Slashdot Mirror
Real Story of the Rogue Rootkit
BokLM writes "Wired has an interesting article from Bruce Schneier about what's happening with the Sony Rootkit, and criticizing the anti-virus companies for not protecting its users. From the article: 'Much worse than not detecting it before Russinovich's discovery was the deafening silence that followed. When a new piece of malware is found, security companies fall over themselves to clean our computers and inoculate our networks. Not in this case.'"
Nothing to see here, please move along...
;-)
How appropriate
... the malware was not made by the anti virus companies so how could we expect them to make the antidote?
Now don your tin foil hats!
Wired's webserver was borked before this even hit the front page. A functional mirror for everyone's perusal.
It's a shame what big companies can get away with. I mean, no matter how you look at this, a rootkit is a rootkit, there was nothing subjective about this. Yet, the fact that it was by Sony made people keep their mouths shut. It's a shame.
Send email from the afterlife! Write your e-will at Dead Man's Switch.
What the heck is this?
The AV companies are just gunshy of Sony's squad of legal attack ninjas. Not surprising given that this is grey area. I think the author makes a decent point (that the AV companies moved slowly), but the real failing here is the draconian legislation that made this a grey area in the first place. Hopefully these wee little gaps in consumer protection get plugged as a result of this.
I so agree with Poromenos1. He's right about Sony. That's for sure.
MOD PARENT UP!!!!!!!
I have to ask... If you were infected by this thing, then why not call law enforcement? You know it is malware of the worst kind and you know exactly who did it to you. Why not call the FBI or your Attorney General and file a criminal report? Couldn't you list Sony or the record store/online store you got it from as the source? I don't know. Seems like a good form of civil disobedience at the very least.
Isn't that what we're supposed to do?
Of course, all Slashdotters were not infected because we all boycott music companies anyway. Right?? Or did I miss a memo?
"If you want to improve, be content to be thought foolish and stupid." - Epictetus
AV companies can't afford to take the threat of a libel lawsuit lightly. They have to step carefully whenever someone with backing installs malicious software on your box. Why do you think it took them so long to get into the spyware removal business? Lawsuits.
vi is my shepard, I shall not font.
No shit no one touched it..
They are Scared Shitless...
Until Now.
What happens when Sony's rootkit hides under the protection of Windows Vista's NGSCB? Will antivirus vendors be able to remove bad code that ends up in the NGSCB? Given that Window's kernel in insecure enough to allow itself to be rootkitted, what is the chance that NGSCB itself will be subverted? Doesn't the fact that NGSCB is designed to hide code from normal users and knowledgable debuggers alike mean that it's somewhat similar to what the Sony rootkit tries to do?
& wich flavours of UNIX/Linux is it for ? ...and what are the symptoms ?
I dunno?
i'm still shocked that a "legitimate" company that's widely purchased from, and is a household name, would distribute software that anti-virus companies would consider to be malware. i'm still shocked that sony let this kind of thing slide, it's so obvious that they didn't even check to see what they were doing before they did it.
Sony offended precisely the wrong people, the nerds that would eventually detect this thing. Once they did, they were appalled. Nerds were good Sony customers, once... Nerds buy hardware for non-nerds, sometimes.
Dark Reflection
Guess who wins every time?
Not to mention that if warez/pirated music, etc were found on your computer by the law enforcement you called in, you'd be in deep shit.
Obligatory Soundbite Catchphrase
When news of the criminal root kit hit full blast, I figured it would immediately get nuked by the AV companies. As things progressed and no one but MSFT came to the rescue, it made wonder if there was fear or maybe even collusion.
Yet the bigger story here in the fact that a blogger was the breaking source.
My media is 75% blogs now. Many use links to back their opinions (I'd love to see a standard bibliogtaphical Wiki for referencing). They're faster than the daily news and less likely to be afraid of corporate threats.
BTW, anyone know a way for me to toggle link text format fron standard (blue w/ underline) to normal (black no underline) and back, quickly?
Yeah that has been my reaction. When I heard about it the first thing I began doing was searching for detection and removal software. I found nothing. I could not believe that Mcafee was not publishing a fix.
Insert Generic Sig Here:
It was very hard, even for Microsoft to figure out how to remove the damn thing without disabling the CD/DVD drive entirely. The first anti-virus patches that thought they fixed this was actually disabling peoples drives without knowing it. Microsoft had to work with Sony to figure out what the hell they had actually done. It really sucks.
They don't exist to make gigantic corporate enemies.
Like it or not, detecting and removing Sony's malware puts them at series risk for DMCA lawsuits and the like and is thus a bad business decision. Anyone who thinks they're in it to actually better their customers and not their bottom line is living in fantasy land.
True story;
/love my Subaru Legacy GT
Ten years ago I delivered parts to Chrysley in Detroit, from Mexico, on a weekly bases. One day I was inside one of their plants and I saw a sign that said, in so many words, "We will no longer omit parts just because they are not currently in stock."
And that is reason #914 why I will never buy a Chrysler.
She seems to have the knack for getting the first post, though!
Dark Reflection
I think it's a big pseudopsychological masturbation-fest from some asshole who can't control his porn watching habits, and feels that he has a "problem", so he deals with it by concocting this big bullshit treatise on the perfect partner as a way of dealing with his problem.
gameDB
Microsoft is treating the program as malware and are working on way to let users safely get rid of the rootkit. The only problem is the ETA for this is sometime in January.
As for the lawsuits, it seems like it is the only way Sony is actually going to have to go to court for all the evil crap they did with this.
What is wrong with the world?
