Slashdot Mirror
Sony Pulls Controversial Anti-Piracy Software
An anonymous reader writes "Bowing to public outrage, Sony BMG has temporarily halted the use of its controversial anti-piracy software in all of its music CDs, the company said in a statement today. The move comes just a day after a top Bush administration official chided Sony and the entertainment industry for going too far: according to this story over at Washingtonpost.com, Stewart Baker, the Department of Homeland Security's policy czar warned would-be DRM makers: 'It's very important to remember that it's your intellectual property -- it's not your computer. And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days.' The Post has the full text and video of his commentary." We've reported on this story previously.
I sure don't.
To quote a good song by a good band, Dope: DIE MOTHERFUCKER DIE MOTHERFUCKER DIE!
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
For the damage their program has already caused.
I forsee big lawsuits.
Facts do not cease to exist because they are ignored.
Nelson: "Ha ha!"
Or should that be WHEN? It's not like this will be the last Sony DRM abuse story we see.
What difference does this statement make? None at all. It's not like Sony will recall the millions of CDs out there with the malware. This is just spin. Move along.
Other than the concern that a nation filled with Spears, Timberlake and Dion worshippers would be unable to defend the nation against an invasion by Canada or Luxembourg I fail to grasp the connection between Homeland Security and a moronic VP at Sony who is trying to render 1/2 of his company's music player division worthless.
If the g'vt kept the data on you that google does you'd better believe you'd be calling it "doing evil"
Good, now keep up the pressure. Unless Sony feels real pain for going too far it will encourage others to keep pushing the envelope on what is acceptable.
This is why punative damages for "bad behaviour" exist, to make the company take notice and change their behaviour.
Don't let them get off easy.
Man, what to say? They said something right for a change.
What about the people who already got it? Is Sony going to release a good removal tool?
I for one am boycotting all Sony music from here on if it comes on CD. Windows root-kit, OSX kernel extensions ... how can you trust them? The RIAA and big record companies are getting very long in the tooth and I would love nothing more than to see them get taken down. They have all but destroyed the industry over the years and turned it into something worse than politics.
The most talented musicians I know are waiters, bus boys and taxi drivers, thanks to the recording industry.
Can't wait for someone to shake it all apart by releasing their works without the industry influences (and the industry taking their piece of the pie).
Imagine that. Guess I probably won't be reading about that over at CNN.com.
Are the people who purchased the DRM/spyware CDs due a replacement copy without the DRM/spyware?
It's all fun and games until someone loses the key to the handcuffs.
Wonderful to watch this going south in a big way, dragging the whole concept of DRM with it. We all owe Sony a debt of thanks, really.
x cp_art10
I particularly enjoyed this quote from First4Internet's website from their director of Sales & Marketing:
"We're not denying people access to the music," Macdonald said. "We're just trying to help them manage their access."
http://www.xcp-aurora.com/press_article.aspx?art=
Please! Please, Mr. MacDonald! Help me manage my access to my media by installing a rootkit!
'This writing business. Pencils and what-not. Over-rated if you ask me. Silly stuff. Nothing in it' - Eeyore
Check this out:
http://www.webwereld.nl/articles/38285
Someone in the Netherlands claims to have found certain strings from Lame's source code in Sony's app. Did Sony steal LGPL'd code?
Macintouch reports that Sony is also putting Macintosh DRM on some of its disks. No word if these kernel extensions - PhoenixNub1.kext and PhoenixNub12.kext - are a rootkit or not, and no word if Sony is suspending their use or not.
According to the Macintouch article, the Mac DRM is on Imogen Heap's Speak for Yourself, an RCA CD distributed by Sony/BMG.
I suspect that CD-makers won't be able to keep a stunt like this secret for 8 months next time, because their customers will be watching for such shenannigans.
Now we wait for Sony to issue a recall.
"All your replacement CDs are belong to us" - Sony's customers.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
The ironic thing is they could've achieved the same spying functionality from more traditional/subtle methods with software like Blizzard's anti-cheating software. They were inevitably going to get fried because they incorporated it into a rootkit which is blatantly a trojan and what's worse disabling it could fry your drive.
Remember Gator/Claria manufactors spyware and is on the government privacy board as I recall. Sony spyware is delivered through a rootkit instead and their admonished by the same administration... They could've used a different way to deliver and got away with it so they are just idiots at the end of the day.
There is one major item missing from Sony's statement on this matter. When are you RECALL these DRM discs and reissue new ones to your customers?
On the other hand, I also hope that the DMCA will be really shaken by this event. After all, according to DMCA, Sony rootkit is protected software. Hit them in the wallet, me says!
Bite my shiny metal... oops... Nevermind!
Actually, I use a Vaio, so it actually is their computer. I feel _so_ f*cking pwned right now.
The dept of Homeland Security has been worried for some time about the possibility of foreign nationals creating botnets which might allow them to ddos critical online national assets. That's what has them interested (and wierdly on the right side) in this case.
/me gets migraine from wishing ill on everyone involved
So now, can Sony be pursued for violation of the USA/Patriot act?
Using plain ol' text since 1968
A Homeland Security honcho saying that all our computer are not belong to them?! Wow. Just... wow. Was Baker somehow shown the right end of a cluestick, or is this a temporary fluctuation in the collective subconscious?
I can assure you, the best way to get rid of dragons is to have one of your own.
There's a huge difference between just saying they'll stop going forward, and going to the effort of a recall, complete with replacement of discs people have ALREADY bought in addition to promptly pulling all CD's from stores that have this DRM on them.
I have afeeling they are doing neither though, I'd love to see a class action suit that demands all CD's sold are to be replaced with DRM-free versions on Sony's dime. Then perhaps it would sink home they'd done something a little wrong.
I wonder how liable the company that came up with the DRM in the first place is, perhaps Sony can shift all blame to them.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
...when the creators of the USA PATRIOT Act are on your case about in violating people's rights.
The Canadian Government agreed to provied 4000 army troops, a squadron of jets and a naval fleet to the U.S. in it's war on terror.
After the exchange rates, it came out to 4 canoes, 3 flying squirrels, and a 2 Canadian mounties.
