Slashdot Mirror
Sony Pulls Controversial Anti-Piracy Software
An anonymous reader writes "Bowing to public outrage, Sony BMG has temporarily halted the use of its controversial anti-piracy software in all of its music CDs, the company said in a statement today. The move comes just a day after a top Bush administration official chided Sony and the entertainment industry for going too far: according to this story over at Washingtonpost.com, Stewart Baker, the Department of Homeland Security's policy czar warned would-be DRM makers: 'It's very important to remember that it's your intellectual property -- it's not your computer. And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days.' The Post has the full text and video of his commentary." We've reported on this story previously.
For the damage their program has already caused.
I forsee big lawsuits.
Facts do not cease to exist because they are ignored.
What difference does this statement make? None at all. It's not like Sony will recall the millions of CDs out there with the malware. This is just spin. Move along.
Other than the concern that a nation filled with Spears, Timberlake and Dion worshippers would be unable to defend the nation against an invasion by Canada or Luxembourg I fail to grasp the connection between Homeland Security and a moronic VP at Sony who is trying to render 1/2 of his company's music player division worthless.
If the g'vt kept the data on you that google does you'd better believe you'd be calling it "doing evil"
Good, now keep up the pressure. Unless Sony feels real pain for going too far it will encourage others to keep pushing the envelope on what is acceptable.
This is why punative damages for "bad behaviour" exist, to make the company take notice and change their behaviour.
Don't let them get off easy.
Man, what to say? They said something right for a change.
I for one am boycotting all Sony music from here on if it comes on CD. Windows root-kit, OSX kernel extensions ... how can you trust them? The RIAA and big record companies are getting very long in the tooth and I would love nothing more than to see them get taken down. They have all but destroyed the industry over the years and turned it into something worse than politics.
The most talented musicians I know are waiters, bus boys and taxi drivers, thanks to the recording industry.
Can't wait for someone to shake it all apart by releasing their works without the industry influences (and the industry taking their piece of the pie).
Are the people who purchased the DRM/spyware CDs due a replacement copy without the DRM/spyware?
It's all fun and games until someone loses the key to the handcuffs.
Wonderful to watch this going south in a big way, dragging the whole concept of DRM with it. We all owe Sony a debt of thanks, really.
x cp_art10
I particularly enjoyed this quote from First4Internet's website from their director of Sales & Marketing:
"We're not denying people access to the music," Macdonald said. "We're just trying to help them manage their access."
http://www.xcp-aurora.com/press_article.aspx?art=
Please! Please, Mr. MacDonald! Help me manage my access to my media by installing a rootkit!
'This writing business. Pencils and what-not. Over-rated if you ask me. Silly stuff. Nothing in it' - Eeyore
Check this out:
http://www.webwereld.nl/articles/38285
Someone in the Netherlands claims to have found certain strings from Lame's source code in Sony's app. Did Sony steal LGPL'd code?
Macintouch reports that Sony is also putting Macintosh DRM on some of its disks. No word if these kernel extensions - PhoenixNub1.kext and PhoenixNub12.kext - are a rootkit or not, and no word if Sony is suspending their use or not.
According to the Macintouch article, the Mac DRM is on Imogen Heap's Speak for Yourself, an RCA CD distributed by Sony/BMG.
I suspect that CD-makers won't be able to keep a stunt like this secret for 8 months next time, because their customers will be watching for such shenannigans.
Now we wait for Sony to issue a recall.
"All your replacement CDs are belong to us" - Sony's customers.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
On the other hand, I also hope that the DMCA will be really shaken by this event. After all, according to DMCA, Sony rootkit is protected software. Hit them in the wallet, me says!
Bite my shiny metal... oops... Nevermind!
Actually, I use a Vaio, so it actually is their computer. I feel _so_ f*cking pwned right now.
The dept of Homeland Security has been worried for some time about the possibility of foreign nationals creating botnets which might allow them to ddos critical online national assets. That's what has them interested (and wierdly on the right side) in this case.
/me gets migraine from wishing ill on everyone involved
So now, can Sony be pursued for violation of the USA/Patriot act?