Stop replying! Me mod you down longtime.
Man, all this just in time for Christmas. When I'm shopping this Holiday Season, I think I'll just run up to store clerks and ask them if they carry Sony products and if they say yes, ask "For the love of God, WHY???" and then run away laughing.
If the Antivirus companies start destroying Sony copy-protection technologies, they're almost certain to get in trouble. Surely they don't want to violate the DMCA.
Sony won't need to install a rootkit, because the Microsoft DRM will be designed specifically to help enforce things like Sony's EULA. Why should Sony bother with a rootkkit when the OS itself will impose the limits by design?
hi,
is there any AV out that will deny the install?
CU
9000h
Imagine this: a brick comes sailing through your window, smashing glass everywhere. You pick it up and wrapped around the brick is a flyer for a glass replacement company.
This is how I've viewed the major AV companies for quite some time. Sure, there are non-affiliated virus threats out there, but they perpetuate their own business as well.
I didn't think that my opinion of McAffee and Norton could sink any lower... but I was wrong.
-Those who dance are considered insane by those who can't hear the music.
Companies are so worried about piracy that they go to these extremes. What they need to look at is why are people pirating. Many people pirate because the thought of spending $17 for a cd is rediculous considering that only a few songs are worth a damn. Secondly, DRM makes it worse because people can't rip the audio for their mp3 player. This drives people to piracy and the DRM makes it worse and drives the consumer away. Just lower the damn prices and let me burn it, rip, or do anything else I want with it because it's mine!
gasmonso http://religiousfreaks.com/calling law enforcement would lead to a court case: YOU vs SONY.
Not necessarily. It might lead to PEOPLE v. SONY, if you can help the police prove that a crime was committed.
It's their "rootkit," our "DRM enforcement agent." The same sort of nonsense about their "terrorist," our "freedom fighter." that were promoted by the whitehouse in 80's.
ELOI, ELOI, LAMA SABACHTHANI!?
I'm in the UK. Do the US-centric have anything to report on this?
No, actually, it's a troll who's re-posting blog entries (he/she) did not write in an effort to get people to troll the blog site they came from.
I don't care what the rest of you hip 1334 types think, this post (though slightly incoherant) trys to bring a real point to the table, and actually offers (albeit painfully) what I consider to be the most valid reason this didn't get taken care of earlier. You are NOT to question the corporate masters when they tell you how to use the software you bought, you are NOT to question when they force you to use your own property (your computer's clockticks) to make sure you don't cross the line they have placed for you. Why do we take this? Read the post again, and try THINKING (I know, I know, it's dangerous) about what this person said. It's spot on as far as I'm concerned. Sony is one of the masters (one of the High Masters of Entertainment), and if master says shoot myself in the foot for his amusement, then master gets what master wants. We've been willingly bent over so long that we didn't even notice that they stopped giving us the courtesy of a reach-around.
Other than the EFF, what organizations exist primarily to protect consumers from both a) media distribution companies trying to control our stuff, and b) lousy anti-virus and anti-spyware vendors who supposedly detect this stuff and prevent it from making our lives miserable?
We will never win this battle if we have to rely on civil disobedience to inact any change the status-quo. What we need is a DCMA that protects the rights of the consumer and inflicts sever penalties on thoses companys whos practices conflict. I'm talking both Sony and the like AND the anti-virus protection firms.
3-Pages of Wired goodness
Reminds me of the good old days when computer viruses were spread around on 3 1/2 floppy disks. Nothing like a boot sector virus to spoil your day.
Links From The Article
Apparently there is a criminal investigation going on...
In Italy
Class action lawsuit
Apparently step 3 is that you have to "reside in either California or New York." Sadly, step 4 is not Profit!
[Fuck Beta]
o0t!
While it is a good article, it leaves out what was just recently posted on Slashdot - the use of open source software to create it. That's another important part of the legal quandry. Also the article really seems to minimize the fact that it also effects Macs. While it is true that the user must provide a password (on the Mac), Sony insisted it did not effect Mac and Linux computers.
The double standard of the security companies is troubling... If I released this application (sony's rootkit) it would be considered malware immediately. The fact that they only remove a portion of it is also strange. That is like removing the part of a spam generating worm that sends emails to others but leaving the rest of it to waste CPU time scavanging my address book. Also... What I wonder is, is what consequences will come from the alleged GPL violations? Is anyone suing Sony or first4Internet for copyright infringment? If not, does this send a signal to big corps that it's ok to steal code that is GPL'd because the parties that wrote it probably don't have the time/money to do anything about it anyway?
That can be a great anti-Vista publicity.
"With Vista you don't have to worry about shit like the Sony rootkit, because he is already in!"
At least, not purchasing their electronic products is very simple. There are lots of competing companies. As to CDs --- well, get one and rip it, on Linux, of course :-).
the antivirus companies are afraid to get sued for providing software to remove DRM software
It does not work and cannot work when it warns the user, as the Rootkit DRM program has to ask for an administrator password before you install.
On a Macintosh running OS X.
Gods don't kill people, people with gods kill people.
The earlier statements included that communications with anti-virus companies had already taken place.
I bet they thought they could slip this under the radar until it was a fait a complis!
scumbags
please note it is my PC not yours fuk off!
Sony Feels Badly :P
In Soviet Russia you can always find a way to cloak illegal activities. In corporate America, the way to cloak illegal activities finds you!
The weak non-response by AV companies isn't the REAL story, either...
The REAL story is why aren't elected officials falling all over themselves to make what SONY did a criminal offense?
Your computer is infected with the Sony DRM Rootkit.