I read Slashdot for the headlines, because the headlines, unlike the articles, are usually original and never duplicated
Very clever. Where's it at? Who knows? It's hidden!
hello dear sirs my name is jamesh i are india (bihar) can u guide me install red had linux 9?
Slashdot Hive Mind overload!!!! Bush administration evil... but... music industry evil.... can't side with Bush... but can't side with Sony..... aaaghhh!!!
segmentation fault (core dump).
I don't know what I'd do if they removed the stuff PERMANENTLY!
My turnips listen for the soft cry of your love
In light of recent coverage, I think they need to update the press page on their website. ;-)
http://www.xcp-aurora.com/press_related.aspx/
Methinks they might need to dedicate a whole page just for Oct 2005 alone
A day after someone in the government goes, "Naughty, naughty," Sony's suddenly pulling their DRM, if even "temporarily".
It can't be anymore obvious what Sony thinks of their customers...
People will pass up steak once a week, for crap every day.
I have here an article which specifically stated that the discs with the rootkit on it from Sony will be in store in The Netherlands in 2006. (sorry it's in Dutch)
:)
Does this mean that NL again misses out on an opportunity?
No seriously, I think that this is a good decision, but just a tad too late. And I hope that the lawsuits continue, otherwise they will never learn from this.
Let this be an example to the media maffia.
80 CC D8 AF AE D3 AB 54 B7 2E CE 67 C7
One day people will wake up and realise that DRM, DeActivation, Treacherous Computing - are all entirely concerned with taking things away.
you had me at #!
http://news.bbc.co.uk/2/hi/technology/4427606.stm
DRM must be implemented at the hardware level to be effective. The media and the players must match up in terms of technology and techniques used. DVD is a pretty good example of this -- it was brought to market imposing all sort of attrocities from the git-go. CD audio did not have DRM in mind when it was created and any attempts to retrofit the format seems to fail miserably on all counts... so far anyway. They'll just have to create a brand new audio media format and get the public to love it and then move over to it.
This situation tells me something I didn't want to believe. I didn't want to believe that these people who are backing DRM and content protection schemes are really as stupid as they appear to be. Sony has showed me that perhaps they really ARE as stupid as they appear to be. It's rather disappointing to have an enemy that is SO incredibly stupid. Yes, I said 'enemy.' They are an enemy to anyone who enjoys the rights they currently have since it is all too clear they are willing to restrict your life in order to profit from it. To me, that's an enemy.
Thankfully, there will always be smart kids who don't know any better than to break laws and push limits on a continual basis. Without those 'pioneers' we wouldn't have anything to fight back with.
next time they try something like this the public outrage will be more muted and eventually they'll get what they want even if it takes a few years, people will lose interest and it'll become as widespread as claria
Regardless of who gets the money, the end result is that Sony suffers financially. And that may just serve as an example to other companies not to pull a similar stunt, lest they might lose money in a similar fashion.
Cyric Zndovzny at your service.
From the Washington Post article:
[Stewart Baker, Homeland Security's assistant secretary for policy, said:]
"If we have an avian flu outbreak here and it is even half as bad as the 1918 flu epidemic, we will be enormously dependent on being able to get remote access for a large number of people, and keeping the infrastructure functioning is a matter of life and death and we take it very seriously."
Does this mean if malware keeps people from getting medical help the authors can be convicted of manslaughter?
Jury: We find the defendant guilty on each of the 100 million counts of computer tampering and 2 million counts of involuntary manslaughter.
Judge: I hereby sentence you to 10 million sentences of 2 years of probation and 2 million sentences of 6 months in jail followed by 5 years probation. Due to the outrageous nature of your conduct, sentences are to be served consecutively. You should be out in time to watch the sun swallow the earth.
Delicious!!!!!!!
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Will sony give removal instructions? Their downloadable "patch" only updates their rootkit, but doesn't uninstall it.
It is in fact illegal to do what Sony did with DRM under the current computer laws passed by the Bush administration.. Now lets hold breath and see if Bush actually brings SOny o justice.. Anybody want to swet the reocrd for holding breath at 3 years?
Fred Grott(aka shareme) http://mobilebytes.wordpress.com
For example, nobody with the rootkit installed would be able to read this post
Crap. It's just a normal post like all the others.
An interesting read at: http://www.changethis.com/4.drm :
... "Without DRM, people will steal and artists won't get paid!" ... Usage of Digital Rights Management (DRM) has been hotly debated since a college student threatened to put an entire industry out of business with a little application he built in his spare time, Napster. In this transcript of a speech he gave at Microsoft's campus, Cory explains why DRM doesn't work, why DRM is bad for society, bad for business, bad for artists, and a bad move for Microsoft.
h tml
n isian_atseventeen.zip
"DRM punishes honest people!"
Using Sony and Apple as examples of companies that are using DRM to *punish* consumers, he suggests Microsoft use the opportunity to once again champion users' rights. To follow our current path, Cory argues, is to stifle innovation and contradict the purpose of American copyright law: to promote the useful arts and sciences."
I always find it very remarkable that the content industry treats the people who pay for their products -- in other industries also known as customers -- as criminals. People don't buy cd's because they want to screw the people who made them and make a zillion copies. Those people buy the damn things because they do *not* want to wast their time on copying!
And I also don't think the way customers are treated is in the interest of the artists, in whose name this whole mess is being created. Take a look at an excellent article by Janis Ian, a respectable musician:
http://www.janisian.com/article-internet_debacle.
"They told me downloads were "destroying sales", "ruining the music industry", and "costing you money".
Costing me money? I don't pretend to be an expert on intellectual property law, but I do know one thing. If a music industry executive claims I should agree with their agenda because it will make me more money, I put my hand on my wallet...and check it after they leave, just to make sure nothing's missing."
For what it's worth: this is a women who made more then 25 albums and wrote some very well known songs for other artists. One of her most known songs is "At seventeen", which can be downloaded for free, just like some other songs of her:
http://www.individualidade.com.br/janisian/mp3/ja
http://www.janisian.com/mp3_downloads.html
From the Sony Statement: "As a precautionary measure, Sony BMG is temporarily suspending the manufacture of CDs containing XCP technology,"
Notice the word "Temporarily" in there?
