUR COMPUTER or otherwise.
Emphasis is mine. Anyways, nothing is the EULA says that I can't just go and delete it. Sure, it may reinstall, but can't we delete it the minute we eject the CD? Can we write a script to do that?
Well Sony has all the reasons to mess with PCs stuff. They don't *really* want people to use their PC for any media stuff... Sony wants everybody to use custom hardware solutions made by Sony. PS3, PSP, Memory Stick,.....
So messing with your PC looks like a good thing to do for Sony (especially since it also f*cks with MS).
Has this passed? Is it applicable?
0 2929:
(4) inducing the user to install a computer software component onto the computer or preventing efforts to block installation of a software component;
http://thomas.loc.gov/cgi-bin/bdquery/z?d108:h.r.
If they used racketeering laws to go after the RIAA, why not antispyware legislation against this?
Sadly, most people don't care anymore.
The other day, I was driving with my fiance when we got on the topic of cd's. She proceeded to tell me that there's this great cd that I need to get because the band is really good. I proceeded to tell her that I haven't purchased a cd for almost 4 years now because of my dislike for the RIAA. After explaining everything to her, she just got all flustered and said that she didn't care about all that crap. She didn't care that even though she paid for the cd, she didn't fully own. She didn't care about all the bully tactics the RIAA uses. She didn't care about any of that, she just wanted the music.
I agree with you that the majority of the people just dont care. As much as I try and inform people of all the crap the RIAA pulls, it just goes in one ear and out the other.
For now, I suppose I'll just continue on with my silent protest.
The greatest experience we can have is the mysterious.
- Albert Einstein
People are using Sony's software to violate the ToS of World of Warcraft.
Something that they tried to HIDE on people's computers to RESTRICT them. People are now abusing it against Blizzard. Blizzard has 'just cause' to start a lawsuit.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
I perfer my idea but sure, or you could take in an old box and drop it on the front desk and go "Excuse me, you've installed a virus on my PC via a Sony CD. Will you be removing it or should I charge by the hour at £X00(add as many 0s as you likee, but 2 sounds about right) for having to remove it via a repair guy (don't say you, it seems supicious).
:D
Demand compensation (for petrol to get there), the money to fix it and if they refuse tell them you'll take them to court for the damages (claim the box was used for something important like hosting websites and the rootkit has not passed some safety tests that all servers must pass at your company).
Aww the fun of being a sick little geek
I like muppets.
I showed the last to one of my coworkers, who immediately started worried about a recent Switchfoot CD he played on his machine. Sure enough, not only did the CD have DRM on it, but it seems to have installed the same rootkit as the example given in the Sysinternals website. Which of course makes me wonder, how many CDs did Sony put this into?
I'm starting to think it'd be worthwhile to create a domain policy to prevent this malware from running on any of our network machines....
Shameless plug for my photos on Flickr
Hello.
I have just learned about the malware that Sony has started to add to "compact disks" (in quotes, because Sony breaks the CD standard) via poorly-written DRM software from First4Internet. It is simply unconscionable that Sony would resort to such unethical lengths to prevent the pirating of a software. In fact, criminal trespass comes to mind, given that the software differs from what is described in the EULA and non-removable.
I'm outraged at this behavior demonstrated by Sony, and I can assure you that I am no longer a Sony customer. In short, although I am a computer enthusiast/technologist who builds his own systems and enjoys gaming, and although I am a scientist who uses high-end computing resources on a daily basis, I won't be purchasing any of the following from Sony in the next few years:
1) Stereos and portable audio equipment
2) Flat screen televisions, plasma TV's, etc
3) High-end computer LCD monitors
4) Laptop computers
5) Computer CD and DVD drives
6) Sony-branded CD, DVD, and floppy disk media
7) PlayStation 2 or 3
8) PlayStation Games
9) PlayStation Portable
and needless to say,
10) Sony and BMG music.
If you break standards on DVD equipment, add Sony and Columbia TriStar movies to that list.
Thank you for making my future purchase decisions so much easier.
Sincerely,
****
OpenSource.MathCancer.org: open source comp bio
Is there a list of CDs that are affected, except the one Mark Russinovich used.
Timo's Audio Software http://www.esseraudio.com
"So, technically they are in the clear..."
In the good ol' USofA, there is no technically clear in civil litigation. All you have to prove is something as simple as your reasonable expectations. Doesn't matter what the EULA says or if they did anything illegal.
IANAL, but it is my impression that in the eyes of the US courts, you not only have to follow the letter of the law, but you have to ensure that you are conveying a reasonable perception about what your product does. That fine print means nothing if the court finds it too difficult to read, or makes unfair claims (ie - By installing this, you transfer ownership of your computer to us... which is what a rootkit comes closest to without physical possession.)
Civil cases aren't really about the law. They're about damages, and a propoderance of evidence (more than 50% in your favor... a lot less than the reasonable doubt standard of a criminal trial). It may not be against the law for you to spraypaint your trees pink. But if I'm your neighbor and plan on selling my home, I have every right to sue you for damaging the property value of my home. Getting a few other neighbors to testify, and it'll win just on proponderance of evidence.
IMHO, I'd sue the hell out of Sony in a class action lawsuit. Look at it this way: you may not win a lot of money each, but it'll probably be enough to repurchase that CD and a few others with no DRM.
I8-D
If SONY circumvents the security I have installed on MY machine with their rootkit are THEY in violation of the DMCA?
I wonder how ms, mac and winamp feel about this anti-competitive behaviour against music players?