Using plain ol' text since 1968
A Homeland Security honcho saying that all our computer are not belong to them?! Wow. Just... wow. Was Baker somehow shown the right end of a cluestick, or is this a temporary fluctuation in the collective subconscious?
I can assure you, the best way to get rid of dragons is to have one of your own.
There's a huge difference between just saying they'll stop going forward, and going to the effort of a recall, complete with replacement of discs people have ALREADY bought in addition to promptly pulling all CD's from stores that have this DRM on them.
I have afeeling they are doing neither though, I'd love to see a class action suit that demands all CD's sold are to be replaced with DRM-free versions on Sony's dime. Then perhaps it would sink home they'd done something a little wrong.
I wonder how liable the company that came up with the DRM in the first place is, perhaps Sony can shift all blame to them.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
...when the creators of the USA PATRIOT Act are on your case about in violating people's rights.
The Canadian Government agreed to provied 4000 army troops, a squadron of jets and a naval fleet to the U.S. in it's war on terror.
After the exchange rates, it came out to 4 canoes, 3 flying squirrels, and a 2 Canadian mounties.
I read Slashdot for the headlines, because the headlines, unlike the articles, are usually original and never duplicated
Slashdot Hive Mind overload!!!! Bush administration evil... but... music industry evil.... can't side with Bush... but can't side with Sony..... aaaghhh!!!
segmentation fault (core dump).
I don't know what I'd do if they removed the stuff PERMANENTLY!
My turnips listen for the soft cry of your love
A day after someone in the government goes, "Naughty, naughty," Sony's suddenly pulling their DRM, if even "temporarily".
It can't be anymore obvious what Sony thinks of their customers...
People will pass up steak once a week, for crap every day.
http://news.bbc.co.uk/2/hi/technology/4427606.stm
Regardless of who gets the money, the end result is that Sony suffers financially. And that may just serve as an example to other companies not to pull a similar stunt, lest they might lose money in a similar fashion.
Cyric Zndovzny at your service.
From the Washington Post article:
[Stewart Baker, Homeland Security's assistant secretary for policy, said:]
"If we have an avian flu outbreak here and it is even half as bad as the 1918 flu epidemic, we will be enormously dependent on being able to get remote access for a large number of people, and keeping the infrastructure functioning is a matter of life and death and we take it very seriously."
Does this mean if malware keeps people from getting medical help the authors can be convicted of manslaughter?
Jury: We find the defendant guilty on each of the 100 million counts of computer tampering and 2 million counts of involuntary manslaughter.
Judge: I hereby sentence you to 10 million sentences of 2 years of probation and 2 million sentences of 6 months in jail followed by 5 years probation. Due to the outrageous nature of your conduct, sentences are to be served consecutively. You should be out in time to watch the sun swallow the earth.
Delicious!!!!!!!
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Will sony give removal instructions? Their downloadable "patch" only updates their rootkit, but doesn't uninstall it.
An interesting read at: http://www.changethis.com/4.drm :
... "Without DRM, people will steal and artists won't get paid!" ... Usage of Digital Rights Management (DRM) has been hotly debated since a college student threatened to put an entire industry out of business with a little application he built in his spare time, Napster. In this transcript of a speech he gave at Microsoft's campus, Cory explains why DRM doesn't work, why DRM is bad for society, bad for business, bad for artists, and a bad move for Microsoft.
h tml
n isian_atseventeen.zip
"DRM punishes honest people!"
Using Sony and Apple as examples of companies that are using DRM to *punish* consumers, he suggests Microsoft use the opportunity to once again champion users' rights. To follow our current path, Cory argues, is to stifle innovation and contradict the purpose of American copyright law: to promote the useful arts and sciences."
I always find it very remarkable that the content industry treats the people who pay for their products -- in other industries also known as customers -- as criminals. People don't buy cd's because they want to screw the people who made them and make a zillion copies. Those people buy the damn things because they do *not* want to wast their time on copying!
And I also don't think the way customers are treated is in the interest of the artists, in whose name this whole mess is being created. Take a look at an excellent article by Janis Ian, a respectable musician:
http://www.janisian.com/article-internet_debacle.
"They told me downloads were "destroying sales", "ruining the music industry", and "costing you money".