I think that Sony should replace my CDs that contain their DRM software free of charge. I do have to say that when I bought the Kings of Leon CD 5 months ago, I was a little angered by the copy protection and have tried to stray from buying CDs that had similar labels since then, but when you really like an artist, you have to plug your nose and go for it. Needless to say, I didn't put any of the subsequent CDs in my computer's CD-ROM drive.
I speak only English :(
English translation att icle&sid=215
http://dewinter.com/modules.php?name=News&file=ar
"A computerexpert, whose name is known by the redaction, discovered that the cd "Get Right With The Man" by "Van Zant" contains strings from the library version.c of Lame. This can be conluded from the string: "http://www.mp3dev.org/", "0.90", "LAME3.95", "3.95", "3.95 ".
But the expert has more proof. For example, the executable program go.exe contains a so called array largetbl. This is a part used in the module tables.c of libmp3lame."
All they really needed was one word: Sorry. No one really needs reams of technobabble instead from which there does not emerge an undertaking to supply a removal tool, nb. Perhaps they aren't sorry then, just sony. Sigh.
Las qué passoun
tournoun pas maï
It belongs to Microsoft.
For the non-Nederlanders, the Fish took care of this article quite nicely:
Spyware Sony seem violate copyright
Thursday 10 November 2005, 09.59 - the spyware which Sony on the computers of muziekfans install do not seem not only technical, but even also copyright in the hook.
In the rootkit pieces code appear sit which is identical to LAME, open source mp3-encoder. The licentie is exceeded.
Concerning software exercises the copyright with the so-called Lesser Gnu Public License (LGPL). According to this licentie Sony must satisfy requirements to a number of. Thus they must tell that they use software in a copyright notice. Also the company the source code of open-sourcelibraries must provide or available to make. Finally the tussenvorm between must make source code and feasible code, the so-calledobject traffic-jams, meeleveren or available, with which others can make similar software.
Sony have only satisfied to none of these requirements, but provide a feasible programme. A computer expert, of whom the name is confessed at the redactie, discovered that on the cd Get Right With The man of Van Zant strings from the library version.c of Lame sits. This is make up from the string: "http://www.mp3dev.org/", "0.90", "LAME3.95", "3.95", "3.95".
But the expert has more proof. This way there so-called array largetbl sit at a place in the programme go.exe. This is a part that is used in the module tables.c of libmp3lame.
The discovery is possible far-reaching consequences has on the muziekgigant, which themselves claim only protect the copyrights. Rather judges in Germany forced several companies already make the source code public and the required spullen for compiling to provide. Also it is possible claim damageses.
Meanwhile details also other become clearly and this way complain the Electronic frontier foundation which the spyware make also legal listening music on iPods impossible. The organisation is busy with a list of cd's which publishes hidden programmatuur meeleveren to make and these on the Internet site.
Wouter Rutten of the NVPI emphasise that the commotie for Dutch a 'meaningless tale' is because the aware cd's are only in the United States and in Mexico available. The organisation offers information on the beveiliging of First 4 Internet to Cdlogo.nl by means of the site, however.
Several phone calls to SonyBMG continued call back in spite of promises to unanswered.
Of course, I doubt we'll see any of the creative accounting used to set damages as was used in cases like AT&T vs Mitnik. Hey, they said they're sorry (they got caught...) what else do you want?
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
They're spinning this with all their might. Remember that the patch they so proudly trumpet (look how serious we are about protecting our customers!) doesn't remove the rootkit - it merely disables the cloaking feature. Also note that while they say they are suspending manufacture of these CDs, there is no mention of any effort to remove already manufactured copies from store shelves or the distribution network. Considering that CDs are stamped in large production runs and then kept in inventory, they really haven't committed to anything except to "re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use." (and note how their goals do not include consumer privacy or control over their own electronic devices).
No, I don't think we forgive them for this for a long time yet.
Great! Yet my brow is
still upturned. Why is this? It's
going to get worse.
Turns out jailtime might just end up "managing" a more related type of freedom...
...expect Sony to announce their monthly patch cycle for CDs? That's going to be a real bitch.
>> Bowing to public outrage
More like bowing to the fact they are about to get their pants sued off.
Sony will pay! Just like Martha Stewart!
While it is nice that they have stopped distributing the rootkit, this still doesn't get it off my infected PC.
I agree that Sony will probably just write a check to a bunch of lawyers and maybe fire some guys, but why can't people go to jail for these kinds of things?
It always strikes me as odd that you can fuck up thousands of people's lives (in this case, their computers), knowingly and deliberately, and the only outcome is that some lawyers get rich and a few overpaid *might* have to use their golden parachutes.
Why isn't this thousands of counts of unauthorized use of a computer? I know that "throw 'em in jail" really isn't a large-scale social solution, but there needs to be a way for our corporate leaders to understand that not only can they not steal and get away with it (cf various corporate thefts), if they abuse their corporate power and mess with people lives, you know what, you might go to jail, too.
"As a precautionary measure, Sony BMG is temporarily suspending the manufacture of CDs containing XCP technology," it said in a statement.
So why aren't they recalling the product that's already in the channel? There are thousands (millions?) of discs sitting on retailers shelves that are just waiting to install the rootkit. Oh yeah, that would hurt their bottom line.
Until it costs them, they're not going to learn.
-ch
Sony BMG said it stands by content protection technology "as an important tool to protect our intellectual property rights and those of our artists." Doesn't sound like a very sincere apology. I'de sure like to install claria/gator, mycoolwebsearch, and and a few keyloggers on Sony's computers and see how they like it!!
(If at first you don't succeed, do it different next time!)
Debian Hurd / Mach microkernel, Gnu, not Linux, would have been interesting.
or Solaris
Would they mind giving us their benchmark software so we could do it?
and a copy of singularity?
wake up and hold your nose
Even better... why not Boycott ALL Sony products. That will drive the message home even louder. Class action lawsuits only benefit the lawfirms... Just my 2 cents
I assume that means precautionary against being sued even more than they are being sued now. It's being "temporary" is certainly not precautionary in relationship to the customer and is a bit more than a little ominous.
