Slashdot Mirror
DVD Jon's Code In Sony Rootkit?
An anonymous reader writes "With some help from Sabre Security, Sebastian Porst and Matti Nikki have identified some stolen GPL'd code in Sony's rootkit. Ironically the code in question seems to be VLC's demux/mp4/drms.c -- the de-DRMS code which circumvents Apple's DRM, written by 'DVD' Jon Lech Johansen and Sam Hocevar."
The Revenge of the Sick (with copy protections)!
Maybe Computers will never be as intelligent as Humans.
For sure they won't ever become so stupid. [VR-1988]
looks like they owe the kid some royalties...
If you don't know what AltaVista is (was), get off my lawn.
Not to be too l33t, but "Funniest story EVAR!!!one"
-- I have fans? Wow.
That's what I get for actually trying to RTFA, I guess.
.... still have feet after shooting themselves in the foot so often.
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
This is GPL'd code, not LGPL'd, right?
Anyway, DVD John can actually sue Sony for all *revenue* that Sony made from the sale of the CDs, if I'm not mistaken (not just profits). That would grab them where it hurts!
"I have never let my schooling interfere with my education." - Mark Twain
I said right off the bat, that the Sony DRM package would be full of other's code. Seems to me that Sony hired some blackhats to get the job done for them. Violating the GPL is definitely the least of their worries, but just another strike against what is becoming an increasingly corrupt music giant.
Read the only personal Runyon page out there.
...to which Sony will sink. Can you say "lawsuit?" Can you say "royalties?"
But again, just goes to show that protected software and software patents and such are all nonsense. Doesn't matter who it is, hacker or corporation, people are out there using other people's work without just compensation or recognition. It's only going to get worse.
GetOuttaMySpace - The Anti-Social Network
WOW, I can't believe how much Sony has screwed themselves here with this rootkit.
Just out of curiousity, please reply to this comment stating which game console you are going to buy and if this rootkit has changed your decision.
I initially was going to wait for PS3 but now I am boycotting Sony and will be getting a 360 in a week or so.
If you "get" pointers add me as a friend (116)!
Sony ought to be in some severely deep shit here. Of course they're a corporation, so they're mostly above the law, but we should still be able to get something to stick.
Real Daleks don't climb stairs - they level the building.
Rember, Sony purchased the rootkit from first4internet. They wrote the software that is abusing the GPL.
Most folks don't review the sourcecode of software they purchase to determine if its license-tree is clean.
Sony definitely made a truly dumb move by utilizing this DRM software (and several other dumb moves subsequently), but lets not let First4Internet off the hook either.
It's not my fault! It was this way when I got here.
This story get's weirder by the minute.
Though it wouldn't happen in a million years, I'd like to think this will bring Sony to it's knees. It won't, but someone can dream.
Not that I had anything against Sony in the first place, but since this crap they threw out there and expected everyone to just "take it", they need to be slapped and slapped often.
They haven't even apologized yet. At least I haven't seen it. Though just saying "sorry" doesn't cut it anymore as thousands of computers are now vulnerable in the world due to their greed.
"Leo Fender was in a 'state of grace' when he designed the Stratocaster." -- Paul Reed Smith
From the Sony binary file:
"pbclevtug (p) Nccyr Pbzchgre, Vap. Nyy Evtugf Erfreirq."
ROT 13 it, and you get
"copyright (c) Apple Computer, Inc. All Rights Reserved."
You couldn't make it up, could you?
"I Know You Are But What Am I?"
I think the EFF should dream up a contest, and the most crazily ironic story involving DRM, copyright, and the law would win a prize.
Oh, too late! Sony already wrote the best story, and it's actually happening before our eyes! Truth is stranger than fiction. And Sony wins many massive lawsuits. Err, I mean they lose them, the prize is they get sued.
Saskboy's blog is good. 9 out of 10 dentists agree.
there is no reason for me to boycott sony music.... since the ps3 is not made by them. i'll just wait.... for my ps3 .... fuc* M$ the have done worst!!! I'm so not getting a 360....
- - - - - .
DVD Jon's Code In Sony Rootkit? "The ironing is delicious".
3.(1) A person is guilty of an offence if
(a) he does any act which causes an unauthorised modification of the contents of any computer; and
(b) at the time when he does the act he has the requisite intent and the requisite knowledge.
(2) For the purposes of subsection (1)(b) above the requisite intent is an intent to cause a modification of the contents of any computer and by so doing
(a) to impair the operation of any computer;
(b) to prevent or hinder access to any program or data held in any computer; or
(c) to impair the operation of any such program or the reliability of any such data.
I think First4Internet's little toy is designed to prevent or hinder access to programs and data held in a computer, don't you? And I really doubt that their click-through EULA constitutes authorisation to do so; it was fraudulently claimed that the Software was necessary to play the music, which was a plain lie as is shown by every Linux and Apple machine that plays it just fine without the rootkit installed.
I might add that even though these discs are not available in the UK, the Computer Misuse Act still holds.
Anyone know if we could possibly get Inspector Knacker to take a look at these felonious fellows?
Real Daleks don't climb stairs - they level the building.
*I* have some of my code in SONY's DRM.
If I were Jon, I'd see this as a simple question of aquiring legal immunity. When Sony (a member of RIAA) knows that they're going to face a multi-million dollar lawsuit the very minute the RIAA trespasses onto him again, they'll make sure that it won't happen. Jon can live forever happily in the knowledge that he can code whatever the hell pleases him, and Sony gets to walk away (somewhat) unblemished.
Not that I could not before, but I can now copy and download all the Sony CDs I want without fearing a lawsuit. They apparently don't care about intellectual property.
God, root, what is difference ?
It's as if the First4Internet purposely created the most vile collection of stolen snippets and sold it to Sony. How much did they get paid for this poison pill? They may have done it on purpose. Is it malice or incompetence?
laughing my ass off. I am sitting at work reading this and busting out in laughter. Granted, I can't explain this idiocy to near anybody at work and it's a totally 'nerd' joke, but you know what... it's DAMN funny!
The price is always right if someone else is paying.
It could just be using extracts to identify the software. I mean, why would they want LAME and DeCSS on their CDs? They have no use. We don't need an MP3 encoder because any compressed copies will be already encoded in a DRM format. They really don't need to decode iTunes songs.
If these are small segments, used for identifying and diabling the software, then the copyright defence could be fair use. And there's no way I'll say that copyright shoudl prevent this.
So I looked through the links and while one of the discoverers made it quite clear that the LAME code is not being used as data (never refereced). However, it was unclear to me if that was true for the DVD Jon code.
I mean the DVD john code seems like exactly the sort of thing one might want to search for on someone's computer to stop pirating. If indeed it is used only to identify the code it may be covered under fair use. It's an interesting legal question that I vaguely remember came up in virus/worm/spyware cases. Namely can a malware writter use some kind of simple code modification method to foul up simple hashes and then insist his copyright prevents anti-virus manufacturers from including large enough parts of the malware code to accurately detect it.
It might not be pleasent but if it's fair for the good guys to use code under fair use for detection then the bad guys get to do it as well.
Which reminds me I don't even remember the legal status of this DVD Jon code in the US. Is it illegal under the DMCA? Does this deny it copyright protection or a different measure.
If you liked this thought maybe you would find my blog nice too:
This is like watching a comedy movie, except I didn't have to pay for a ticket!
(wait, does it mean MPAA will come after me?)
Circumcision is child abuse.
Get it here.
press releases here stating:
...
...
* First4internet loses Sony BGM as customer
* First4internet cancels XCP development
* Due to First4Internet's huge liability claims, First4Internet closes its doors
* First4Internet bought by Microsoft
* Profit ?
...if some clever programmers at First4Internet with an agenda did this on purpose.
:)
It was obviously a golden opportunity to bring the whole DRM BS to a head.
If that's the case, bravo!!
I assume that some grey, suited MBA type didn't put this code in. A geek did. Following on from that, they are almost certainly slashdot readers....
