Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bad Day To Be Sony

Posted by Zonk on from the who-needs-customer-loyalty dept.

Not only is Sony no longer selling the RootKit CDs, Arend writes "According to a USAToday article, Sony is to pull their controversial rootkit CDs from store shelves." A nice gesture, but a little late. bos writes "Sony's DRM rootkit has been found by Dan Kaminsky to have infected at least half a million networks, according to an article by Quinn Norton for Wired News. Dan has even put together some pretty pictures of the breadth of the infection." With so many people infected, it's unfortunate that wiredog writes "From The Washington Post comes the news that serious security flaws have been found in the software that Sony is distributing to users who want to remove the Sony rootkit. The article says: 'Because of the way the tool is configured ... it allows any Web page that the user subsequently visits to download, install and run any code that it likes.'" Oops. Even Microsoft is getting into the act. ares284 writes "Microsoft said it would remove controversial copy-protection software that CDs from music publisher Sony BMG install on personal computers, deeming it a security risk to PCs running on Windows."

6 of 812 comments (clear)

  1. The natives are restless.. by grub · · Score: 5, Informative


    Read the comments for this protected disc by Van Zant on the Sony label.
    ,br>OUCH.

    --
    Trolling is a art,
  2. No Refund by rozthepimp · · Score: 5, Informative

    From Sony regarding the XCP CD received today in an email: Sony has already addressed the issue of the security concerns via the Service Pack 2 update on our website. According to the terms of the EULA that you agreed to when first installing our software, you agreed to obtain and install any recommended updates. All major security vendors have and Microsoft have announced that the installation of the SP2 update removes their concerns over the original technology used on our CDs. Sony BMG does not offer a refund/return program for this product.

  3. Re:How to boycott? Website by saskboy · · Score: 5, Informative

    I just found the website claiming to lead the charge http://www.boycottsony.us/ in the boycott.

    I've been including information I think is important about the Sony case on my blog too since the story broke, but other sites have much more detail. I just try to break it down so the average joe knows what's going on if their brain turns off at acronyms like DRM.

    --
    Saskboy's blog is good. 9 out of 10 dentists agree.
  4. Phone Sony about the problem by Anonymous Coward · · Score: 5, Informative
    [...] with pitchforks in hand. Nevermind silly little boycotts.
    Although I can quite understand your feeling, I think it's always wrong to resort to violence, and in my mind even to boycotts, if you haven't at least tried to talk to the other party.

    According to the feedback page for Sony USA, you should call their Quality Management Department at 800-255-7514 (609-722-8224 in New Jersey) "if you believe a Sony Music product has a manufacturing defect".

    I would seem reasonable to give them the courtesy of doing what they ask for, and phone them before doing anything else.

    1. Re:Phone Sony about the problem by TheUnknownCoder · · Score: 5, Informative

      Well, you all know how Sony treats its (ex-)customers, and calling them will get you nowhere. So instead of calling or emailing Sony, contact the US Department of Justice , and demand an action against Sony. They have never charged a big corporation with a computer crime, but I believe that Sony should be the first one, and let it set an example.

      --
      Uncopyrightable: The longest word you can write without repeating a letter.
  5. Italian criminal probe requested by VENONA · · Score: 5, Informative

    It's widely published that legal actions have begun in California, New York, and Italy. The Italian situation is not just some class-action lawsuit. A complaint was filed with a criminal investigation unit last Friday.

    "The complaint alleges that XCP violates a number of Italy's computer security laws by causing damage to users' systems and by acting in the same way as malicious software, according to Andrea Monti, chairman of the ALCEI-EFI. "What Sony did qualifies as a criminal offense under Italian law," he said in an e-mail interview.

    Should police determine that a crime has been committed, prosecutors will be required to begin criminal proceedings against Sony, Monti said."

    Sony has declined to comment.

    From:
    http://www.computerworld.com/securitytopics/securi ty/story/0,10801,106064,00.html?source=NLT_PM&nid= 106064

    --
    What you do with a computer does not constitute the whole of computing.