Costing me money? I don't pretend to be an expert on intellectual property law, but I do know one thing. If a music industry executive claims I should agree with their agenda because it will make me more money, I put my hand on my wallet...and check it after they leave, just to make sure nothing's missing."
For what it's worth: this is a women who made more then 25 albums and wrote some very well known songs for other artists. One of her most known songs is "At seventeen", which can be downloaded for free, just like some other songs of her:
http://www.individualidade.com.br/janisian/mp3/ja
http://www.janisian.com/mp3_downloads.html
I think that Sony should replace my CDs that contain their DRM software free of charge. I do have to say that when I bought the Kings of Leon CD 5 months ago, I was a little angered by the copy protection and have tried to stray from buying CDs that had similar labels since then, but when you really like an artist, you have to plug your nose and go for it. Needless to say, I didn't put any of the subsequent CDs in my computer's CD-ROM drive.
English translation att icle&sid=215
http://dewinter.com/modules.php?name=News&file=ar
"A computerexpert, whose name is known by the redaction, discovered that the cd "Get Right With The Man" by "Van Zant" contains strings from the library version.c of Lame. This can be conluded from the string: "http://www.mp3dev.org/", "0.90", "LAME3.95", "3.95", "3.95 ".
But the expert has more proof. For example, the executable program go.exe contains a so called array largetbl. This is a part used in the module tables.c of libmp3lame."
It belongs to Microsoft.
They're spinning this with all their might. Remember that the patch they so proudly trumpet (look how serious we are about protecting our customers!) doesn't remove the rootkit - it merely disables the cloaking feature. Also note that while they say they are suspending manufacture of these CDs, there is no mention of any effort to remove already manufactured copies from store shelves or the distribution network. Considering that CDs are stamped in large production runs and then kept in inventory, they really haven't committed to anything except to "re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use." (and note how their goals do not include consumer privacy or control over their own electronic devices).
No, I don't think we forgive them for this for a long time yet.
...expect Sony to announce their monthly patch cycle for CDs? That's going to be a real bitch.
I agree that Sony will probably just write a check to a bunch of lawyers and maybe fire some guys, but why can't people go to jail for these kinds of things?
It always strikes me as odd that you can fuck up thousands of people's lives (in this case, their computers), knowingly and deliberately, and the only outcome is that some lawyers get rich and a few overpaid *might* have to use their golden parachutes.
Why isn't this thousands of counts of unauthorized use of a computer? I know that "throw 'em in jail" really isn't a large-scale social solution, but there needs to be a way for our corporate leaders to understand that not only can they not steal and get away with it (cf various corporate thefts), if they abuse their corporate power and mess with people lives, you know what, you might go to jail, too.
"As a precautionary measure, Sony BMG is temporarily suspending the manufacture of CDs containing XCP technology," it said in a statement.
So why aren't they recalling the product that's already in the channel? There are thousands (millions?) of discs sitting on retailers shelves that are just waiting to install the rootkit. Oh yeah, that would hurt their bottom line.
Until it costs them, they're not going to learn.
-ch
On second thought, shouldn't technology that can help prevent the further spreading of Celine Dion actually be considered a good thing?
Sure, a class action won't help consumers much. But the actual harm in this case was thankfully pretty small, anyway.
The reason you put together a class action is to consolidate thousands of small claims, and in doing so come up with a total liability that Sony has to pay for. A class action against Sony would cost them a nice chunck of change, "helping them manage their access" to consumers' computers. In other words, a class action, which will almost certainly be settled, is how hundreds of little guys get together to punish the big guy for infringing on their rights.
I don't think any other western democracy allows U.S.-style class actions, and that's because the class action fulfills a role in the U.S. that the government fills in other countries. Specifically, the class action allows private parties to regulate and enforce the laws via large monetary damages, e.g., environmental laws and consumer protection laws. In other countries, the national government would be more involved in enforcing these laws.
How about: "it's not your computer. You do not have the right to install software components on someone's computer that spy on them, without their permission. That is computer trespassing and wiretapping. The FBI is currently investigating; in the meantime, here is a court order to remove any CDs with this software from shelves immediately, and we expect you to fully assist consumers with identifying whether a machine has the software installed, and the removal process."