Does anyone have something they would like to tell us?
Open Source Drum Kit, LPLC deve board - mjhdesigns.com
I wonder if it's the same code they used in their digital camera rootkit.
... one must first understand recursion.
Sony uses rootkit to enforce DRM which incorporates code to circumflect DRM and thus can sue itself under the DMCA. C'mon! If this gets any more convoluted or self-referential, either the universe will explode (and be replaced with something even more complicated) or Sony will disappear in a puff of logic.
You buy a cd from sony (or an artist...), not from some spyware compagny. And if f4internet blaimes 1 roque employee, will you accept that as a defense?
No this is far beyond a "vote with your wallet" story. sony BMG broke some laws they though were important for their business model, and now they should bleed for it.
When some cheapskate downloads copyrighted MP3s from a P2P network, it's `copyright infringement', but when Sony uses GPL'd code it's `stealing', right?
Join the NFSNET. Our prime goal is making little numbers out of big ones. http://www.nfsnet.org/
...but I never thought they'd snoop that low. :-)
Coder's Stone: The programming language quick ref for iPad
SCO Unix source code found in Sony Rootkit. I wish.
It's worth looking at.
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
static char p_secret2[] =
"pbclevtug (p) Nccyr Pbzchgre, Vap. Nyy Evtugf Erfreirq.";
Being the first word "Copyright", the phrase is:
"Copyright (c) Apple Computer, Inc. All Right Reserved"
The alphabet is simmetrical, so e=r implies r=e
That's the section of the US Copyright Act that provides for forfeiture of infringing materials in the event of a violation. I wonder if the FSF has considered going into the music distribution business???? If there's anyone over at DOJ reading this, now might be a good time to go over to Sony headquarters and break down some doors. A perp walk would be nice too ...
I have been good for most of this year and I am willing to give up any claim I might have on a scalextric or video game if you could only make this /. story be true.
Yours,
Dave Smith
(Aged 34)
Right you lot. I've done my part now it is down to you to ask for enough money to prosecute this imbeciles so that they don't do anything quite so stupid again.
My god, at this rate SCO code will be found next
Stop invalid scientific research. Ask your local scientists to feed their lab rats with a phytoestrogen-free chow.
2005: If you want a vision of the future, imagine DVD-Jon and the LAME developers slapping a Sony executive with a herring marked "LGPL", forever.
Does anybody know if Sony pre-installs this rootkit in the computers they sell? I thought their laptops were good products, and normally would be among my choices if I were to get a new one (slight possibility I may want to get a Windows laptop), but this whole rootkit thing changes that. If they so blatantly forced it onto people's computers through music CDs, even trying to on Macs, then I don't imagine they would have any qualms about forcing it onto their computer buyers as well.
So obviously Sony (or the company that wrote the code if you want to get pedantic) is right to have infringed upon DVD Jon's code. However you won't see anywhere near as many posts saying as much in this article as the one I linked to. Why? Because GPL infringement affects a lot of members here, and they don't like the idea of their license being abused.
So it all comes down to slashdot isn't the place to go to if you want to hear intelligent debate about copyright laws. You'll just get a lot of chest thumping and hypocritical posts.
seriously, this has been spiraling so badly for Sony that I wouldn't be surprised if the next headline about them is that their entire corporate board of directors committed harakiri..
Next, Bill Gates will be saying "Look how dangerous the GPL is! The next time a large corporation wants to exploit their consumers using GPL code, they could be liable for damages! Waah!"
we should be equally as pissed (or moreso) at First 4 Internet for their GPL violations
;)
This one is not proven that F4I didn't give the source code and the license to Sony. In fact, I can't imagine that Sony doesn't have the source code (but who knows?). So the violation by Sony is proven, the one by F4I is not. OTOH, if F4I didn't inform Sony, Sony is still responsibable but not so guilty. I will read Slashdot tomorrow for more news
Million Dollar Screenshot
The GPL violations lie firmly on the shoulders of F4I. If Sony did not disassemble the code or inspect the source, they had no way of knowing.
maybe we can use this to enforce that when you buy software, you have to get the code as well, just as a means to check the code.
Cluster**ck
1. See "Sony Rootkit Debacle"
hard core geek-ware
Sony's official list. 52 records.
I just can't decide whether I should be laughing at Sony for biting their own feet, or angry about the ethical two-facedness going on in here. Push on with strict laws about "intellectual property" by whining about starving artists, then act like a jerk concerning the actual technological sides of the matter.
Speaking of it, I'm an amateur musician. How do I tag my songs so that, say, they can be copied from iPods to other computers? Or from the cell phones of a certain Korean manufacturer to other cell phones? Who exactly is holding my rights for ransom here?
I've been chasing down several accounts of government agencies, companies, educational institutions and others banning the use of Sony CDs on their PCs, due to the security risks of having Sony's rootkit DRM infecting their PCs. One government ministry, Alberta Agriculture, has banned the use of music CDs altogether, since Sony is hardly the only music company crippling its CDs with sneaky, malicious software. Here are a couple examples:
Here I thought this would only happen for "secure" workplaces. Sorta makes you feel sorry for SCO, they can't get anyone to even look at the crazy they're selling when Sony's got such a superior line of insane self-destructiveness.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Shoddy hardware, customer infamy,
DRM rootkit, music very crappy,
Every day that passes only reminds me :
BOYCOTT THE FUCK OUTTA SONY!
Ok, let's start a contest: who got more of his/her code in Sony's DRM sh*t ? :P
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
Didya notice... the spin that - possibly - Sony has managed to put on the story
CNN Europe and other mainstream media providers carried it like this:
The trouble with the Sony software is that it makes your computer VULNERABLE TO VIRUSES.
The mainstream spin is that the Sony software just opens the door to the bad guys. The word "rootkit" is not offered.
It makes out as though Sony blundered and issued some insecure software, and how big a deal is that?
This story deserves to grow and become a defining moment, but there's a long way from the tech community to the mainstream media.
Now is the winter of our disco tent
So stop you FUDing and realise all the next gen consoles will have copy protection. The PS3 will not have anything to do with this root-kit.
No mention made of "protecting our content" or "most people dont know what a rootkit is"! Major backtracking going on. They even talk about flexible access to content.
Sony probably still does not get it, but they are finally getting a) what people are so stocked up about and b) that they have a major PR disaster on their hands.
With the recent charges of price manipulation made in the UK, its oh so easy to slip in that Sony CD's will also mess up your computer, and stop you from burning MP3's in the future. I also slip in that you wont be able to swap/share PS3 discs with your friends. With the price fixing story still fresh in their minds people find it very easy to believe Sony is intent on gouging them.
They are going to have to do some major damage control, including groveling, to get this to go away. This press release is just the start.
Surur
Information is the location of things. Computation is moving things around.
How long SCO UNIX code is found in the SONY DRM code ?
http://cp.sonybmg.com/xcp/english/form11.html
Actually, I see a lot of commonality, summarized by the oft expressed comment:
Information wants to be free.
The GPL preserves that freedom. Maybe your understanding of people here being against copyright is wrong; maybe people here want a more permissive copyright.
(Maybe also people here are angry that kids can go to jail on the one hand, while corporations roam free for much worse. Maybe also people here have many different views, and one can not compare different views of different people and call them hypocritical.)
Lies about crimes
Of course, looking at how the whole thing developed and at the arrogance of some of their execs and the company as such after this whole mess started to blow up this reads like something cranked out by a third rate pr flack.
As far as I'm concerned: By pulling this shit off Sony proved beyond reasonable doubt that they are a company, which can not be trusted, ever!
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
Ok, so there is DVD John's code, OK so please somebody explain why? Seems many ppl here just enjoy mindless Sony bashing and trying to identify the any code, but nobody is asking any real questions. I know this is Slashdot, but I'm honestly becoming of very tired of all this rootkit news, I was really angry maybe a week ago, then they got sued, embrassed, they recalled it, and now offered an apology. This is so much more than we ever got from SCO or any of MSFT's many deeds. Congradulation folks, we won, now we are being sore-winners.