It compromises the security of your machine, leaving
it open to various attacks.
Due to legal restrictions imposed by the DMCA, the
infection can not be removed. It is recommended to
disconnect the computer from the internet and
reinstall the operating system.
The biggest surprise for me was that Microsoft, who usually pisses me off, actually was the only company to step up to the plate in a meaningful way. I expected far, far better from the antivirus/spyware vendors. If you're going to tell me that you're going to protect my system, make me pay a subscription to keep my definitions current, and, on top of that, consume some of my system resources to do it, you'd damn well better step up to the plate when it comes to something as blatantly dangerous to my security as a rootkit.
Is it me, or is Sony the first vendor to make (or spread) a Mac OS X Root Kit?
If I had a choice, I'd buy the anti-virus software that told me about shit like this. So if the companies would wise up to a source of profit, the market would fix this.
when the spyware/malware people start bundling rootkits as part of the infection? I'm not really worried much about the responce of the anti-virus people as much as I'm worried about the responce I'll get from Microsoft when I ask: How can I keep code from installing this type of code into windows.
I'm afraid the answer I'm going to get is: We don't know.
It is my meager understanding the AV companies detect _viruses_. That they've forayed into spyware detection is perhaps a natural/logical path, albeit, that has still not become their primary avenue of business.
/.ers you know what you use on your friends'/family's boxes to get rid of such helpful toolbars ;) as ones that mom installed so she'd know when it's raining outside.
/. crowd has the capability to shine. The onslaught of Windows rootkits may unveil a shadowy niche in computer security to the general population, however, isn't it the rootkit and it's purveyors we should be disgusted with? Author of TFA seems to think otherwise.
/. comment sections. Save the other bandwidth for pertinent _investigative_ journalism.
Some of the most popular spyware-detection tools aren't from the big AV players --
That said, there are explicit differences between terms in TFA that should be noted. Though I am no expert in the field, it's generally agreed upon that virus != spyware. (How many of you cringe when you hear "hacker" used pejoratively? Are they really a cracker/script kiddie/etc...) Let's get our diction correct.
Ok, so what are rootkits? This is where the
Do we blame the ambulance responding to the scene of a fire for our house burning down? Nay, the fire department? Suppose the fire department responded lethargicly. Then, might we play the blame game. What if the fire department arrives to confront an unknown, previously unfaced force destroying your building?
The tongue-lashing poured out by Author should best be kept to his blog, which he has proudly boasted to you, the reader, about already. Let him keep his opinions and bashing there and in
I suspect that the security companies don't fear lawsuits from spammers. On the other hand, one can easily imagine a company like Sony threatening lawsuits for having their DRM labelled a "virus" even if it damn-well is.
The cake is a pie
I won't be surprised when in a few days there will be an announcement how Sony's rootkit causes world hunger, rapes dogs, and hides one sock out of every pair every once and awhile.
Damn you Sony !... Oooh, shiny PS3 !
BTW, anyone know a way for me to toggle link text format fron standard (blue w/ underline) to normal (black no underline) and back, quickly?
Yes, use Opera. You can set a "user" CSS for yourself and switch back and forth from "author" mode to "user" mode with a button or keypress (shift-g).
Hope that helps.
It's interesting how some of the vendors are listing information about the rootkit, but see uninterested in adding a signature, claiming that it's not really a virus (which is true) because it doesn't self-replicate. That's fine, I guess, because if they started detecting rootkits, they'd have a lot more work to do, but I think it's kind of shortsighted of them to think that people won't get angry that they paid for a $40/year subscription for a product that doesn't detect when their system gets totally rooted.
(I'm always tempted to spell it r00tk1t, but I'm trying to act more mature these days...)
Free music from Jack Merlot.
If we had properly welcomed our new DRM overlords this would not have happened!
AGGHH
Sam
blog.sam.liddicott.com
"See! We don't produce crap code that BSOD all the time - it is all these 'root-kits' that lusers, hmm, I mean Customers install!"
There yer go. Nothing wrong with MS products at all.
In this case, the producer of the malware is question is Sony. Most people with less money than Sony (read MS, Warren Buffett) aren't going to a) claim their software (obviously) is malware or b) find some way to make it safe. They probably considered that "Sony's Job" to get all the bugs out.
:p
The first clue that this wasn't going to happen was of course the fact that said rootkit contains GPL code, which has been widely publicized here and other places. In theory, Sony must now release the source to this, or write their own damn dvd code (as i take it). This probably will not happen
My main concern with this is that IF Sony decides that the best thing to do here is to release the code is that we are going to have a RUSH of really nasty worms out there. I think I'm just going to leave my home computer off and play Doom on my work box. Seems safe. Then again, I'm a paranoid bastard, and probably shouldn't own a computer. I like etch-a-sketches.
.cig - what you do after winning a good flame war
With Vista you don't have to worry about shit like the Sony rootkit, because he is already in!
Yet another example of over-agressive bundling.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Call your local agent today and see what they can do for you!
http://www.fbi.gov/contact/fo/fo.htm
-Valiss
CNet published a story about this.
Their original story also mentioned that first4internet worked "closely" with Symantec and others.
Interesting how this has been removed from the current version of the article, without any notes re: changes.
one word:
Bhopal
.
music lover since 1969
After seeing this story all week, I still can't get past the most basic question in my head: Why the hell is Windows executing software from an audio CD?
A Government Is a Body of People, Usually Notably Ungoverned
I'm sure that a widely regarded author of several security books, a cryptographer who's created a fairly robust algorithm, and a guy who's been called to testify before Congress several times is all broken up about slashdot user 805235 thinking his article sucks.