What Baker is doing is trumpeting the Homeland Security line ("Won't someone PLEASE think of the Homeland Security?!"), and distracting us from the more important issue-that a corporation installed trojan programs that spy on people, and probably broke an number of laws doing so.
Please help metamoderate.
AFAIK the current working theory is that those are strings the program is searching for, not that it's built with parts of LAME in it.
DRM implemented at the hardware level will do nothing. Some company will continue to manufacture the non DRM versions. They will make bank selling it. What about the legacy hardware? I still have a Pentium 75 sitting around as a jukebox. 1% of the population buys this hardware and seeds the content for the other 99%.
Also we're at least 10 years from hardware DRM, if it ever happens. What about the increase in microphone and speaker technology? Increases to the point where the old skool method of putting the tape player up to the radio acctually provides high quality.
People don't understand the information age. We can't understand it yet. It's a paradigm shift, in the true sense of the word not the corpspeak sense. Success will no longer be about selling information. Success will be about pointing people to the information. A subtle but important difference.
I find being offended by me offensive.
Should the F/OSS community in the US develop a file system wrapper that is a form of "DRM" so that anything that limits the use of files or mounted drives on the computer is trying to circumvent the DRM wrapper? Wouldn't that be a great day!
Cliff Claven
K.E.G. Party Chairman
Founding Leader of: Koncerned for Egalitarin Governance
If so, this might be the first time we've ever seen a trojan-trojan: a program that seems to be useful, but actually turns out to be harmful, but then actually turns out to be useful. :-)
Funny that a top dubya adminstration official chided Sony for its DRM debacle, when not but one day later, Bush is asking Congress to pass a tough new anti-piracy law. Read about it Here. If anything, the proposed law takes "going too far" to the next level.
"We also intend to re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use," Sony BMG added.
I really can't believe this clown is saying that. Did they ever have a security goal in mind??? Does this statement mean that they continue to do business as usual???
I went back to their FAQs, and found a few interesting lines:
- You must log on to your computer with Administrator rights or Power User rights to fully use the disc.
So I must be an admin just to listen to Ricky Martin??? Gimme a break.
- To date, Apple has not been willing to cooperate with our protection vendors to make ripping to iTunes and to the iPod a simple experience.
And hopefully it'll stay that way for a long, long, long time...
- the protection components are never installed without the consumer first accepting the End User License Agreement.
But nowhere in the EULA it is mentioned what the user is in fact installing.
- If at some point you wish to remove the software from your machine simply contact customer service through this link. You will, though, be unable to use the disc on your computer once you uninstall the components.
Now this is another issue. Sony is marketing their discs as CDs, but their are not campatible with standard CD players??? They can't slap the CD logo anywhere they want and get away with it. They have to follow the standards, or call their DRM discs something else and anounce in big bold letters that such disc may not be playable in all devices.
Let's take advantage of this whole mess with Sony. Right now is the perfect time to create some awareness on the average Joe about the implications of DRM and how the insdustry is going way too far with it.
Uncopyrightable: The longest word you can write without repeating a letter.
If that were true, it is strange that strings like "0.90", "LAME3.95", "3.95", "3.95 " -- indicating a specific version -- are in there.
9 69409
i ndowsmedia.drm/browse_frm/thread/8270cbc85f8e9cb8/ 7cb5c4ad49fa206e?lnk=st&q=FIRST4INTERNET&rnum=44&h l=en#7cb5c4ad49fa206e"
l
I mean, why would they look for a *specific* version of LAME if they want to rule out mp3 encoding software running on the machine?
Also check this post: http://slashdot.org/comments.pl?sid=167537&cid=13
"Go and check it yourself, and compare to lame sources. The data from tables.c is included in the executable in identical form (several large tables), also all the version strings are included, which the DRM system doesn't check.
The data is there, the big question is if it was linked accidently, or if it actually uses LAME code as well."
He's talking about the *data* of several large tables being in there.
Further more, the theory that the DRM software would be using these strings in order to look for "incompatible" programs does not look very plausable, because the DRM kit seems to look for program names rather than scanning the executables, judging from the strings posted here:
http://hack.fi/~muzzy/sony-drm-magic-list.txt
Besides, that does not explains the date from the tables being in there.