They're just pirating up a storm aren't they?
... is there anything they can't do?.
Oblig: I know a genuine Sorny when I see it.
He knows
IANAL (nor do I ever want to be), but my guess would be that F4I would count as the initial distributor and Sony would be able to claim ignorance to get out of it (which is true -- I highly doubt they had access to the source code).
You know, I think that this does make sense. However, this is a very dangerous line of reasoning. If you let Sony get off with no consequences for distributing stolen code, then you will never be able to prosecute any big corporatio for code copyright violations.
All a mega-corp need do is find a small, arms-length firm to launder the stolen code. Let that small firm actually steal it and then hand it on a silver platter to the mega-corp. If the mega-corp is caught, the small firm takes the hit and disappears in a puff of bankrupcy. Then mega-corp goes on to the next small firm.
If Sony truly didn't know about this, then they probably should not be liable for any statutory damages. However, they did distribute the code--which is technically a violation. Sony should be the one accountable for that violation and Sony should be able to sue First4Internet--unless of course First4Internet's license with Sony includes the standard indemnification clause like we see in most EULA's. In that case, Sony will be hoisted by their own petard--and it couldn't happen to a nicer group of people.
My father in law has never liked the cheap Sony products that have been in the market for over 25 years now. That is why "Sony" is Japanese for "crap". The rest of the world (is North America) has yet to understand.
This latest debacle just proves it.
First and formost, Sony is not run by a bunch of bumbling village idiots; These corperate administrators hide behind the name Sony as their sheild. It would not surprize me to see a Very high up Sony technicrat "retire" early.
Granted, Sony bought the software from a third party source, that still does not reduce their liability. Sony, if not caught, would have benefited from the actions of the software they purchased. Sony's solution is pathalogical at the very least.
But lets consider the government in all of this. The U.S. Government thinks its OK to allow strangers to enter our homes, without asking for permission? I think this is a constitutional law question that should be resolved. I think the someone that allowed this to happen should be allowed to retire early, also.
See: http://ars.userfriendly.org/cartoons/?id=20051117
Let's see if register4less servers are up to a challenge.
... why they're now called "SonyBMG"?
;)
;) (But who cares. I've more important stuff to do than prank calls or throwing foul eggs at them... [like reading slashdot for just one example. ;])
I worked with poeple from sony music and bmg in my last job, and you can believe me: the guy from sony told me himself that they were nearly dying. My colleague who was in the room was pretty shocked when he heard the details. This was 3 years ago.
It was not only sony music. It was their whole electronics sector that struggled... so pretty much everything...
So i don't know all of today's facts, but facing the single fact of their fusion i don't believe that this was not an action to save their asses.
BTW: I live only a mile from the Bertelsmann headquarters and worked for them. I still have pretty much access to their internal phone books.
Any sufficiently advanced intelligence is indistinguishable from stupidity.
Looks like a bunch of music execs are learning what happens when you leave your comfort zone. If this goes to court, Sony will have to disclose exactly what it contracted for with Firts4Internet, including what due diligence it performed to ensure it got what it asked for (basic quality control). First4Internet will no doubt rat out Sony to avoid the full brunt of this fiasco. I also suspect that Sony and First4Internet do not have the same e-mail retension policies as M$, and thus offer a treasure trove for the prosecution. Who knows what RIAA & MPAA correspondense this will dredge up.
So we're looking at hits to http://updates.xcp-aurora.com/ are we?
Real Daleks don't climb stairs - they level the building.
Having read the recent news on DRM, I wrote down these exciting new business opportunities on the train to work.
Forget music.
All over the world people are copying recipes.
Ok you might [possibly] know how to make a good pizza, but does the original inventor [chef / cook / whatever] ever get credits or royalties?
No!
Society even supports this activity and allows groups such as the Women's Institute (WI) to run cake stalls, selling potentially copyright infringing material. Who owns the recipe to dundee or banana cake?
In order to stop this outrage, I raise a call for arms for the introduction of PRM (physical rights management). Using nano-technology, PRM will introduce mechanisms to ensure that any ingredients purchased (i.e. a tin of tomatoes) are used only in a lawful, non copyright infringing way.
This future will transform your kitchen from a melting pot of illegality [note to advertising group: use images of cute kids making chocolate brownies in an unlawful way interlaced with shots of muggers, burglars and murderers] into a controlled safe environment where both you (as good parents) and your children can cook non copyright infringing food. [note to advertising group: use happy faces of a family unit interspersed with images of a caring yet cool corporation]
Furthermore, PRM, will help prevent any counterfeiting of popular goods (fairy cakes, shepherds pie) by organised crime or terror groups looking for fundraising.
Under PRM, you will no longer buy unlicensed ingredients but instead the right to use an ingredient or product for a legal safe purpose protected by the PRM nano-technology (trademarked as SAFE FOOD).
At the supermarket, SAFE FOOD will determine your purpose of use at the point of sale (i.e. you want to make pizza etc). SAFE FOOD patented technology will then check all the necessary copyright law, pay the relevant royalties necessary by automatically debiting your credit card and finally provide you with a personalised EULA, printed in a clearly unreadable micro-dot on the inside of the tin.
To avoid the consumer being put to any inconvenience, SAFE FOOD does not require any input from the consumer and the placing of the tin in a shopping bag will be legally binding as acceptance of the EULA.
How do we know the purpose of say a tin of tomatoes without input from the consumer?
Simple, using our advanced technology we have been able to create mathematically proven algorithims which use all the currently available information on a consumer to accurately predict the consumer choice. This is our patented technology known as CORRECT CHOICE.
Should you wish to change your mind after purchasing and decide not to make the CORRECT CHOICE recipe (such as making spaghetti bolognese, because let's face it you've eaten too much pizza) then you will be required to purchase another tin of tomatoes licensed for that purpose.
In order to protect your rights and safety - should your ingredient be used for any unlicensed purpose (i.e. not the CORRECT CHOICE recipe), then SAFE FOOD will turn your ingredient into an obnoxious foul smelling mess in order to stop any unlawful acts occurring or being consumed.
This will also prevent theft of your product by another person, as the EULA will specify the recipients of the ingredients eg. the named members of your household and any guest you may have specified at the point of sale.
Furthermore to avoid consumers becoming concerned or confused over how SAFE FOOD or CORRECT CHOICE works, we are introducing new legislation to make it illegal for anyone other than us to understand or question it.
Any possible minor but unlikely side effects?
* an unexpected guest arrives and you have no ingredients with appropriate licenses.
* the licensed owner of the product dies, lea
Sony issued an 'apology' yesterday: http://cp.sonybmg.com/xcp/
Tom Anthony
negligance...
did he perform due dilligence to make sure his open source potentially mis-usable code wouldn't get used by some unauthorized party to do something bad?
I know it's ridiculous, but I could almost see it happening
-judging another only defines yourself
Shame on you /.ers. Shame. NOBODY has yet pointed out that this code was not stolen, it's copyright was infringed.
Do you believe in principles or not? Don't be hypocrites.
My beliefs do not require that you agree with them.
The way I see it, sony is one of the major companies authorized to create DVD players and license people to do so, perhaps. They are distributing code in their rootkit that has the capability to decode DVDs. As soon as a court forces them to release the source code to it under the LGPL, then evryone should have a clear license from Sony to make DVD player software (if this wasn't settled a long tie ago...)
Randy.Flood@RHCE2B.COM
Sony should NOT stick to music either!! They tried to shut down Beatallica (http://www.beatallica.org/) cuz they created spoof songs based on the Beatles and Metallica. Sony will go after ANYONE - even if you are simple metal d00ds from milwaukee, wisconsin who were just having a good time!
g _shut_d.html
l licaorg.html
shame on sony - over and over again.
http://www.boingboing.net/2005/02/24/beatallicaor
maybe DVD Jon should call Larz and have him step in!
http://www.boingboing.net/2005/02/20/sony_v_beata
--srgtd
Because it seems like what you're saying is that Sony is up shit creek because they did not include a clause in their contract that gave them access to the source so they could verify it.