Look what happens when you don't use Microsoft "Official" DRM technology.
At least in Symantec's case, Sony is a multi-million dollar customer. They were protecting their customers. Do you really think that the kit harmed 200,000+ $50 a pop Norton customers?
I can understand that from a legal perspective that they may not be able to remove it but what they can do is:
/\/\ -
1) Stop these types of software from being installed in the first place, and warning you that an attempt was made.
2) In the case that it finds these types of software on you computer, it should alert you about its existence and the danger therein.
This is the LEAST they can do.
-
Nahh, he's just baiting the /. geeks love pr0n meme with a contrarian troll.
Schneier has said several times that "half a million computers were infected". However, I saw that famous graph that said half a million networks were infected. Who is right?
Is to detect and stop threats, regardless of the source. Something like the Cisco Security Agent would have noticed this, I'd expect nothing less from an up to date virus scanner. When our contract here runs out and we are taking bids on our next provider, one thing I will consider is the handling of the Sony situation. I need to know I have an AV vendor that will address threats to my systems regardless of the source. People bring in music CDs all the time, and many have admin access on their computers for one reason or another. So I need to know that their virus scanner will work to the best of it's ability to keep the system free of threats. Dismissing a threat because a company wrote the rootkit instead of a random kid is not valid in my opinion. A rootkit is a rootkit and it should not be allowed on to the system.
What did he do, steal your girlfriend or something?
Bruce didn't claim that he found it, he had something to say about it, and he did a fine job of writing about it for the non-technical audience that reads Wired.
I swear to god that guy [Bruce] hasn't contributed anything meaningful to the public since 1998 and yet he's still fucking there.
Even if you were right about that, so what? What have you done that tops Applied Cryptography?
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
The DOD pays big dollars to get a corporate license for both McAfee and Norton, which includes permission for users to use on their home computers. Considering the numer of DOD computers that got infected by the Sony DRM application, I think the people who oversee those contracts would be negligent if they did not "seek consideration" for the failure to perform.
because all the music I download comes from DRM-free, regular MP3 files using bittorrent and the like. In other word, pirating music. What a strange circle this story has completed...the only way to know for sure what you are getting when you download DRM-free
While Sony could be prosecuted under U.S. cybercrime law, no one thinks it will be.
What I want to know is why the fuck shouldn't a corporation be held to the same rules the rest of us are? As the line above illustrates, people now assume that companies can abuse the law as they see fit and not get reprimanded.
While the rest of us (AKA as not rich) get sued into oblivion or prosecuted to the fullest for downloading a shitty CD that should only be $5.
what are "hip 1334"'s? lol...before trying to insult people make sure you know the proper terms
There are 10 kinds of people in the world - those who understand binary and those who don't
So, while the anti-virus companies were slow with code to detect and remove Sony's rootkit, they were much faster in releasing updates that detected and quarantined the various exploits that allowed PSP owners to downgrade their firmware from 2.0 to 1.5 so that they could run homebrew/warez - Sure there was Trojan.PSPBrick which actually did damage if it was installed on your PSP and viewed, but most anti-virus vendors were happy to tar 'useful' exploit code with the same brush.
I'm sure Sony had nothing to do with it.
Read http://www.groklaw.net/article.php?story=200511131 64717817
The creator of the rootkit (First 4 Internet) apparently worked with Symantec and other major antivirus companies to make sure that it would neither be detected nor removed by their software according to CNET.
This is a very damning accusation.
LedgerSMB: Open source Accounting/ERP
Go here for the blog.
I wrote a response, pending moderation, as follows:
It will be interesting to see how they respond, if they bother to do so.
If you are unfamiliar with them, they make Ad-aware, which is a popular utility for detecting and removing trojans, malware, etc., on Windows machines.
Aside from the value of getting publicity for security issues:
1999: Solitaire algorithm published. An output-feedback mode stream cipher which can be easily calculated using a pen, paper, and a deck of cards, allowing people without computers to use strong encryption in their communications. This system was featured in Neal Stephenson's Cryptonomicon.
2003: Helix algorithm published. A fast stream cipher comparable in speed to RC4 and with low per-message overhead, making it suitable for very small messages.
2004: Phelix algorithm published, a refinement of the earlier Helix algorithm.
rage, rage against the dying of the light
Sony paid for it. Sony included it. But first4internet wrote the code.
If the g'vt kept the data on you that google does you'd better believe you'd be calling it "doing evil"
Does anyone know if Sony built computers, such as the VAIO, come preinstalled with the rootkit? I really wouldn't be suprised if it did.
Except that reports say the rootkit kills Vista. Or at least crashes it.
A search on the M$ website for 'sony rootkit' leads to
'sorry, no results were found'
But you're not bitter.
This sig intentionally left blank.
Norton Internet Security 2005 AntiSpyware Edition
McAfee AntiSpyWare 2005
Microsoft Windows AntiSpyware (Beta)
This is their business. Period.
What I say does not represent the views of my employers, my friends, my cats, or myself.
I don't know what brand of CD burning software you use, but I've had Autorun disabled on my computers for the last 7-8 years and never had a problem burning a CD.
