Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sony Music CD's Contain Mac DRM Software Too

Posted by CowboyNeal on from the no-one-is-safe dept.

brjndr writes "A MacInTouch poster has found that certain Sony CD's also contain a smaller extra partition for 'enhanced' content. Running one of the applications found within this partition installs kernel extensions containing DRM software by SunnComm. In Sony's defense you're told what is being installed within a EULA which pops up when the program is loaded. Thankfully we all read our EULAs completely."

16 of 399 comments (clear)

  1. Think different... by Space+cowboy · · Score: 5, Interesting

    [See my journal entry for my previous comments on this]

    To summarise: it's impossible to protect against truly clueless users without severely inconveniencing everyone else, but Mac OS X at least lets you know something dodgy is going on (a request for administration rights, just to play a CD, say what ? No *other* CD's needed that!) I guess it helps to have gorms, though...

    THM: It's a difference in attitude. It *does* make a difference.

    Simon

    --
    Physicists get Hadrons!
    1. Re:Think different... by npietraniec · · Score: 5, Informative

      If you use a mac, you'll find that you type in your password far less than you might think you would. I don't do it that often, I don't think I'm that desensitized... I don't do it that often on my linux boxes either. My roommate however tried to set up a non-admin account on his windows computer and found it impossible to get any work done without changing over to admin all the time... Worse yet, things would fail mysteriously without any inidication of what the problem was "why can't I delete my documents on my external harddrive?!?!" He was just complaining about that today.

    2. Re:Think different... by ReformedExCon · · Score: 5, Funny

      2) is obviously a fat little squirrel. I like to draw squirrels a little thinner: 1xf

      --
      Jesus saved me from my past. He can save you as well.
    3. Re:Think different... by josephdrivein · · Score: 5, Insightful

      "rate yourself on a scale of 1-10 on how good you are with computers, and we'll adjust the system alerts accordingly"...

      Think what a hell would become the customer support: everytime something happens the system may respond to the user in 10 different ways.

      And if a user logs into another mac (at Internet café, library, university etc..), she well have to know if it's configured for dummies or super-geeks or whatever. I may even add that as she gets used to her mac she will want to try to step to the next level, but the user has to learn again how the system behaves.
      And so on.

      It has been proposed more than once, but I doubt it will be ever implemented, as it is a usability nightmare.

    4. Re:Think different... by @madeus · · Score: 5, Insightful

      That's the problem. Clueless mac user is probably expecting to be installing software about then. The CD told them they need a player to see the dancing pigs, for example.

      You don't need to authenticate to install applications on Mac OS X. Installing applications - like Microsoft Office - involves just dragging the application (or the folder it's in) from the CD into the Applications folder on your hard disk. Even things like Real One Player and Windows Media Player work this way.

      When you do actually get a dialog, Mac OS X also tells you what permissions are being requested on the password dialog (e.g. full admin access, or just permission to modify a specific system setting, etc) as well as which application is requesting the permission. In reality, most of the time people see a dialog in Mac OS X which requires authentication, it's because of an interaction with the OS itself (such as changing a system setting) that the user has just performed.

      If a users sees an Application (including plugins) requesting this sort of permission that should really ring alarm bells. Only things like new drivers (e.g. for that new camera you just bought) should be asking for things like that.

      It's fair to say here is room for some improvement in the dialog in that it should better reflect this (perhaps rasing a more severe looking alert when it's anything other than the OS or bundled Application requesting any sort of privileged access, which explains something along the lines of the previous sentence).

      On the subject, it could do with some means of forgery protection (things like an embedded image in the window have been suggested) so that you can better trust it's an authentic authentication dialog. If your paranoid.

      Technically Windows allows for roughly this sort of behaviour too (that is, you should never need admin permissions to install a regular application) but the large number of badly written installers - combined with the lack of a K.I.S.S. approach in the OS - seem to have conspired to make admin level access madatory for even the most mundane tasks.

      I bet if vendors (and I include both Apple and Microsoft in that) implimented privilage dialogs that were scary and intimidating enough to users (perhaps with a default action of 'deny') 3rd party application developers wouldn't ask for them unless they really needed those permissions.

  2. Illustrates why... by rsborg · · Score: 5, Insightful
    the basic OSX security of "Administrator == sudo rights" as opposed to the Windows approach of "Administrator == anything goes" really does make a difference. In the windows portion, Sony just ignores the user and installs all sorts of crap (using autorun)... but on the Mac side, they have to play nice, or the user will not be "convinced" to enter their password to install the software.

    Who knows how evil the DRM is, once the install is made, but jeebus... talk about an issue of trust (just for the installer)!

    --
    Make sure everyone's vote counts: Verified Voting
  3. At least this means one good thing... by fitchmicah · · Score: 5, Interesting

    This is a sign that Mac OS X has a large enough userbase for Sony to worry about Mac users stealing music.

  4. Re:Why yes, I give my admin password out on reques by MichaelSmith · · Score: 5, Funny
    should throw up *some* sort of red flag

    A client of mine once got an email instructing telling her that a virus had been installed on her system. She was to immediately locate a file (I think it was COMMAND.COM) and delete it, which would remove the hazard.