On the other hand, I'd assume that in the contract between Sony and F4I, one side indemnified the other as part of the standard legalese.
[Fuck Beta]
o0t!
Misue of computer systems is covered under Criminal Code of Canada:
* 342.1(1) Unauthorized use of computer
The punishment for breaking this law is up to 10 years in prison, or is guilty
of an offence punishable on summary conviction (leading to increased jail time).
* 430(1.1) Mischief in relation to data
The punishment for breaking this law is up to 10 years in prison, or is guilty
of an offence punishable on summary conviction (leading to increased jail time).
So it's totally actionable in a few countries.
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
The thing I find ironic about this whole Sony thing is that Sony was the "white knight" in the last generation's battle over fair use and intellectual property, in the Betamax case.
"we won"
Not until Sony says "Gee, screwing consumers with DRM was a mistake, we'll innovate and encourage a lot of small acts to stimulate the business. At the same time, we'll stop writing one-sided contracts to artists so that they can fully share in the fruits of their labor".
THEN we'll have won. Until then, Sony has got to be put out of business.
Did you know copyright infringement is a crime?
4 _e.htm
s c_sec_18_00002318----000-.html
Well, it is.
Or at least, it should be in all countries that singed the TRIPs agreement. It says so in article 61:
http://www.wto.org/english/tratop_e/trips_e/t_agm
--
SECTION 5: CRIMINAL PROCEDURES
Article 61
Members shall provide for criminal procedures and penalties to be applied at least in cases of wilful trademark counterfeiting or copyright piracy on a commercial scale. Remedies available shall include imprisonment and/or monetary fines sufficient to provide a deterrent, consistently with the level of penalties applied for crimes of a corresponding gravity. In appropriate cases, remedies available shall also include the seizure, forfeiture and destruction of the infringing goods and of any materials and implements the predominant use of which has been in the commission of the offence. Members may provide for criminal procedures and penalties to be applied in other cases of infringement of
intellectual property rights, in particular where they are committed wilfully and on a commercial scale.
--
So, commercial copyright infringement, as is obviously the case here, is to be regarded a criminal offence in all countries that signed the TRIPs agreement. And if it is a criminal offence, the government is responsible to take the offender to court and throw him in jail should he be found quilty!
All you gotta do is go to the police and hand over all evidence you can find regarding this alleged crime. Then the police should start investigating in order to bring these criminals to justice!
This is great! This is the key to enforcing the GPL globally without having to be the author or copyright owner of the code of which the copyright has been violated. That's the beauty of criminal offences. These are prosecuted by the government on behalf of the public.
Let's take a look at what I could find on this in the US law, since these disks have been sold in the US, haven't they?
What I found out is that -- for me -- over the ocean, they have the "Anticounterfeiting Act of 2004":
http://www.publicknowledge.org/issues/hr2391
"Provides penalties and jail sentences for trafficking in "counterfeit labels, illicit labels or counterfeit documentation or packaging" of records, software, movies, etc. The original bill also provided penalties for filing false information with Internet registrars, but that portion wasn't picked up in the omnibus. Passed the House Sept. 21, 2004."
As far as I can see, this is the law text that applies and apparantly is in act:
http://www.law.cornell.edu/uscode/html/uscode18/u
--
TITLE 18 > PART I > CHAPTER 113 > 2318 Trafficking in counterfeit labels for phonorecords, copies of computer programs or computer program documentation or packaging, and copies of motion pictures or other audio visual works, and trafficking in counterfeit computer program documentation or packaging
Release date: 2005-08-03
(a) Whoever, in any of the circumstances described in subsection (c) of this section, knowingly traffics in a counterfeit label affixed or designed to be affixed to a phonorecord, or a copy of a computer program or documentation or packaging for a computer program, or a copy of a motion picture or other audiovisual work, and whoever, in any of the circumstances described in subsection (c) of this section, knowingly traffics in counterfeit documentation or packaging for a computer program, shall be fined under this title or imprisoned for not more than five years, or both."
--
"or a copy of a computer program"
Looks like those criminals copying GPLed software can be sent to jail!
According to this they're already looking into it
-- "At Microsoft, quality is job 1.1" -- PC Magazine, Nov. 1994
There are many types of copyright violations with very different types of severity:
The first type is when someone goes out and downloads a song, lets say "...And Justice for All" by Metalica they have simply avoided paying for it by getting it through illegal means. This does not equate to any directly measurable loss of revenue because when the effective price of something is lowered, people are more likely to get it. Thus it is not only likely that someone would not have bought the CD if the pirate mp3s were not available, but it is actually more likely than not. This is of cause not a wholly moral practice, but it is cirtainly not as bad as many other evils that exist in society today. These are the infractions that occur on Kazaa and the ilk.
The second type of infraction is where one duplicates the media on which intellectual property is contained and sells it themselves at an actual monitary price. This is very different since there is a very obvious minimum bounds of loss of revinue caused by this which is of cause the markup on the pirated media. Motivation also changes in this type since there is a very clear misdirection in the chain of money where the pirate gets a clear financial benifit wheras they recieve none in the first set. This type of violation is criminal in most juristictions whereas the first type is wholly civil.
The third and most severe case is where intellectual property is rebranded and its credit is misappropriated to another party. This historically has been a result of industrial espionage but today, open source software is very vulnarable to it. This is equivalant to the Kazaa casual pirate claiming that they wrote "...And Justice for All". It means that not only does the pirate get the profit for the sale of the intellectual property instead of the legal creator, but those who are convinced to use this thing in future by seeing the rebranded thing will never go to the real author to get a copy for themselves. In either of the previous two types there is a likelyhood that the author will eventually get money or whatever they are looking for (usually an ego boost in the case of OSS) but in the third type this is not the cause. This is a far more thorough missapropriation of this IP and thus the term "stealing" is far more appropriate.
The reason that these three types are so neatly ranked is that as you can see, each one is a subset of the type before. Not everyone gets annoyed by violations every layer since OSS doesn't mind first or second type occuring but hates the third kind. SUN doesn't mind the first type occuring but hates the second and third with Java. Public domain doesn't mind any of the three. But no one will let one layer slide that is above something that annoys them.
This case with sony is clearly not a third type violation (which I would call stealing) but is a second type (which I would call piracy) since Sony did not claim to write this software or even advertise its existence. The GPL says you can do second type scenarios on the condition that you distribute the source code. Sony redistributed this IP for money but did not distribute the source code AFAIK so they voilated the rules on this level. This puts them on par with sleezy bootleg vendors on street courners and ebay pirate CD vendors but significantly worse than some kid downloading Nelly mp3s off Kazaa and significantly better than the jerks behind CherryOS.
So there you have it, why downloading some dumb pop song off the internet isn't as bad as taking credit for someone elses hard work and making millions of dollars off it and why sony are half way in between on this one.
When Argumentum ad Hominem falls short, try Argumentum ad Matrem
So, How deep does the rabbit hole go with Sony?
Just in case you were wondering like I was, Videolan has retained the copyright in the drms.c file:
* Copyright (C) 2004 VideoLAN
* $Id: drms.c 10101 2005-03-02 16:47:31Z robux4 $
*
* Authors: Jon Lech Johansen
* Sam Hocevar
I can imagine some very interesting discussions between Videolan's lawyers and Sony-BMG's lawyers in the coming days and weeks. Unfortunately, we never hear much about them, since it seems likely that Sony would be quite willing to pay extra for a confidentiality agreement to keep this out of the news as much as possible.
Robertson might be interested in bankrolling Jon in any litigation against Sony.
My web domain.
Why didn't google put a stop to this? Surely they have the resources. I think this whole thing is google's fault. I blame google. They just sort of stood by, and watched.
So wait, code used to circumvent DRM is being used in a tool to enforce DRM (albeit crappily)?