From their web sites:
Arista Records
BMG Classics
BMG Heritage
BMG International Companies
Columbia Records
Epic Records
J Records
Jive Records
LaFace Records
Legacy Recordings
Provident Music Group
RCA Records
RCA Victor Group
RLG - Nashville
Sony Classical
Sony Music International
Sony Music Nashville
Sony Wonder
Sony Urban Music
So So Def Records
Verity Records
In case they may be of interest to you...
he is wrong, wrong, wrong
I had removed all the DRM files and all the registry entries from my sister's computer, but that stupid "lower filter" kept re-appearing when I tried to reload her DVD drivers. After a couple of hours, I gave up because I discovered that since her computer was new, I hadn't yet disabled rollback on it. (Nor, obviously, had I had a chance to disable autoplay)
She had a save point from the day before she played the CD, so I used rollback, which surprisingly mostly worked, and her driver was restored. And then I spent a lot of time reinstalling all the software I had installed before discovering she had played that stupid CD.
She hates Sony, now, because I no longer had time to migrate her files from her old dying laptop over before she went home, having to spend it all doing this. She's a college student and a teacher, so this affects her studies and her work, until she can make it back over. You can bet, if there is a class action lawsuit for Texans, I'll sign up.
Although I did play Rogue on the old VT100s and Unix systems back in University, I prefer playing Nethack now. :-)
Anyone know if there is a rootkit available for Nethack?
They should add they're rootkit software to the Blu-Ray standard!
No CD sticker on thaose cases. It is an application that plays music.
Just becasue it's round, shiney and plays music, does not make ti a red book standard. i.e. CD
The Kruger Dunning explains most post on
In my opinion, some firewall programs works better than most antivirus programs.
I haven't used a lot of stuff, but I have tried out Tiny Personal Firewall 5. (I think they have newer versions now) It has the capability to not only controll access to the network, but also application execution, registry access/modification, disk access, etc. it seemed to me to give greater protection than anything else I had looked at at the time. Admitedly I haven't researched much since then, but I think they have the right idea for protecting your computer.
They are scared of breaking the DMCA. Do you honestly think any big antivirus company or even Microsoft is going to have the guts to provide software go in and remove a copyright-protection mechanism, something the DMCA explicity states you cannot do?
The only thing about Sony's size that matters is their ability to litigate.
Did you ever notice that *nix doesn't even cover Linux?
We will protect your computer from all threats. For the money we charge you, we will work night and day to research and defeat security threats to protect your computer from them.
Until Sony comes to us with a better offer...
These people are no better than thugs. In fact they are worse than thugs. At least when you pay criminals "protection" money they don't turn around trash your business anyway!
"this rootkit was designed to hide a legitimate application, but it can be used to hide other objects, including malicious software."
Baloney. Any application installed on my computer under false colors that is hidden from me is not a legitimate application. Sorry, Symantec.
The higher the technology, the sharper that two-edged sword.
Mod parent up.
He is referring to the bhopal gas tragedy of 1984, http://en.wikipedia.org/wiki/Bhopal_gas_tragedy/ where thousands of people were killed and Union Carbide pretty much got away with it. The CEO Warren Anderson is a fugitive and is on the wanted list of CBI India.
Because it already is?
Does anyone else think the worst thing about this whole affair is that in order to get the rootkit, you have to listen to Celine Dion's Greatest Hits? (I know, there are others, but not that many.) Arrrgh... Don't listen to that crap! The listening experience has got to be as bad as the rootkit experience-- worse!! Maybe this will succeed in killing off the worst thing that has happened to our culture in the last 100 years-- the growth of "hitmakers" music. Gaaack!
Everything I've ever learned the hard way was based on a statistically invalid sample.
the big AV companies get moeny from companies to not list their products.They were just trying to get Sony to pay them not to list it. Or Sony had already done so.
There was no risk of being sued. The publicity would have stopped Sony, regardless of the DMCa interpetation. I noticed MS is removing it, where is the big fat lawsuit?
It is illegal for me to run a stop sign, but if I do so to get out of the away of an ambulance, nobody is going to prosecute me.
The Kruger Dunning explains most post on
You're right that people download music because CDs are really expensive, and because they insist on being able to use their iPods.
But now there's an even more obvious reason to download music in an open format like MP3: MP3s cannot suddenly turn on you and break your computer.
I'm sure I'm not alone when I state that I will never buy a Sony or BMG CD again, ever, unless it comes with a bold-printed, legally-binding guarantee that the damn thing is a plain-Jane, Red-Book-compatible, fully-rippable CD. And I'm never again going to insert a music CD into Windows, no matter who sells it to me. I'll rip the things in Linux, where it's safe.
This is independent of my desire to punish Sony by boycotting their products. This is legitimate fear. No individual music CD is worth the risk of having to reinstall Windows, to say nothing of the risk of being 0wned or losing some of my data.
Quite simple - do not purchase any Sony products. Spread the word - Just say No to Sony. Follow up with an e-mail to your favourite Sony published Artists that indicates your boycott of Sony products and they might want to think about changing labels. Combined with the previously mentioned class action suits we might just send a message the big business understands.
Write to all Sony signed artists and tell them you won't buy their albums until they ditch Sony.
3 1/2? Ha. My first virus was "Stoned" on a 5 1/4. The best part was the cure program was called "aspirin".
But, yes, the boot sector virus spoiled many a day. Also, does anyone even remeber when Michaelangelo Day is anymore?
In theory there is no difference between theory and practice.
In practice, however, there is.
When you are in war.
;-)
When is a rootkit not a rootkit?
When you are a corporation securing your assets against copyright infringement and piracy.
I personally think the flaw is in the premise. War is not acceptable, and music piracy is a false statement, but those assertions are no longer contentious to the society as a whole. They are considered to be decided in the opposite extreme.