The music and video industry needs to realize that their business model is out of date with technology and they can't put the genie back in the bottle. This sort of adjustment to new technology is hardly new.
* The telegraph/telephone, depending on the year was going to destroy the postal system. That didn't happen. Technology moved forward.
* When radio broadcasting came along in the 20s the record companies would not allow records to be played on the air since it was a copyright violation and would destroy the industry. That didn't happen. Technology moved forward.
* When tape recorders came along they had a fit because it would destroy the music industry. That didn't happen. Technology moved forward.
* When Betamax recording came along they fought it tooth and toenail since it was going to destroy TV. That didn't happen. Technology moved forward.
Time for technology to move forward again and forget about this silly DRM crap that tries to take away our Fair Use rights.
"Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain
Sure, a class action won't help consumers much. But the actual harm in this case was thankfully pretty small, anyway.
The reason you put together a class action is to consolidate thousands of small claims, and in doing so come up with a total liability that Sony has to pay for. A class action against Sony would cost them a nice chunck of change, "helping them manage their access" to consumers' computers. In other words, a class action, which will almost certainly be settled, is how hundreds of little guys get together to punish the big guy for infringing on their rights.
I don't think any other western democracy allows U.S.-style class actions, and that's because the class action fulfills a role in the U.S. that the government fills in other countries. Specifically, the class action allows private parties to regulate and enforce the laws via large monetary damages, e.g., environmental laws and consumer protection laws. In other countries, the national government would be more involved in enforcing these laws.
How about: "it's not your computer. You do not have the right to install software components on someone's computer that spy on them, without their permission. That is computer trespassing and wiretapping. The FBI is currently investigating; in the meantime, here is a court order to remove any CDs with this software from shelves immediately, and we expect you to fully assist consumers with identifying whether a machine has the software installed, and the removal process."
What Baker is doing is trumpeting the Homeland Security line ("Won't someone PLEASE think of the Homeland Security?!"), and distracting us from the more important issue-that a corporation installed trojan programs that spy on people, and probably broke an number of laws doing so.
Please help metamoderate.
Uh...perhaps you should note that the linked article is in Dutch.
I'm sure many slashdoters are fluent in that language. However, I'm guessing not all slashdot readers will be able to understand it.
Translation/Vertaling
Uh...misschien zou u moeten opmerken dat het verbonden artikel in het
Nederlands is.
Ik ben zeker vele slashdoters in die taal vloeiend zijn. Nochtans, Ik veronderstel niet alle slashdotlezers het zullen kunnen begrijpen.
From WorldLingo's translation:
In the rootkit pieces code appear sit which is identical to LAME, open source mp3-encoder...the expert has more proof. This way sits there at a place in the programme go.exe so-called array largetbl. This is a part that is used in the module tables.c of libmp3lame.
Due to the backlog, we have now increased to two (or more) Sony DRM stories per day. To make room, we are temporarily cutting back on dupes. Please be aware that this is only temporary, and it will shortly be deja vu all over again. Thank you.
On a serious tip, thank God they are being publicly called on this. They have to realize that screaming "Waaahhh, piracy is killing us, we're losing 18 gazillion dollars a day!" does not justify a flagrant disregard of consumers' rights. I love the quote, "It's your IP, but it's not your computer."
Ignore anything I said above, I actually agree with everything you believe - mod accordingly.
IMHO, I think that the first virus that came out actually was designed to see how many folks it could infect, logging their systems onto IRC where a bot kept census of how many, who it was, and where from. Once that count was completed, they could decide if it would be worth to proceed with the 2nd stage: the creation of the more harmful worms and trojans. It all hinged on how many systems got wormed with Sony's rootkit.
First rule of holes; When in one, stop digging.
AFAIK the current working theory is that those are strings the program is searching for, not that it's built with parts of LAME in it.
So what, three times a year then?
Signed - A bitter ex-SWG player.
It was a joke! When you give me that look it was a joke.
You know you really really completely and utterly hit the bucket if the Bush Administration bad-mouths you.
I mean, you've out-bastardised the Bush Administration and to do that you need to be evil enough to want to suck people's blood. And eat babies.
Just because some twat at DHS says what we want to hear, does not mean the bought and paid for Bush Admin is not going to bend you over the first chance they get.
At last, I saw excellent coverage of this issue all over the media. There was even a NPR segment on it!
Personally, I emailed Sony/BMG, informing them that I would purchase not one single Sony/BMG offering, whether on CD or via iTunes, until January 2007. I said that I would reconsider at that time, provided they responded appropriately. It looks as if they have. By 1/2007, if they don't try to pull anything stupid like this again, I will resume buying their stuff. But, they have 14 months before they get another penny for me for pulling this stunt.
There exists no way of exchanging information without making judgments. --Bene Gesserit Axiom
> AFAIK the current working theory is that those are strings the program
> is searching for, not that it's built with parts of LAME in it.
Is there a way to find out which is the case?
From a criminal standpoint Sony has gotten off scot free (in the US at least...it is certain that they will face charges in other countries).
I guess this is a lot less embarrassing for the DHS than admitting that they are powerless to stop this kind of cybercrime (what are they gonna do--throw Sony in jail?).
It's not their computer, but by lobbying in congress they can attempt to mandate what hardware must be sold integrated with the computer (V-chip on TVs, macrovision on VCRs, etc.).
Look for an increased push for legislation requiring any computer sold to have built in broadcast flag- and now DRM- support. Actually, expect to see such broad language that it will require support in any kind of digital or analog transmission, conversion or storage device or component.
If you want Sony to behave better, you must starve the beast in order to bring it to heel. How do you starve the beast you ask?
I have flatly refused to buy music for a rather extended period of time because I will not put a single dime in the RIAA's pockets. They routine rip-off the very musicans that they proclaim so loudly that they are protecting. Many musicians, even prominent ones, have been defrauded of vast sums of money by the music industry representatives (Little Richard and Elvis Presely to name two that come immediately to mind). Numerous articles have been publishes on this and Sony is currently being sued by a group of artists over this very thing. If they're ripping the artists off, how come they care if I download an MP3?