This Sony thing is big, it even made my local news last night - about Sony recalling the discs, although they called the rootkit a "virus". Typical local reporting.
The Doormat
If you're not outraged, then you're not paying attention.
Don't you think they're celebrating now that using audio CD's in PC's is a security risk? I'm suprised they haven't done this sooner. Pretty soon, we'll be asking for Trusted Computing because because it will protect us from oursel^h^h^h^h^h^h the security risks inherent in unsafe CD playing....
See here: http://ars.userfriendly.org/cartoons/?id=20051116
;-)
(There are more strips about the Sony issue, just browse back and forth a little..)
This just keeps getting better and better. Not only that, but Sony isn't the only company who's going to take it in the ass over this rootkit bit.
It's been pointed out that First 4 Internet is to blame for this, too. This is because they made the DRM package, including the rootkit, and if they took code from an LGPL project and sold it as part of a piece of commercial software without permission from the original author, they infringed upon a copyright. They're every bit as responsible for this mess as Sony. Sony, meanwhile, should have inspected the software they were baking into their CDs - and they may actually have done so and let this slide - before going ahead with it. They may also be held liable for replicating a piece of software which infringes upon an existing copyright, in addition to being grossly irresponsible about the whole thing. Either way, the mess just keeps getting bigger.
None the less, I still can't get WISH TV 8 to feature this whole story on the news. Crap.
It might as well say. "We regret that we were unable to get away with this."
You won't find the word "sorry" or "apology/apologize" in that document.
Nor does it even express regret for putting a rootkit on there in the first place, let alone express regret for using DRM (we should be so lucky)!
It just says "please stop being angry with us".
http://lkml.org/lkml/2005/8/20/95
The actual noise comes from the fact that the same guys that so expeditively push for enforcing copyright when it suits their purses would seem to have no respect for it when it comes to taking advantage of the altruist work of some free software programmer. How hypocritical!
Of course probably Sony didn't even know what was inside the XCP product they bought from First4Internet, but in any case now that they should know it they should be doing whatever it takes to "repair" the damage (at least they should stop to redistribute the infringing product).
Yet another aspect of this is whether software licence agreements that preclude the user from disassembling the product should be even legal. In this case such a disposition in the agreement could have been used knowingly with the objective of hiding the infringement.
Sony claim they are doing this to prevent piracy. But as a side effect it means users can't make 'fair use' of music they have bought on music players such as the iPod. But of course Sony benefit from this because they have their own music players, including players based on their own proprietary atrac format. So maybe this 'side effect' isn't a side effect after all. If that is the case, this rootkit isn't an anti-piracy tool gone wrong but a hideous piece of software whose purpose is to surreptitiously push users towards Sony products. In other words it's like Adware but worse - it deliberately breaks your PC to make it incompatible with competitor's products. If this can be proved to be the case then it seems to me that the law could come down on Sony pretty damn badly. I certainly hope so anyway.
What will you bet that stiffer penalties only apply to you and me. Corp-Rat entities will never see the stiff end of the stick.
Quote from : www.pallabs.org/people.php
If you want to use external software, please choose one according to set of well defined criteria relating to functionality, security and cost. Don't just choose the one made by your friends current company.
Good News: The private company for which I work was in the process of purchasing about 1200 new laptop computers for our mobile workforce. We had "prequalified" three potential vendors, including SONY; based on this DRM crap, I was able to convince senior management that purchasing our laptops from a company that goes to such low, unethical levels in installing DRM/Rootkit software on people's computers makes SONY UNworthy of our business. Senior management was completely convinced and NOW Sony is COMPLETELY off our purchase list; it is NOW down to two vendors, Dell and Toshiba!!! Fuck you, SONY!!! Now give us a simplified UNinstaller that works to remove the crap we've discovered on several of our existing laptops!!!! We NO longer allow our employees to use SONY/BMG cds/dvds on our computers. If I have my say, we will NEVER purchase another product (laptops, accessories, etc.) from SONY!!!
This would be an excellent vehicle for the Electronic Frontier Foundation to use in a suit against Sony and penal charges against Sony and its subcontractors that supplied the DRM. Sony will probably claim 'ignorance', but: 'ignorance of the law is no excuse'....unless these media/IP oligarchs are really above the law. Sony with malice aforethought obtained the means, the 'licenced DRM malware'; possessed the method, its control of distribution networks; and the opportunity to foist this on a drm weary cd purchasing public. This after just a couple of weeks ago, some monopolists suggested that the weakness in their universal control plots was the purchased CD that could go anywhere and into any player after it left the store.
Write to your congressmen/senators and ask them the question in my sig.
Equality before law is a fundamental tenet, and before the law, distributing == being a party to (which is a central argument in the P2P lawsuits).
I also think the EFF should get involved in a test case against Sony. If Sony gets whacked, so much the better. If they don't, it'll be a very effective precedent that's likely to favour blackhats (we'll likely see viruses/worms that include media content (maybe the virus writer's home videos?) and EULAs next).
Go somewhere random
It's not theft, it's copyright infringement ;)
I am the man with no sig!
Let me preface by saying this differs from jurisdiction to jurisdiction. It is usually a crime to willfully sell stolen goods. It's not normally a crime to sell something if you didn't know it was stolen. That's the criminal aspect.
Copyright infringement and theft-related things like conversion are civil torts. Torts do not normally require that you commit the act willfully for you to be liable for it. A person committing copyright infringement without realizing it is still liable for direct infringement and, if there are damages, they will have to pay those damages. Similarly, if someone sells you a stolen radio, and you're caught with it, that radio will be taken away from you without compensation.
At first glance, this seems remarkably unfair, punishing someone who didn't know they were doing something wrong, but remember:
a) Damages in civil torts are not there to punish the offender, they're there to ensure the victim is compensated. Whether or not you did it on purpose doesn't matter: the victim was still damaged. You caused the damage, and even though you didn't realize it, it's still the fair thing for you to compensate the victim.
b) If you can prove that someone else sold you that stolen radio and it was reasonable for you to believe it was legitimate, or that someone else gave you the copyrighted work and didn't tell you what was in it and that caused you to (reasonably) commit infringement without realizing it, you can always haul their butt into court along with you. They will pay damages, not you. It will all work out in the end.
It was all an RIAA scam to harvest IP addresses for future lawsuits. Everyone knows that people who buy CDs also download music and "paying customer" is just another word for "criminal" and "pirate"(ARRRG!!!) and people like to give away what they paid for with their hard earned money. Eventually the Sony virus receives an update instructing it to search paying customer's computer for *.mp3 and report back with the list of possibly shared files, current IP and timestamp. In a few weeks to months person is sued by the RIAA. And it was all done without having to pay outside "agents", First 4 Internet couldn't have been paid that much.
yes, conspiracy theory-ish and I hope none of it's true, the RIAA can't be that bad.
F7 doesn't work, ignore spelling and grammar
I'm suprised that the execs at Sony ... still have feet after shooting themselves in the foot so often.
If they were Yakuza somebody would be down a finger joint by now. B-)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
"The GPL violations lie firmly on the shoulders of F4I. If Sony did not disassemble the code or inspect the source, they had no way of knowing."
Well I guess we could look at Sony the same way they look at peer to peer networks. While the act of distributing CD's is not illegal as the act of file sharing is not illegal, it seems unfortunately that SONY has enabled the violations of copyrights as peer to peer networks have done as well.
Maybe Sony should not be allowed to distribute CD's anymore until they have a proven program in place that ensures no illegally copied material is on their CD's. Kind of like what they are trying to do with ISP's and peer to peer.
-Nuke the moon
I used to like Sony products -- particularly their higher-end TVs. While others have claimed poor quality control and warranty support on ther sets, I've been lucky -- until recently: a four year old 4:3 HDTV set is starting to die.
Now this.
Camel's back: meet the last straw.