    She forwarded it on to me (just in case I needed it, you see) and then sent me a second email because the person who sent her the message had trashed their system, and she thought I was about to do same.

    When it comes to stupidity among users, I will believe anything

    --
    http://michaelsmith.id.au
  5. Re:Admin Privileges by Bananatree3 · · Score: 5, Insightful
    YOU may not even consider such an idea, but not everyone is so tech-savvy. Think of all the Joe users out there...

    Joe user: What's this I see? I have to enter my password to play a music CD? Oh no biggy, its just a music CD. What harm could it do?

    That is my concern. The average user sees it comes from Sony, a "trustable" company, and doesn't give it a second thought. A very lethal combo
  6. Re:daft... by dorkygeek · · Score: 5, Insightful
    Joe Desktop doesn't care and simply installs whatever malware is needed to listen to the cd.

    --
    Windows is like decaf - it tastes like the real thing, but it won't get you through the day.
  7. McCarthyism doesn't sound so bad now... by Anonymous Coward · · Score: 5, Interesting

    Why not find the names of the individual programmers who coded these rootkits, and make sure they're unable to ever get a job ever again? It was perfectly reasonable to keep Communist sympathizers out of Hollywood and government when Senator McCarthy went on his crusade -- why not keep DRM sympathizers out of the programming industry? Treat them like shit, refuse to hire them anywhere, and make them unable to ever afford food and shelter ever again without humiliating welfare subsidies.

    Of course, criminals will always hire criminals; a thief will always have a chance at getting hired by the Mafia, so I don't expect this will completely work. Computer companies that have overgrown beyond their event horizon of personal responsibility such as Sony and Microsoft will always be a haven for crooks and guttersnipes. But every responsible company still around should outright refuse to hire anyone who's ever knowingly developed anything related to DRM; conduct background checks on every potential employee's employment history and slam the door in the face of any DRM sympathizer looking for a job.

  8. Sony just lost ~5000 euros by Ripper · · Score: 5, Interesting

    I just renewed my living-room home-entertainment system for almost 5000 euros. The two finalists were a all Sony set vs. Panasonic + Harman Kardon + Infinity. Guess which finalist got my money after reading up on the Sony DRM scheme... Yep, I'm a happy Panasonic+HK+Infinty owner. Added a One-for-All remote and the functionality is pretty much the same as using a complete set from the same vendor.

    And this was definitely the last time I even consider Sony. Forget the new Playstation, if I have to choose from the two bad options M$ vs. Sony my money goes to M$ in this case.

    As big a fan as I am of the Van Zant brothers, I just can't think of buying the album after all this. Luckily it was available without DRM somewhere else. It's a shame for the artists though, they didn't get thei $0.50 or whatever they make per sold CD.

    I know my 5000 doesn't bankrupt Sony but if more of us start voting with our wallets maybe they will realize they can't keep on shafting customers every chance they get.

  9. At first, it seemed like a bad idea... by bennomatic · · Score: 5, Interesting
    ...but maybe Apple's right on the money with their "tamper-resistant software." Forget about hackers and pirates; I don't want $ony taking over my machine.

    It may sound paranoid, but once they start messing with the kernel, you really don't know what they're going to do...

    --
    The CB App. What's your 20?
  10. Re:bondage by Mistshadow2k4 · · Score: 5, Funny

    Hey! Even we aren't that cruel. Bondage is fun, this crap isn't. Leave us kinksters out of this, please.

    --
    I dream of a better world... one in which chickens can cross roads without their motives being questioned.
  11. Re:Memories... by cvdwl · · Score: 5, Interesting
    My original //e had some lame-ass program to "meet the machine", it had routines to deal with typists who cheated by using l's for ones s and o's for zeros...
    Cheated, hell! My first ... TYPEWRITER (yes, mechanical, yes, really, no power cord... no "correction paper", either) ... didn't have a "1" or "0" key, it expected you to use l and O. I remember being confused by this the very first time I tried to type on it.

    I'd really like to get my hands on one of those now. I sort of miss slapping it upside the carriage every time you were finishing a line. And a typo at the end of a page REALLY hurt.

    --
    ... grumble, grumble, grumble, mutter, mutter, Millenium... Hand... Shrimp, I tol' 'em, I tol' 'em.
  12. As result of this Sony rootkit fiasco... by bluelarva · · Score: 5, Interesting

    Well.. Let see... I will NOT be buying the following:

    1. Sony music CD's
    2. Sony HD TV
    3. Sony Playstation 3 and games
    4. Sony Bluray DVD player
    5. Sony Ericson phones
    6. Sony VAIO laptop
    7. Sony DVD burner
    8. Sony digital camera
    9. Sony video recorder

    The only way Sony will regain my trust is if they were to:

    1. publically admit that what they did was wrong
    2. put a link on sony.com to a page explaining what exactly happened and provide software to uninstall the rootkit
    3. recall all CD's on the shelf containing rootkit DRM
    4. offer replacement CD's to all customers