Further, we have a post by a F4I employee on usenet talking about an mp3 player he wrote:
http://groups.google.com/group/microsoft.public.w
"I am currently writing an MP3 player with lots of bells and whistles including a wave editor, fades, reverbs etc.
What I now need is to be able to protect the files it creates. I have already written the routine to convert the MP3 into a WMA file.
Does someone have some simple C++ code which can write Microsofts DRM v1 properties that the user whishes to set(i.e. 3plays 4 copies etc) over the unprotected file to make it protected. There may be some cash on offer here if its easy to use! All I need is a procedure that performs this"
And, another thing is that LAME also seems to be cabable of decoding: http://mp3decoders.mp3-tech.org/decoders_lame.htm
Taking things togeter, to me it looks unlikely that they are looking for a specific version of LAME by scanning trough executables, while for other mp3 playing software they simply look for the name of the executable.
I think it is very well possible they use of have used LAME in their mp3 player. Then the strings and tables either indicate that Lame is indeed being used by the bundled player to play mp3s, or they mistakenly linked the Lame library because they did use it in other parts of their software and somehow did not realise they were linking the Lame lib.
They're pulling it because it will open them up to serious legal issues the second someone is infected with trojans that use their software to do serious damage.
I have an e-mail message showing EECOL Electric in Canada telling it's employees, "DO NOT UNDER ANY CIRCUMSTANCES INSERT SONY MUSIC CD'S INTO YOUR COMPUTER, EITHER AT HOME OR WORK!" in big red letters, followed by an explanation of the situation.
I'm positive this isn't the only company which has sent out similar notices.
It's been a long time.
New Sony TV, DVD player, TiVo, etc with HDCP content protection? Sony ipod clone with more DRM that you can shake a stick at? Sony PSP with no way to play your own video at native resolution?
Are these exceptions in that they feel they still own these after your purchase them because it has their name on it?
Wonder if they'll be able to exclude the VAIO computers we bought from the class action suits.
This comment does not necessarily represent the views and opinions of the author.
Look for legislation in future designed to give *AA companies immunity from the consequences of future machine-frying DRM.
Tech Public Policy stuff
It's very important to remember that it's your intellectual property -- it's not your computer.
It might be a slight overreaction, but I'm so happy to see somebody of importance say that.
Now if somebody would say "It's your IP, but it's not your DVD player" and got rid of those 'Pirating movies over Internet is akin to car theft or gang rape' that you can't bypass unless, of course, you pirated the movie.
The sad part is, it takes legislative action to get media distributors to stop them activly pissing off their paying customers.
The Internet is generally stupid
Sony's Anti-piracy software wont seem to install itself on my distro of linux. Anyone else had the same problem? ;)
Is Sony recalling all the trojan infected CDs and replacing them with clean ones? No. They are only claiming that they will not put this malware on future CDs. If we forgive or forget any of this, we only invite them to do it again. We need to boycott all Sony products. I know a lot of people who are mad about this are tempted to still buy Playstation games, and a Playstation III when it comes out. Don't buy them. There are other game consoles, PC gaming, and even Mac gaming. Let Sony go bankrupt, and let the story of their demise serve as a lesson to the entertainment and electronics industries.
The Uncoveror: It's the real news.
Why would Sony package DRM that intentionally interferes with CD ripping in general. I'm not just talking about the DRMed CD. This stuff borks your ability to rip ANY CD. Why is that? Could it have something to do with the iTunes Music Store/iTunes.app place in online music? It's public knowledge that the RIAA is unhappy about Apple's dominant position in online music. Could it be that one RIAA member has decided to do something underhanded about it. I think this is an attempt to sour the whole "iTunes/iPod just works" experience. Another poster has already pointed out that this 'fix' from Sony only disables the file hiding aspect of the DRM. It does not remove the DRM or the CD ripping crippleware. I wouldn't be surprised if Apple legal were looking into a suit of their own here.
After the exchange rates, it came out to 4 canoes, 3 flying squirrels, and a 2 Canadian mounties.
...and a partridge in a pear tree. :)
(Sorry. I had to, particularly with Christmas rapidly approaching. I now prepare myself for the humorless mods and their dreaded "Off-topic" mod points since they don't have the humor to use +1 Funny. Bah. It's only karma.)
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.