You could've hired me.
sicker is that apparently the companies that we rely on for getting rid of root kits knew about the software since 2004 and did nothing. good going guys.
doesn't it really make you look forward to VISTA - it is going to have this crap all over the os - they are working with media companies so everyone has to use windows to watch TV or DVDs.
none of these companies care about the consumer - they are going to give us what they are going to give us and that's it.
this why I chose open source and always will. no one is going to tell me how to use my computer.
Is the correct term.
Sure, you could redefine theft to include the lack of transfer of funds as may be required by the combination of law and license, or other definitions, but please don't.
The word theft is more useful when it refers to the act of reducing an owner's posession in order to increase someone else's.
When copying, you are merely increasing the posession of one, and not decreasing the posession of another.
Sure, you're violating what he demanded of you.
Sure, you're violating the law.
Sure, you're doing something many consider wrong.
But you're not stealing. Stop changing English in non-useful ways!
Yes, the report was technically incorrect, but I didn't mind seeing it put that way regardless.
Rush Limbaugh likes to reference the metaphor of Buggy Whip makers in a world of Automobiles. I think this is a good metaphor to use here. The broadcast TV, Telephone and Cellular companies are very much like the Buggy Whip makers. If they are unable to adapt to the new fast world of Automobiles they will fail. The carriage makers made the transition just fine. They turned into the car manufactures. The current Telecommunications bill seems to seek to prop up the Buggy Whip makers (Telephone companies). But also remember other laws makes it very difficult for the Buggy Whip makers to make Automobiles. The 911 service is one of those things holding them back.
If the law demands certain content from some (911) and not from others then the Net is not a level playing field. The Net must be preserved as a level playing field. The Telcos can not be forced to provide services that others don't.
If you can reference Limbaugh to support the Ideas Doc puts forth you will go a long way with so-called conservatives.
From the SCC vs Lexmark appellate decision:
But even if a work is in some sense "original" under 102(a), it still may not be copyrightable because 102(b) provides that "[i]n no case does copyright protection for an original work of authorship extend to any idea, procedure, process, system, method of operation, concept, principle, or discovery, regardless of [its] form." 17 U.S.C. 102(b). ...
For similar reasons, when external factors constrain the choice of expressive vehicle, the doctrine of "scènes à faire"--"scenes," in other words, "that must be done"--precludes copyright protection. See Twentieth Century Fox Film, 361 F.3d at 319-20; see generally Nimmer 13.03[B][4]. In the literary context, the doctrine means that certain phrases that are "standard, stock, . . . or that necessarily follow from a common theme or setting" may not obtain copyright protection. Gates Rubber, 9 F.3d at 838. In the computer-software context, the doctrine means that the elements of a program dictated by practical realities--e.g., by hardware standards and mechanical specifications, software standards and compatibility requirements, computer manufacturer design standards, target industry practices, and standard computer programming practices--may not obtain protection. Id. (citing case examples); see Sega Enters., 977 F.2d at 1524 ("To the extent that a work is functional or factual, it may be copied."); Brown Bag Software v. Symantec Corp., 960 F.2d 1465, 1473 (9th Cir. 1992) (affirming district court's finding that "[p]laintiffs may not claim copyright protection of an . . . expression that is, if not standard, then commonplace in the computer software industry"). As "an industry-wide goal," programming "[e]fficiency" represents an external constraint that figures prominently in the copyrightability of computer programs. Altai, 982 F.2d at 708.
Because it may be ripping off copyrighted source.
And it is getting easier every day to mine compiled closed source for suspicious blocks of binary.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
If an individual had done everything Sony is accused of doing, wouldn't they be like in jail now or something? Why does the Sony corporation get a pass if they enjoy the same rights as an individual?
dont i recall some senator or something who was advocating the right of a corporation to "mess up" the computer of anyone who has "stolen" their intellectual property
If you die horribly on television, you will not have died in vain. You will have entertained us.
--Kurt Vonnegut
Even if the string was copyrightable, your use is purely functional, and thus not subject to copyright laws in this case.
See Sega Vs Accolade
I was initially outraged by this whole affair, but after I saw this list of affected titles, I decided folks got what was comin' to 'em.
If it is true that Sony distributed a binary that contains GPL'd code, then someone who received the binary (i.e. bought one of these CDs) should request the source code for the rootkit from Sony, which they are required to make availible.
I would be interested to know what Sony's reaction to such a request might be.
I think there are laws against being a 'fence' for stolen goods.
Sony might need to prove due diligence was exercised in assuring the rootkit, er, code it purchased wasn't using stolen code.
-l
there is no GPL violation here until someone asks for the source and doesn't get it. ..so can someone please write to sony and ask them for the source code to their rootkit?
oh.. also write to your local newspaper and let them know the situation.
> It' actually quite simple.
/your/ definition, I've already been entitled to my 1%x$16 from my record company and can make a succesful living from $1.60. The other 999,999 copies of my art (work) is just "infringement" on my livelihood and really doesn't matter that my songs are sitting on those people's drives and they listen to them daily. Those copies are just some /imaginary/ hocus pocus collection of magnetic bit doodad which magically transforms itself into soundwaves through my computer speakers. No biggy. Not theft. Right?
Yes, it is. Except for petty thieves like you. Let's try theoryville for the imagination challenged, like yourself...
I'm a musician and my record label sells 1 CD. We find out later that it's been traded and shared over p2p 1,000,000 times. By
Bzzzzt. here's a clue, sparky...
copyright violation = theft
Nice try with the flawed and criminally skewed logic there. By all means, try and use that excuse (and your definitions) while standing before a judge.
oops. Don't you look like the rusted fountain pipe sipper...
I'd guess that they may have wanted to crack DRM'd Apple media wide open in order to phone home *exact internal details* of what a user is listening to regarding their competitor's products. Together with the slightly older news that this software has been discovered to phone home secretly, it makes quite some sense.
If this software is really doing such sophisticated, non-trivial and specific operations, then it's quite likely that those Sony BMG criminals were fully informed about what this software would be doing for them!
(and thus it will be very hard for them to blame any and all illegal activities on the first4internet guys alone!!)
Suddenly the thought of committing Seppuku becomes more and more enticing...
The frightening thing about that article is that I didn't realize it was satire until I noticed your moderation here. With what's come out of Sony (and others) recently, that story will well become normal soon.
On that note, I think it's time to start up a campaign to LIMIT Linux adoption by the masses. The way things are today, I'd be terrified to use damn near anything on a Windows PC.
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
It's not theft. It's copyright infringement, and Sony and others sue hundreds of people every month for many thousands of dollars over it.
Are you saying DVD Jon doesn't have the same rights as Sony?
Kythe
http://www.doxpara.com/?q=sony/ Has some VERY interesting information as to just how far this little beastie has spread. You see it turns out this code actually phones home somehow and by doing so it touches DNS servers - and this information can be found out. The author of that page has done some VERY interesting things in the past with DNS and his sessions at DEFCON are always interesting. If his conclusions are true then this is FAR more than "thousands" and likely edging into the millions range. He has some nice pictures too thanks to the GeoIP folks but I wouldn't trust that the locations are tooo accurate
:-) Check out this Wired article concerning this as well http://www.wired.com/news/privacy/0,1848,69601,00. html?tw=rss.TOP/> This draws some pretty interesting conclusions regarding how fast the various anti-virus people and Microsoft responded to this piece of software. NOT COOL!
Since I'm whoring
Build it, Drive it, Improve it! Hybridz.org
If, when it is revealed that the fuel pump causes fires and the automaker issues an immediate recall, often they are indemified from any furhter lawsuits (IIRC, you can still sue, but your settlement will be substantionally smaller as case history shows).
Sony has taken the first step in this process, they yanked the disks off the shelf. Now if they issue a notice that they will replace disks with non (or different) DRM tech, then they are going to greatly lower their lawsuit potential.
The problem with this analogy is that Sony has known all along what was included on their disks and what it did. And they took more than two weeks after someone first cried foul to take reasonable actions regarding it.
Really, it doesn't matter. This wasn't accidental. Sony deliberately included malicious software on their CD's, and in the process, likely violated some pretty serious laws.