War is not acceptable, ever, but sometimes it is necessary. It is not the place of someone to decide when war is necessary, it is when you have exhausted all other options. But yet we forgive those and ourselves when we go to war and we haven't exhausted all options. We find the very questioning of motive distasteful because it grates against our premise. There is a reason we do this. (Stick with me, I do have a point.)
Music piracy is an illusion. It is the media companies attempting to justify their economic model and pricing structure when logistically it is no longer required or justifiable in any other means except law and precedent.
But take a step back for a moment and realize that software companies are in this same position. They don't head off to the "bit mine" to mine more raw bits to put into boxes and send out from the factory. They craft abstract constructs from intangibles to create profit. Microsoft and Symantec are in this mode. It is something we no longer find contentious or disagreeable.
Sony doesn't plant and grow raw music plants so they can sell them at market. They act as gatekeepers between the producers, musicians constructing for whatever reason, and the consumers who will purchase music when it is marketed and presented in a certain fashion. So why do you fault them for taking a progressive step to protect their continued revenue stream?
You could say they are "in collusion" but you would be making the same mistake as calling Open Source communistic simply because it is in opposition to the existing retail and corporate fare. You would be trying to reduce the issue to a simplistic point that is no longer helpful or true.
So why does it suprise anyone that Sony took this action? Or why are you surprised that they would compromise the illusory integrity of your system which you purchased when day after day the computer manufacturer (Dell/HP) are working to have you buy more computers, more often (months instead of years), and charge you more money for them when they have spent less on the product?
I'm confused...
"Don't fear death... fear not living..." -me
So does this mean that Sony employees can no longer listen to Sony CDs on Sony Corporate computers for fear of "DRM"ing the entire Sony intranet?
There are two kinds of people in the world: those with loaded guns, and those who dig.
Come on now we all know it was the invisible disgruntled employee! That damn employee, I hope they find some evidence which suggests he exists, then they can get to work catching him.
Of course, since 1st4$ is located in the UK, the possibility exists that they may be UK 'major Record Labels' which are smaller than their North American equivalents.
I mean, it's not like Virgin has massive stores all over North America or anything...
Quidquid latine dictum sit, altum sonatur. . . . . . . .
Not sure what you want, but if the html/css is yours, you can add css sections to cover the :hover attribute (like a:link:hover, etc.). Using a global :hover isn't usually all that helpful though (for color changes anyways).
Let S_n = {nst+us+vt : s,t in Z \ {0}, u,v in {-1,1}}. For all n in Z where |n| > 2, Z \ S_n is infinite... right?
The big AV companies are weenies, weenies of the small and soft size. If THEY have neither the itch/desire nor the scratch/money to fight a court case against DMCA, given the obvious bogusness of this Sony rootkit case, then who will? The feds? Argue against one of their own pet projects, thinly disguised as "corporate IP protection" law? HAHAHAHAHAHA! People rail against the **AAs, but believe it, take a step back and take a clean look at it, it fits with their other craptastic anti freedom laws they have passed recently. the **AAs are number 2 here, if the federal globalist fascist goons didn't want the DMCA it wouldn't be law.
If I had to make my money by selling Music CDs through a vendor who not only thought of my customers with enough contempt to do this in the first place but also believing they are too stupid to know they're infecting their computers (which amounts to corporate espionage), I would be very afraid.
It makes me very happy I haven't purchased a single RIAA endorsed CD in years.
And for those who condone Pirate2Pirate filesharing this only goes to further their arguments.
Its not really. Its a mostly standard audio CD with an extra session that makes it not quite red-book compliant.
If you just look at the audio session (which most applications will do), then its a bog-standard CD.
This is a great advertisement for turning off auto-run, because once this infection starts to execute, it installs itself even if you say "no" to the EULA.
I'm not against the content of the article itself, nor do I question the author's technical merits. I'm against the misleading title. I surely expected more info on First4internet, or who decided to make the deal, youknow, the "behind-the-screens" action and stuff.
But all it was, was a hyperlinked editorial a-la 60 minutes commentary. Perhaps the article should have been named "The unasked question behind the Rogue Rootkit", or something.
You may ask, "Oh well, if you weren't against the article itself, but just the title, why was your post entitled 'Article sucks!'"?
And that's exactly my point. Misleading titles.
Correct URL: http://en.wikipedia.org/wiki/Bhopal_gas_tragedy (no trailing slash).
-- Argel
Don't put this on MS in any way. Autorun is a feature that the users want to see.
Just because a user want's a Program to intall automaticaly, doesn't mean they deserve a root kit install. It is not an exploit becasue auotrun works as designed.
I am not a MS apologist, but don't blame MS for this, it is SONYs doing, and SONY bears 100% of the blame.
If I thought a brick through your window, is it the home builders fault for putting windows in your home? Is it your fault because you use glass windows? No.
The Kruger Dunning explains most post on
Your link is broken, you meant http://en.wikipedia.org/wiki/Bhopal_gas_tragedy without the trailing slash.
I never have mod points when I want em...
Looks like Sony's a PR client of this crazy bitch.
She's got a track record of PR disasters all her own.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
...or not
e &pg=qu&sid=4526&symb=SNE&shownav=true%2C&time=1mo& uf=0
http://money.cnn.com/quote/quote.html?shownav=tru
up about a point and half since 10/31. 5% gain or so.
If you nuke your hard drive and reinstall Windows after you get the rootkit, aren't you circumventing a copy-protection system and violating the DMCA?
Just "gittin-r-done," day after day.
Tested under Firefox as a bookmark.
(originally a ingle line, to make it shorter, but now with spaces for /.)