2 cents,
Queen B
HDGary secures my bank
....... /.'ers have seen Sony use copy protection with a Celine Dion CD only to have it blow up in their faces publicly?
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
I've gotten so paranoid that I put a text document with $sys$ on the front on my desktop.
The "Privacy" "Security" and "Sony" icons? Anyone else think that slashdot needs to have a better, all-inclusive Sony icon, ala the classic microsoft borg icon?
Everyone else should sue Sony for their six biggest lies in regard to all this.
1: The software doesn't run when the CD isn't playing. WRONG!
2: It's not a RootKit. WRONG!
3: It doesn't interfere with your normal use of your computer. WRONG! (It intentionally damages the sound when CD's are ripped to MP3 - maybe for all CD's, and uses memory and cpu resources constantly.)
4: It doesn't phone home. WRONG!
5: It doesn't send any personally identifiable information when it does phone home. WRONG! (If the **AA can find you through your IP address, so can Sony.)
6: We don't save any personally identifiable information when our software phones home (Internet logs?), or when you fill out two pages of forms with your e-mail address (which must be right or you won't receive the necessary authorization codes) to get our full uninstall control. YEAH, RIGHT!!
Someone(s) as Sony should go to jail over this one.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
According to this Globe & Mail Article:
M .20051111.gtsony1111/BNStory/Technology/
http://www.globetechnology.com/servlet/story/RTGA
"Computer Associates, maker of eTrust PestPatrol anti-spyware software, says that the technological protection measure (TPM) uninstall routine itself can be classified as spyware."
And
"Sony issued a "patch," a 3MB download that contains a large amount of new software. That patch removes the rootkit, but also installs itself without notice to the user and without user permission. Moreover it cannot be removed either. The uninstall routine is so poorly made that the act of removing the rootkit can cause Windows to crash."
Lovely. I guess it's format reinstall time for those affected users.
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
One thing I notice here is that the problem seems to be American executives from the Sony side. Perhaps Sony never cleaned up its investments from back in the 80's or has since let some of their North American holdings go to seed?
Should the F/OSS community in the US develop a file system wrapper that is a form of "DRM" so that anything that limits the use of files or mounted drives on the computer is trying to circumvent the DRM wrapper? Wouldn't that be a great day!
Cliff Claven
K.E.G. Party Chairman
Founding Leader of: Koncerned for Egalitarin Governance
This wouldn't hurt them that much. CD manfacturing has come down in price even faster than retail prices have gone up. I a few pennies at most to replace a $14.95 CD.
Any other business passes along their savings to their customers in the form of lower prices. The thieving music industry does just the opposite!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
If so, this might be the first time we've ever seen a trojan-trojan: a program that seems to be useful, but actually turns out to be harmful, but then actually turns out to be useful. :-)
After a lot of research, it appeared the sony projection LCD was a good choice, and after a calibration session, it was happy HDTV. Then this comes up, and I regret giving my money to sony for both a big flatscreen, and an HDTV unit. News Flash to Sony-I'm your target buyer, can afford your stuff, and now that I have to monitor my kid's CD playing for DRM garbage, not just age appropriate lyrics, I regret giving you a (lot) of money. I won't make this mistake again ! Now, aren't you glad you inconveninced some kid to stop him or her from ripping a copy of a cd for a buddy ? You saved a bunch of money, right, and now you will lose at least the same amount by two orders of magnitude, at least, from this one household. And, by the way, I do not have a single MP-3, or bootleg song in my entire collection........
Funny that a top dubya adminstration official chided Sony for its DRM debacle, when not but one day later, Bush is asking Congress to pass a tough new anti-piracy law. Read about it Here. If anything, the proposed law takes "going too far" to the next level.
"We also intend to re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use," Sony BMG added.
I really can't believe this clown is saying that. Did they ever have a security goal in mind??? Does this statement mean that they continue to do business as usual???
I went back to their FAQs, and found a few interesting lines:
- You must log on to your computer with Administrator rights or Power User rights to fully use the disc.
So I must be an admin just to listen to Ricky Martin??? Gimme a break.
- To date, Apple has not been willing to cooperate with our protection vendors to make ripping to iTunes and to the iPod a simple experience.
And hopefully it'll stay that way for a long, long, long time...
- the protection components are never installed without the consumer first accepting the End User License Agreement.
But nowhere in the EULA it is mentioned what the user is in fact installing.
- If at some point you wish to remove the software from your machine simply contact customer service through this link. You will, though, be unable to use the disc on your computer once you uninstall the components.
Now this is another issue. Sony is marketing their discs as CDs, but their are not campatible with standard CD players??? They can't slap the CD logo anywhere they want and get away with it. They have to follow the standards, or call their DRM discs something else and anounce in big bold letters that such disc may not be playable in all devices.
Let's take advantage of this whole mess with Sony. Right now is the perfect time to create some awareness on the average Joe about the implications of DRM and how the insdustry is going way too far with it.
Uncopyrightable: The longest word you can write without repeating a letter.
> Is there a way to find out which is the case?
# man strings
and
# man grep
would be a good start.
IIRC correctly Shawn Fanning hardly ate or slept for many days while coding the first Napster, so consumed was he by his idea.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
I think somebody should write an upgraded worm that abuses the rootkit to steal Sony's music off of peoples' computers.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
As soon as I learned about the rootkit DRM issue, I immediatley committed myself to not buying any more Sony products. No TVs, no car stereos, no DVD players, no notebooks and especially no music or other media.
Sony is a big fish in a big pond. I suspect that there are many more like me who will make this decision. This will cost them dearly, across all of their divisions.
So long Sony, to me you no longer exist.
If that were true, it is strange that strings like "0.90", "LAME3.95", "3.95", "3.95 " -- indicating a specific version -- are in there.
9 69409
i ndowsmedia.drm/browse_frm/thread/8270cbc85f8e9cb8/ 7cb5c4ad49fa206e?lnk=st&q=FIRST4INTERNET&rnum=44&h l=en#7cb5c4ad49fa206e"
l
I mean, why would they look for a *specific* version of LAME if they want to rule out mp3 encoding software running on the machine?