Kythe
Distribution in and of itself isn't the problem, it's one of making copies without permission (i.e. Making a CD with unlicensed GPLed code (If you don't agree to the GPL or don't abide by the terms, you lose the reproduction and derivative works rights granted by the same...))- Sony is guilty of an act of infringement with an intent to profit by it.
Simply put, there should be criminal charges brought up against everyone in the decision chain for this mess- which includes any execs in Sony BMG or Sony corporate, First4Internet, etc. They would hang anybody else that would commit this sort of act out to dry- Sony and anyone else involved should be treated in the exact same way.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
I can't believe how much Sony dropped the ball on this one.
What the hell is the point, Sony? You implement copy protection that doesn't protect against making copies, but it sure can f*ck up the random user that just wants to listen to music and without your crap on thier machine.
Torrent Ricky Martin - Life [2005] [Covers] [Pop]
Tracker http://xxxxxx.xxx.to/announce
Hash c14de4272e9d8a5362b7b4280b968ec522cfc39b
Torrent Celine Dion - On Ne Change Pas [FR Retail] [2CDs] [2005] [Pop]
Tracker http://xxxxxx.xxx.to/announce
Hash dc76d6cf60eff5260698bf848f165a29bb0a41ca
Good game. If I wanted to listen to this crap, I could just download it and not bother with your sh*tty cds.
I own 2 Sony comps, and neither test positive for the rootkit using RootkitRevealer. They are, however, > 1 year old.
You better watch out, there may be dogs about . .
I bet they'll find the Linux 2.7 kernel in there, too. SCO for the win!
That would be Orin Hatch.
0 .html
http://www.wired.com/news/politics/0,1283,59305,0
What a load. Sony/RIAA went after the parents/grandparents of downloading children, holding them accountable for distributing "their" works. I think the same holds true here. Sony IS responsable for distributing something they didn't have the right to distribute.
"What I need is an exact list of specific unknown problems we might encounter."
Ultimately, the people responsible are the ones at the top. That's right, the corporate management in Japan at Sony Headquarters are the ones ultimately responsible. They didn't do it, but they DID put the people in place that DID. If they don't sack each and every one of them AND hang them out to dry, they're tacitly complicit in the actvities of Sony BMG and as such, they should be held accountable, right along with the people at Sony BMG. It doesn't matter that SCEA didn't do any wrong- ultimately Sony's corporate management did wrong. THAT, my friend is how business actually works. I should know, I'm one of the ones that is at the top looking down on things.
I don't wish SCEA's people ill, but the company as a whole, did something wrong- if the company doesn't deal with it's errant division, then the company as a whole should be punished.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
Great! So, if my neighbor is bothering me, and I pay somebody $10,000 to make him stop, I can then "claim ignorance" when the solution the person I paid comes up with is to simply assassinate my neighbor? I'm sorry, but if you are paying somebody to put malware onto your customer's machines, you damn well better be responsible for ANYTHING they put into that software! The fact that you payed somebody else to do your dirty work for you SHOULD NOT absolve you of any guilt for their actions...
I've abandoned my search for truth; now I'm just looking for some useful delusions.
Rush Limbaugh anyone?
Stolen? I think you mean "shared." Ideas don't have owners. Information wants to be free. Only greedy capitalists think otherwise. You can't steal code, stop trying to confuse the consumer with scare tactics and red herrings like pretending copyright infringement is theft. It's not. We all know this. What Sony did should be totally legal and it only isn't because the copyright system is broken. Fight the man. Support Sony. What's next, P2P?
"I have never won a debate with an ignorant person." -Ali ibn Abi Talib
So, this is another reason to not buy music and instead download it. not only is it expensive by comparison but harmful by comparison too.
Ironic that Sony should be infringing copyright as part of a scheme that is allegedly meant to stop copyright infringement.
It shows the kind of crass criminality that goes with the corporate racketeering that has been going on for years, as record companies have fleeced consumers for hundreds of millions of dollars. If that is the respect that Sony show for other people's copyright, why should we respect Sony's.
Ideally of course they've already turn off autorun in their standard deployed Windows image. But you still want defense in depth.
You should leave a security policy in the drafts folder unless it's enforceable and explainable. "Don't play CDs in a company PC" is going to be tough to enforce (maybe bribe employees by issuing them portable CD players?). "Don't play copy-protected CDs" means that either employees have to figure out what's copy protected or that IT has to maintain a list and the employees have to consult it.
Locking down workstations to prevent software installation just got even more important.
They're not the copyright holder, so they can't enforce it, but they certainly have the resources ($$$) to find the copyright holders and help them bring criminal and civil prosecution, i.e. foot the legal bills of doing so.
Off the top of my head I can think of 5-10 cases of blatant, on-going GPL infringment, and only one prosecution attempt (IBM's counterclaims against SCO). I'm sure there are examples of the GPL "working," but they don't get the attention they need and I think most people are under the impression the GPL has no teeth.
The FSF could do a great service to the community here by demonstrating how to prosecute, and getting some positive media attention for the GPL in the process. Given the irony of the situation, if ever there was a case that begged for enforcement, this would be it...
If the XCP Update contains copyright infringement, then ISPs providing connections to the copyright material are obligated to honored any DMCA notice.
Surely the Sony crapware cannot install device drivers/filters or patch the kernel on the fly if users are not 'administrators'? How many business let their staff run as 'administrator'?
I know I'm jumping in late, but if just a few people see this and respond, it'll do some good.
Go to the following sites and complain:
Department of Homeland Security - Select "Security Threats" - This is a threat to national security.
US Secret Service Electronics Crimes Branch - They do computer fraud cases.
FBI
Unless you can show that Sony agreed to it or at least knew the code was GPL. If you can't then it's plain and simple copyright infringement.
At the end of the day I don't think you'll be able to claim anything more than that Sony have been buying pirated software. Given that piracy is quite an issue to them it could be quite damaging publically and would give them strong reason to go after First4Internet themselves
Boffoonery - downloadable Comedy Benefit for Bletchley Park
For an apology to be valid, you're supposed to admit what you did wrong, and promise to never do it again.
Neither of those was done properly.
I still don't see the proper "admit what you did" comments -- remember, Sony completely denied any security issues. I mean, first there was the doublespeak of "There aren't any security issues, but we'll give you an uninstaller anyway, in case you don't believe us," which could've been forgiven. But now we get "We share your concerns." First of all, no, you obviously don't.
My concern is that when I buy a copy of something, it's MY copy, not an extended form of pay-per-view, not a license or a subscription. Whatever the legalese says, I want to be able to take my CD, play it on my Linux, rip it and throw away the original CD, copy it from my desktop to my laptop, all without having to get permission from Sony. Same for my DVDs. Hell, when I run out of disk space, I'll probably start archiving old CDs on DVDs -- I can probably fit 5 or 10 albums per DVD with FLAC compression.
I do not intend to distribute free music to the masses. I don't have a problem with paying a reasonable price for my music. But your prices are not reasonable, and you treat ordinary consumers like criminals, so I have stopped buying CDs.
But what offends me most about "We share your concerns" is the fact that it's a complete reversal. A week ago they didn't share our concerns, and now they do. They should tell us so. Something like "We were not aware of the security issues, but now we understand why you're concerned, and we are too. So here's the uninstaller and your free CD."
And, worse, I see no mention anywhere of an intent to stop. Is it really an apology if you're just going to do it again the next day? I mean, honestly, do you take the kid seriously when you find him with his hand in the cookie jar, his mouth stuffed with cookies, and he says "Sorry" just in time to cram another one in?
In Driver's Ed, the best advice I ever got was to remember that those are other people in those other cars, and so one should act with a car how one would act with their body. Do you cut people off or tailgate them while walking on the sidewalk? Do you scream at them if they cut you off? Not so much.
I think a big company should hold itself to the same standard. You've got a chain of command, so there are people at the top, who presumably know how to act like decent people, even if they don't. So shouldn't the company as a whole act like a decent person?