Sony BMG is 50% owned by Sony Corporation of America and 50% owned by Bertelsmann AG. Sony is still a Japanese company, although Sony Corp. of America is US-based. Bertelsmann is a German company. The UK market and the German market are not that different. You see, even small countries may be major players in certain markets. Say "Supashi bo", "Thank you" and "Danke schön" to Sony worldwide.
/.
Anyway, I think your point is well taken. Who are the other companies using XCP? I do not understand why such a good question is being rated "overrated". Maybe because this is
I think the point was to intentionally get it wrong. It's mildly humorous.
That's right. All your base.
(From TFA)
It's an interesting insight, but it also misses an equally crucial point: The two (multinational corp, criminal org) are not mutually exclusive. And, in this case, that they are the same thing.
I haven't bought Sony in some time, and I'm absolutely not going to now. It's a shame the BMG is part of their label, since some really decent acts (IMHO) are signed with them. I'll live, of course. I hope those artists find a good way to get out from under their contracts and escape their indenture with such a thoroughly evil organization.
Welcome to the Panopticon. Used to be a prison, now it's your home.
It seems that everyone is sleeping with everyone nowadays. Microsoft creates a shitty OS full of bugs. Then virus writers load it with worms, rootkits, and other malware over time. Then all these security companies get into the business of cleaning up after M$'s crap. As long as M$ keeps creating crap these guys are in business. You can think of anti-virus companies as digital refuse workers for M$. if there is no trash to take out, then these guys don't have a job.
So now Sony and F4I create a rootkit that will stick itself onto your system like a parasite (does this happen if the user is not running as admin? Can the rootkit work then in regular user mode?). As this excellent article pointed out, M$ would love to be in bed with Sony as the OS/digital content distributor of choice. Currently this happens to be Apple and M$ would love to grab a hefty share of the profits. They don't care about the majority of home users. If you aren't running a production system and paying them oodles of cash, they won't give you the time of the day. Why should they care about your security when most users don't care about their security. In all honesty your average joe doesn't know what a rootkit is (the CEO was right about that), he doesn't care, as long as his computer "isn't running slowly" and popups aren't flooding his desktop. In the end he doles out the job of fixing his computer to some neighborhood geek or tech support dude.
Well I for one have had enough of this crap. I refuse to fix your computer if its broken! If you want me to fix it, I'm going to install an open source system created by users for users.
Sure virus writers can start attacking there also, but as long as I know what's going on under the hood I can protect myself better. The average Joe can take advantage of this protection because if it's good for me it's good for him. I'm staking my reputation on the code i've written, there's a sense of pride in it. I'm not just in it for the money.
Now you have to think that if MS and co have had done thier homework to make this work for such a time, that Vista probably bad been enabled for such things as well.
I had recently been hoping Vista would be a 'Good Thing' for those I have to help with broken violated Windows systems, but now I'm really thinking that may not be the case any more.
Sony, Microsoft, Symantec, McAfee, you all have some 'splainin to do!
"Enjoy what you're doing! If it becomes drudgery, you're doing it wrong!" - Jim Butterfield
I see lots of discussion about windows Autorun CD feature. Those of us that were Mac users in 1998 (all 12 of us) learned this lesson from the Quicktime Autostart worm. QT used to have a autoplay cd option that was exploited pre OS X to install an annoying but harmless worm. I caught it from The CD that shipped with MacAddict magazine. Autorun should not be enabled.
I bought a DVD burner today and the only requirements were that it had all of the new features AND was not Sony branded. Good job Sony!!
The U.S. Attorney apparently does not think that it is "worthwhile" case and will not extradite him. See: http://www.bhopal.com/opinion.htm
I guess it's a different story when the shoe is on the other foot, then the US just kidnaps the suspect (from another country), exports them for torture and then puts them in prison for years and denies them the right to a fair trial etc.
It doesn't matter if it is Sony or Union Carbide, if it's a company it's OK in the USA.
Hmmm ...
1) build a rootkit.
2) make deal with major AV companies to not detect it.
3) Sell my rootkit to Microsoft.
4) ?
5) Take over the worldwide net!
6) Declare myself Lord God Emperor of the 'Net.
7) Force all 'net users to bow to the Lord God Emperor of the 'Net!
8) Start my own religion.
9) PROFIT!
Why did Sony's stock price rise another dollar today? Are investors not worried about this development? Is it PlayStation revenue? Go figure.
-anon
I can't argue with most of this, mostly because most of it is untestable (in scientific terms, they refer to such things as either "bunk" or "theoretical physics").
I will point out, however, that my mom told me a story about once, when I was a baby of less than a year old, I was in a shopping cart while she was getting some items from the aisle. Another woman with large breasts came by to coo over my baby form, and I reached right up to these breasts, rubbing them and saying, "ooooh, pwetty".
I'm pretty sure I'd never seen porn that young. No, they weren't my first words (those started in full sentences at 6 months).
As for the bisexual/threesome idea. It's something that comes from logical thought without inserting the "human element". Example in C++:
If (I->LikesWomen() && She->LikesWomen())
{
try (ShareWoman()) or catch(BackPedal(LIKE_A_MANIAC));
}
In other words, if sexual exclusion is not present in one person, the logical conclusion for the other person, being a sexually driven creature, would likely be to broach the topic of bringing in a third party. Or fourth.
What this sexually driven person sometimes doesn't realize is that there is the strong possibility that their partner wants monogamy, not more sex. Nor does this person realize that their competition has in fact doubled - but that's easily driven by internal denial.