Also check this post: http://slashdot.org/comments.pl?sid=167537&cid=13
"Go and check it yourself, and compare to lame sources. The data from tables.c is included in the executable in identical form (several large tables), also all the version strings are included, which the DRM system doesn't check.
The data is there, the big question is if it was linked accidently, or if it actually uses LAME code as well."
He's talking about the *data* of several large tables being in there.
Further more, the theory that the DRM software would be using these strings in order to look for "incompatible" programs does not look very plausable, because the DRM kit seems to look for program names rather than scanning the executables, judging from the strings posted here:
http://hack.fi/~muzzy/sony-drm-magic-list.txt
Besides, that does not explains the date from the tables being in there.
Further, we have a post by a F4I employee on usenet talking about an mp3 player he wrote:
http://groups.google.com/group/microsoft.public.w
"I am currently writing an MP3 player with lots of bells and whistles including a wave editor, fades, reverbs etc.
What I now need is to be able to protect the files it creates. I have already written the routine to convert the MP3 into a WMA file.
Does someone have some simple C++ code which can write Microsofts DRM v1 properties that the user whishes to set(i.e. 3plays 4 copies etc) over the unprotected file to make it protected. There may be some cash on offer here if its easy to use! All I need is a procedure that performs this"
And, another thing is that LAME also seems to be cabable of decoding: http://mp3decoders.mp3-tech.org/decoders_lame.htm
Taking things togeter, to me it looks unlikely that they are looking for a specific version of LAME by scanning trough executables, while for other mp3 playing software they simply look for the name of the executable.
I think it is very well possible they use of have used LAME in their mp3 player. Then the strings and tables either indicate that Lame is indeed being used by the bundled player to play mp3s, or they mistakenly linked the Lame library because they did use it in other parts of their software and somehow did not realise they were linking the Lame lib.
They're pulling it because it will open them up to serious legal issues the second someone is infected with trojans that use their software to do serious damage.
Baker's response does indeed seem rather muted. What's interesting here is that if it weren't for the outcry from the rest of the world, it's not clear to me that Homeland Security would have ever found out until someone mass-exploited Sony's code.
Sony chopped its own hand off and dropped it in the water.
Tech Public Policy stuff
Sony announced it has partnered with MafiaDRM, an anti-piracy organization from Italy. Now, every CD purchased will be accompanied by a Mafia goon who will enforce Sony's IP rights. Published side-effects of MafiaDRM include (but are not limited to) kneecap pain, new Columbian necktie in the closet, horse heads in bed, and concrete shoes. Sony is reportedly pleased with the success of MafiaDRM technology.
--- This
However, they are primarily due a lesson in holding down the shift key the first time they insert a CD from Sony Music.
A better lesson would be not to buy Sony music. Or Sony CD Players, TVs, game console systems. If a company is going to fuck the consumer over, then the consumer should be saying "fuck that company".
Seriously, the best way to get rid of DRM is to drive businesses that use it straight into the ground.
Isn't Canada part of the United States? Like, um, Minnesota?
Faster! Faster! Faster would be better!
There's evil, and there's evil. At least one version of the story of the Irish Jack O'Lantern has the devil refusing to let Jack into hell because Jack is a bastard so evil that even the devil himself can't stand him.
If it's not only bad enough to worry us, but the oh-so-corporate-freindly Bush administration, someone at Sony may need to find a turnip.
//Information does not want to be free; it wants to breed.
I have an e-mail message showing EECOL Electric in Canada telling it's employees, "DO NOT UNDER ANY CIRCUMSTANCES INSERT SONY MUSIC CD'S INTO YOUR COMPUTER, EITHER AT HOME OR WORK!" in big red letters, followed by an explanation of the situation.
I'm positive this isn't the only company which has sent out similar notices.
It's been a long time.
Please.
New Sony TV, DVD player, TiVo, etc with HDCP content protection? Sony ipod clone with more DRM that you can shake a stick at? Sony PSP with no way to play your own video at native resolution?
Are these exceptions in that they feel they still own these after your purchase them because it has their name on it?
Wonder if they'll be able to exclude the VAIO computers we bought from the class action suits.
This comment does not necessarily represent the views and opinions of the author.
Yes, it would be really great if the FBI would give the Sony exec's a real "pucker-factor" moment. The kind you get when you've just been pulled over by a state trooper for doing 95mph in a school zone. Or just barely missed getting greased by a log truck doing 80.
If some zit-faced teen did this to thousands of computers, you know he'd get it up the wazoo by the Feds. But it's obvious there are different rules when a media giant does it. No "10 years in jail and no computer use for 7" for them.
I think it would be hilarious if they lost all privileges to produce and sell CD's for 5 years. That'd get their attention.
They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
No, that's just a myth perpetuated by the Americans, who are still bitter that they had to pay for all that white paint.
It's been a long time.
Not just the first time, but every time.
Perhaps I would have drawn less fire if I had stated that better. They are concerned about the possibility that these botnets could be used in a way which is detrimental to national security, not about the possibility that botnets exist.
Then again, being as this is Slashdot, this probably wouldn't have helped either.
Anyhow, was just replying to the "why is Homeland Security?" question, and probably should have put it better. Sometimes preview is no help when I know what I mean.
Using plain ol' text since 1968
And don't forget to send donations to downhillbattle and EFF.
Test 1 2 3 4
http://72.14.207.104/search?q=cache:7n-Uwr5UNeEJ:w ww.corvus.com/documents/reference/orangebooksummar y+mandatory+access+control+orange+book&hl=en&lr=la ng_en
. html
and (for more detail)
http://www.totse.com/en/privacy/encryption/orange
Read up on Division B2 and B3 security controls as specified by NSA in the Orange Book from the Rainbow Series (no, those aren't the official names but it's what everyone uses) -- the U.S. Government knew more about implementing impossible-to-bypass DRM years ago than Microsoft will be able to implement before 2010.
I was under the impression that linking LGPL libraries with propriety software was allowed.. Am I wrong?