No offense to the people in the company, especially those farthest from management -- there are good people at Microsoft, too. But Sony, you as a company and as a person are acting like a dick. Please stop.
Don't thank God, thank a doctor!
I want to know if this is impacting their stock prices. Likely trading in Sony was on the up as the PS3 launch gets closer. Are the business savvy types thinking of jumping ship? What about shareholder meetings? I bet there are some angry stockholders out there.
Professional Stranger
Even Microsoft was willing (eventually) to call it what it was--spyware.
I'm sure (er, I think) it was a PR move, and Microsoft had to talk with Sony to explain what they were doing and why they were doing it and that's why they didn't call it spyware right away. Heck, I wouldn't be surprised if MS was (actually, is)working on adding these DRM hooks right into the Windows kernel.
...the terms "steal" and "theft" as applies to copyright infringement have become too widely ingrained in any discussion on the matter, and that includes those on the side of the angels.
The facts remain that 1) the terms have been widely promoted by copyright hawks for PR purposes (effectively, evidently) and 2) whether or not DVD Jon ever said copyright infringement isn't theft has absolutely nothing to do with whether or not he has a right to be upset that Sony used his code without permission (assuming they did do this).
Kythe
Doesn't "Sony" mean "Sorry" in Japanese? "Sorry Corporation". Makes sense to me.
Why is it taking so long to release an uninstaller that can cleanly remove the rootkit? What if the delay is because it can't be done? What if the damage is permanent? Yes, Mark Russinovich was the first to say how to safely disarm it, but Sony needs to provide a way to remove the thing completely. If it can't be done, and we're talking about forcing reinstalls of Windows and OSX and whatever OS this Rootkit can interface with, then just how screwed is Sony?
Professional Stranger
I'm sick of companies stealing our code for their own ends - what say we invent some secret encrypted rights-assured IP verification obfuscation technology to use with the GPL3? Who's with me?!
Well, I think everyone has been missing a VERY important point. First4Internet is a company which sells products designed to PREVENT copyright violations. Read one of their press releases for example: http://www.xcp-aurora.com/press_article.aspx?art=a ug_05_art2
F4I knows EXACTLY what copyright infringment is. Now the question I will ask you is, do you guys know what happens to people who understand the law, claim to abide by the law, but are secretly violating the law?
Answer: very, very bad things. A court would slap this company so hard that they would cease to exist. And it needs to be done; it's simply no excuse for "big brother" to violate the copyright laws if we cannot.
Matt
(3yrd Year Law Student)
Unfortunately, more than you might think.
...unless you intend to replace the entire OS and even then you might want to look around.
My GF got one (on my recommendation I am ashamed to say). Aside from Sony's mechs getting worse by the day (as anyone who has bought a Sony TV or PC will tell you), the software is lacking. It's a bit like that envelope full of siding coupons you get in the mail: By the time you've waded through all the ads and bumphware, there's nothing worthwhile left. No office apps (a trial version of Office with no way to close the deal), no CD copying software (aside from WMP which believe it or not doesn't let you copy CDs), none of the common codecs...nothing but ads and useless proprietary crap.
This is all aside from the increasingly likely possiblity that they have deliberately crippled the hardware in some secret way.
That explaination aside, I will explain how the law in my country differs from what I just said. There is a huge difference in law between the first and second type I described. This is why people who sell pirate music can go to jail (criminal law) whereas downloaders get sued (civil law). However, to my knowledge isn't any major difference in the law between the second and third type I described, if there is any I havn't heard of any precedent based on it. The law has been set up to work on actual damages that are easy to measure, otherwise it would be based on speculation and undermine the certainty of the system. Thus, misattribution of credit can't really be dealt with majorly by the law. If someone sells intelectual property that they are not authorised to redistribute they are guilty of the same crime, nomatter who gets the credit for the IP.
The law and morality are often too closely linked in peoples minds. The law is not intended to make people do the right thing, its intended to limit and localise the damage that people can cause when they do the wrong thing. It is not against the law to cheat on one's spouse yet it is against the law to drive over the speed limit on a quiet country road. One should never do either of cause, but I'd personally have far more sympathy for the leadfoot. The law is there to stop you from killing your neighbour or taking their stuff, otherwise its just up to you.
B.t.w. I'm from Australia, not the US. Our legal system is similarish to that of the US, but our legal code is far smaller relying on common law (precedent based stuff) for most of the details. IIRC in Australian law, criminal law can be used for far smaller copyright violations than it can in the US, though non-profit copying has never been prosicuted in criminal courts making it essentially a civil matter here as well.
When Argumentum ad Hominem falls short, try Argumentum ad Matrem
Given the presence of both LAME and anti-DRM code, perhaps the software looks for programs on your system which might be used for copyright infringement, then 'phones home' if it finds them. Sinister, but looking more likely than Sony actually using this sort of code to do anything useful.
Stop worrying about copyright, and start worrying about personal rights.
Nonetheless, even in this case, the copyright scenario is still interesting - is Sony infringing copyright by doing this even if the code is not being executed?
"I think it would be a good idea" Gandhi, on Western Civilisation
The large Fortune 100 company where I work makes every technology vendor sign contracts that they won't include **any** OSS, freeware, or other code on purpose or by accident where they haven't legally licensed it or don't own all the IP - intellectual property.
If you don't sign, we don't do business with you. Further, if anyone is discovered to have violated this, then they must defend us until they have no more money left and have gone bankrupt. They "indemnify" the purchasing party against all claims related to patent, copyright, or other ownership.
Ok, so there is a flaw in this plan - small companies will sign anything and just go out of business, but for larger corporations, they will carefully review this and take proactive steps to assure they are not in violation.
IANAL.
... it works like this:
Sony's pocket depth >> First4Internet pocket depth
That means Sony gets taken to court.
I don't even know why people in the US even bother to argue about guilt and innocence anymore.
3 things about computers: they're alive, they're self-aware, and they hate your guts.
You're just a n00b.
Where were you when people were "stealing cable" in the 70s?
How about when ad agencies "steal each others ideas"?
Or what happens when two lovers "steal away to a secluded location"?
No one lost anything in this case.
Words have many meanings in English. And they did before you got all excited about it.
Stop trying to make the world change to meet your ideas of language. Words are there to communicate ideas. Not using a word people already understand to communicate an idea and using another is just going against the whole idea of language.
http://lkml.org/lkml/2005/8/20/95
Echoing the revelation of innovative anti-piracy software Sony secretly developed, their stock price soared 2.96% in a day on Tuesday Nov 17th, 2005 to 4180 Yen, up 120 Yen at Tokyo Stock Exchange (TOKSE)
I'm telling you, make light of it all by buying the camouflage $sys$ tee! Someone, send a complimentary one to DVD Jon, and one to Sony ;-)
Get your $sys$ camo tees now!
The local news here in Ottawa Canada said none of the local stores have heard anything offical about the recall and have not removed anytning form the shelfs... that was tonight at 6pm. The news could be wrong, but considering how SOE lies constantly this sposed recall may just be another of sony's lies....
The only way for Sony to screw themselves over any more with this would be to send replacement CDs with a new and, ahem "improved" DRM scheme
Ah thanks Though i know this probably doesnt have anything to do with that
If you die horribly on television, you will not have died in vain. You will have entertained us.
--Kurt Vonnegut
I think that was Orrin Hatch.
I remember reading somewhere that F4I is Sony's spin out. Can't find any refs though. Has anyone seen the same information? Or knows more about the companys history.
"I've been chasing down several accounts of government agencies, companies, educational institutions and others banning the use of Sony CDs on their PCs, due to the security risks of having Sony's rootkit DRM infecting their PCs."
Fantastic. I hadn't thought of it, but it *does* put our network at risk. Therefore, as the IT manager, I believe Sony BMG has just been banned from my company's PCs as well. Just need final approval from the CEO.
--
www.nitemarecafe.com
Hope this won't infringe some copyright or patent :)
Patents Drive Free Software as Hurricanes Drive Construction Industry