I know this is really not a 'Sony' issue, it is a 'Sony Records' issue, but the fact remains, it's owned by Sony.
I have a Sony DVD Player + ET Center, a Sony Digital Camera, External Floppy Drive, and some blank DVD's, and I will never buy anything from them, ever again!!
These type of corporate strong-arm tactics, are why I loathe corporations! They truly are EVIL!
I always thought Sony/Phillips Consumer Electronics were 'ok' (for the price at least), but I will be encouraging everyone I know to boycott them from now on.
Flamebait you say? Lamor I say!
the only permanence in existence, is the impermanence of existence.
That is correct, but there are some conditions.
For starters, you have to indicate you are using a LGPLed library and you have to give the sources to the library or make these available by some other means.
Beside that, you have to make sure anyone can re-link the software with a newer version of the LGPLed library. In the case of dlls, this is no problem. In the case of static linking, which is the case here, you have to provide object code of your program, so anyone can re-link the program with a newer version of the LGPLed library.
Alse see:
http://www.gnu.org/copyleft/lesser.html
"For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights."
Other than the concern that a nation filled with Spears, Timberlake and Dion worshippers would be unable to defend the nation against an invasion by Canada or Luxembourg
Too late: Celine Dion IS a Canadian and all your base are already belong to us...
Sony is a very large corporation and SonyBGM is just a small part of that. What SonyBGM did was for SonyBGM only and not for the rest of Sony.
The parent part of Sony needs to so something in a very public way to disipline the child, SonyBGM, in which will make the public satified that the correct punishment was handed out.
"shot itself in the foot, then jumped the shark"
Look for legislation in future designed to give *AA companies immunity from the consequences of future machine-frying DRM.
Tech Public Policy stuff
It's too late. And I seriously hope they will be fined this time for fighting against their customers.
Until Sony undertakes meaningful reparations for this breach of ethics, I'll be hosting an .mp3 of a song from one of their DRM'ed discs. I encourage others to do the same.
http://www.foryourentertainment.blogspot.com/
As the EFF explains, the EULA says that 1) if your house gets burgled, you have to delete all your music from your laptop when you get home; 2) you can't keep your music on any computers at work; 3) if you move out of the country, you have to delete all your music; 4) you must install any and all updates, or else lose the music on your computer; 5) Sony-BMG can install and use backdoors in the copy protection software or media player to "enforce their rights" against you, at any time, without notice.
And the list goes on.
What's hilarious (in a sad kind of way) about this, is that this does nothing to stop anybody from ripping the music, and even encourages people to grab it from the Internet. Preaching to the choir, I know, but it's a sad state of affairs. When trusted computing or whatever it's called nowadays comes into play, it's going to get even sadder. Thank god I run Linux.
SealBeater
-- Its survival of the fittest...and we got the fucking guns!!!
It's very important to remember that it's your intellectual property -- it's not your computer.
It might be a slight overreaction, but I'm so happy to see somebody of importance say that.
Now if somebody would say "It's your IP, but it's not your DVD player" and got rid of those 'Pirating movies over Internet is akin to car theft or gang rape' that you can't bypass unless, of course, you pirated the movie.
The sad part is, it takes legislative action to get media distributors to stop them activly pissing off their paying customers.
The Internet is generally stupid
Sony's Anti-piracy software wont seem to install itself on my distro of linux. Anyone else had the same problem? ;)
Yeah, because bitching at Sony is "distracting" us. How the fuck did you get modded up? That's the stupidest goddamn thing I've seen today. Some people... A Bush official could say child molesting was bad, and they'd say he was distracting us from the fact people molest children. Idiot.
Is Sony recalling all the trojan infected CDs and replacing them with clean ones? No. They are only claiming that they will not put this malware on future CDs. If we forgive or forget any of this, we only invite them to do it again. We need to boycott all Sony products. I know a lot of people who are mad about this are tempted to still buy Playstation games, and a Playstation III when it comes out. Don't buy them. There are other game consoles, PC gaming, and even Mac gaming. Let Sony go bankrupt, and let the story of their demise serve as a lesson to the entertainment and electronics industries.
The Uncoveror: It's the real news.
Sony better get a clue from all this. As having all my home entertainment equipment stolen four months ago I was considering replacing it all with New Sony gear. Well I can safely say that's NOT going to happen, Sony, you are going to have to do a lot to regain my trust before I buy ANY of your products again. Oh and by the way, didn't Sony say some months ago that they weren't going to make DRM'ed CDs? The article was on /. some time back but I cannot find it...
"I bow to no man" - Riddick
So are we cool to write and mass distribute rootkits as long as we make a patch available down the road? :)
An email I got from a friend, about two minutes ago:
"Sony should know that I avoided them when buying my new Plasma TV... Partly because of this... The a$$holes."
~REZ~ #43301. Who'd fake being me anyway?
I'm sure everyone here must remember that Orrin Hatch (R-Utah) publicly endorsed malicious software to protect copyrights:
http://anandtech.com/news/shownews.aspx?i=19802
"If that's the only way, then I'm all for destroying their machines"
I guess Sony must have felt they got the green light from Mr. Hatch when they put this genius plot together... A Holes
Hatch 4 President!
Why would Sony package DRM that intentionally interferes with CD ripping in general. I'm not just talking about the DRMed CD. This stuff borks your ability to rip ANY CD. Why is that? Could it have something to do with the iTunes Music Store/iTunes.app place in online music? It's public knowledge that the RIAA is unhappy about Apple's dominant position in online music. Could it be that one RIAA member has decided to do something underhanded about it. I think this is an attempt to sour the whole "iTunes/iPod just works" experience. Another poster has already pointed out that this 'fix' from Sony only disables the file hiding aspect of the DRM. It does not remove the DRM or the CD ripping crippleware. I wouldn't be surprised if Apple legal were looking into a suit of their own here.
Whew, I am SO glad they pulled that rootkit software! I was just about to rip 25,000 Sony CDs belonging to myself and my friends, and upload them to a buddy's server so that everyone in the world can download them for free. We do this a few times a year, actually, along with my mom and dad, and most of the people I know. When we all heard about the rootkit, we thought, Oh hell - how are we going to get around this? We were afraid we'd have to go back to renting movies again. Thankfully, we can now go ahead with our lives as usual. My mom's ripping that Celine Dion CD right now like a crazy woman.
Ooooo... I like that: "DRM 'manages access' in the same way that jail 'manages freedom.'" It's just too bad I already changed my sig due to the post I read earlier.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Goes on to show Sony's hypocrisy.
I sincerely wish the court would find Sony criminally liable for breaking into other's property, and [its executives] be forced to listen to "Come to papa!" by a guy named Bubba in a 10x12 cell.
"Doing what i can, with what i have." ~ Burt Gummer
Lance: What?
Kilgore: DRM, son. Nothing in the world smells like that.
[kneels]
Kilgore: I love the smell of burning DRM in the morning. You know, one time, we had a DMCA. And for five hours, I scanned disks. We didn't find one of them, not one stinking rootkit. The smell, you know, that burning DRM smell, smells like
.....Isn't Canada part of the United States? Like, um, Minnesota?.....
Actually no, it's even colder in Canada than in Minnesota.
All theory is gray
This is obviously in regards to Sony's rootkit DRM. I am glad to see Government does keep up on Slashdot rumors floating across the internet.
Music industry needs better cd format that requires iTunes like software (free of charge) to play the audio on them. And stop producing audio cds.
\
"Is the damage so severe and widespread that someone needs to (essentially) pay with their life? "
So if I burgle a bank in the middle of the night, not hurting anyone, when I get caught I get to just say "I'm reexamining my means of making a living, and I still submit that I need to make money somehow"
And then everybody is fine with me?
Spreading the word and not buying their products will do far more to teach them a lesson than anything a court or government can muster at this day and age.
Let everyone that is less tech savy than you know what they are doing. Word of Mouth is the best advertisement there is and also the best anti-adverstisement there is.
Back even farther ..and the $5,000,00.00 speakers fee? [this was immedieatly after he left office]
Remember when Ronald Regun made that speech in Japan to Sony
Diplomacy is the art of saying "Nice doggie" until you can find a rock. Will Rogers
Hasn't this whole thing caused a massive outbreak in World of Warcraft cheating though? Could Blizzard sue Sony (or is that dangerous given the state of their big brother antics?)
After the exchange rates, it came out to 4 canoes, 3 flying squirrels, and a 2 Canadian mounties.
...and a partridge in a pear tree. :)
(Sorry. I had to, particularly with Christmas rapidly approaching. I now prepare myself for the humorless mods and their dreaded "Off-topic" mod points since they don't have the humor to use +1 Funny. Bah. It's only karma.)
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
**ahem** that assertion is a bit lame. **ahem** ;-)
if you work for the DOD or the military you should be considering this. I am sending it to Sony.
I would like to let you know that as an administrator I have informed everyone on my network that using ANY Sony discs at home or on the corporate navy networks constitutes a severe security risk and that if they have purchased any Sony disc they should not put it on their computers, I have also put this notice on all of my emails. Currently I am working with many NAVY network engineers and will start working through the chain of command and discussing the possibility that all navy and military personnel should be forbidden to put any Sony CD in their computers and strongly discouraged to play such CDs on their home computers. Installing a rootkit and or encouraging people to install a rootkit on a DOD computer that may contain sensitive information is a federal offence comparable to treason. I will be working with the NAVY and the DOD to inform them of the ramifications of this rootkit, and I do not think that the DOD will like the idea of your company compromising their computers. also I am informing everyone I know not to purchase any Sony products because of your companies actions towards their customers.
Let me say that you are all thieves and conmen. An audio CD-ROM disc is listened to in a desktop or portable CD player, just like compact casettes are listened to in a walkman or deck, not a PC.
When you insert the audio CD-ROM in your computer you do it because you are copying and want to violate the intellectual property of entertainment companies. Those media giants support US war on terror with their tax dollars, something you spotty students do not. Every song download from P2P means one less cartridge of ammo in a US soldier's rifle. When they run out of ammo bearded terror will conquer the world and the taleban ban absolutely ANY kind of music and then you won't have to worry about P2P any more. Music piracy is material membership in Al-Kaida. P2P is not communism, it's an invitation to radical islamic theocracy. May the mullahs rule you downloaders!
Indeed true! Almost forgot about that.
.de links - but still feel free to tell them how you feel about the DRM issue - shure somebody there can read english.
So I guess it is time to cancel Bertelmann club memberships as well and stop buying Bertelmann printed media as well.
Martin
Links:
http://www.derclub.de/
http://www.bertelsmann.de/
Note:
Bertelmann is a german company hence the
Unfortunately, I disagree that general awareness is possible. For that, you'd need a public that had higher-than-average technical knowledge to understand what a rootkit was. Also, you'd need a level of public awareness and willingness to act against powerful interests that's pretty rare--think how few examples there are: labor unions, civil rights movement are about it and count them up. You DO have a hand injury if you haven't got fingers left over.
Being a student of history, I see this DRM vs. personal legal rights battle as parallel to those movements, particularly organized labor. Companies will start out being right by default in a capitalist system. However, they end up weaving such a terrible tangle of back-room laws that they end up breaking one law to 'protect' another.
What you may well see someday is one single test case that pins Sony (or whoever) to the wall for breaking a anti-hacking law with their DRM. Licensing agreements (as currently written) will hold only so long.
They don't override the U.S. Constitution or any other national charter, they are overturnable by high courts. We need (and we can only wait and hope) for a case where someone corporate does something that results in something so bad--maiming, wrongful death or reckless endangerment murder, that they are thrown into the limelight for what they are. Sony depends on the U.S. government to enforce their program of DRM, so when it starts to hurt the government (the CIA springs a leak, the President's laptop gets hacked, or whatever), the government might overturn it, particularly the judicial branch. Elected congressmen can be bought, appointed judges much less so.
If these Sony legal eagles had read the writings of the Founding Fathers or the Constitution itself, they would know that the world will only be their sandbox for so long. History as a whole stands with the advance of human rights, because they are necessary.
Nice pre-emptive whining there.