"Assuming for the moment that men are NOT just naturally sex-crazed misogynists who only want to use women as a sex class"
Clue for you: Teenaged-thru-25-year-old boys and men ARE naturally sex-crazed. Chalk that up to millions of years of evolution. Sorry, but you're a member of a race that's survived on the extreme need for reproduction. While sex doesn't necessarily lead to reproduction these days, that doesn't stop the desire for it.
Meanwhile, why you be trolling with the offtopic shit, yo? This isn't gamegirl or women's weekly. It's Slashdot. We talk about technology and related issues, not prudish sexual philosophy.
110100 1101000 1101000 1100110 0 1101111 1101000 1100011 1
And you have?
Dickhead.
Oh, and for a possible reason for the attractiveness of large breasts: Click here
110100 1101000 1101000 1100110 0 1101111 1101000 1100011 1
It's no wonder that Symantec and other AV companies were reluctant to react - they produce software that's almost as intrusive.
/Windows. Only exceptions are hardware drivers and the registry entry.
For example, ZoneAlarm installs a low level network filter that listens to all network traffic. It also just so happens to break a few things it should not break, like Ruby networking. The driver sits at such a low level that turning off ZoneAlarm doesn't disable it - you have to uninstall the software to get rid of it.
Name any Symantec product - even backup software - and it requires you to restart the system. I wonder why. I want to have software that does its job, without side-effects.
If Microsoft were not the worst offender itself (Visio update installed - please restart the system!) it should release a code of conduct for software:
- Application programs shall not install themselves anywhere in
- Applications shall not require a restart to be installed.
- Users can stop applications via the GUI, and all aspects of the software will shut down
The problem with Windows is that it encourages programs to install themselves all over the system. MS provides the worst example with the ball of hair that is Office.
It appears to have come from shiny silvery disks that superficially resemble CDs and that can be used in some equipment designed to read CDs.
I don't recall seeing a "CD" logo on anywhere on the affected products or their packaging.
This is the text of an e-mail I, Tamas Feher from Hungary, antivirus support worker by profession, sent to Mark and Bruce yesterday to enlighten them about the factual falsity of their bold claims.
****************
Dear Mr. Mark Russinovich
I am totally outraged by your behaviour.
Ad 1., You were not the original in-the-wild discoverer of the Sony BMG -
XCP system level copy protection mechnanism. It was F-Secure Corp., the
finnish anti-virus vendor, whose proprietary Blacklight tool found it on a
customer's PC on 30th September 2005.
They have proof on the F-Secure weblog, read the write-up:
http://www.f-secure.com/weblog/archives/archive-11 2005.html#00000694
Why do you celebrate yourself then?
Now even Bruce Schneier is singing the same false anti-AV tune of yours:
http://wired.com/news/privacy/0,1848,69601,00.html ?tw=wn_tophead_2
To the contrary: XCP was discovered by an anti-virus company, period.
Ad 2., You simply spat in the soup of others. F-Secure has been in quiet
negotiations with Sony BMG for several weeks, trying to convince the giant
behind closed curtains to revoce the XCP "rootkit" technology voluntarily
and Sony did that. The new rootkit-less software version appeared on
Sony's website mere two days after your irresponsible and uncoordinated
disclosure. Don't dream for a minute that you did that, it is impossible
to develop such new code in less than two days. Why do you celebrate
yourself then?
Ad 3., It happened because it was in development for weeks as a result of
F-Secure's quiet diplomacy, not because of your cowboy attitude. The vast
majority of the world does not value vigilantism, unlike americans who
grew up in a gun-slinging culture. Unilateralism is not the solution, as
has been shown this case and the Dubya Bush Jr. Instead of being proud you
should be ashamed, because your action caused tremendous harm to the IT
security industry.
Security is about trust above all and your antagonizing stance demolishes
trust. You literally incited hatred and encouraged hackers to create
malicious code against XCP. Megacorporates will never trust IT security
firms any more and this may demolish the current many small firms
industry, leading to monopoly situation, which they can afford to create,
and then even you will be gagged! You digged a good part of the grave for
our "ideally competitive IT security market".
Ad 4., Buggy software and resulting exploitable code is not a crime as of
now, not even if provided by Sony-BMG. If you want that changed go to the
Capitol and petition the government to that extent. Inciting hackers,
however, to attack and trojanize buggy software and create electronic
anarchy is cyberterrorism and not substantially different from a bus
bombing. How are you different from Mullah Omar who preaches terror
from a cave over the west's mistakes? Both belong to Gitmo.
Ad 5., The DMCA gives every right to Sony to protect its property of art.
They support fair use as defined by the law. An audio CD disc is listened
to in a discman, a hi-fi deck or a car stereo system, none of them
are affected by the XCP software at all. When you put it in the optical drive
of a computer you admit you want to copy it, because that is the only
explanation for not putting it in a deck or a portable CD player.
I have no sympathy for bootleggers. A good part of the money media giants
earn are flowing into the tax purse of the gov't and much of that supports
defence. Every single song fetched from P2P steals a cartridge from the
magazine of an M16 rifle as worn by an american GI. When Private Johnny
runs out of ammo and the fanatics cut him down, who will protect you and
your family from the wrath of is
why we are taking advice from some guy, just because he starred in a Jaws film some time ago?
ah the classic "ah the classic" argument. better dog that don't hunt would be "two wrongs make it right", because they fuck with us so we fuck with them. really simple.
Am I the only one to think something is wrong here? Sudenly sony is exposed, news appear daily showing sony as the "bad guy", and as someone else said in a previous comment, microsoft is the one with a "good atitude".
I'm starting to think the relelase of PS3 has something to do with all this anti-sony campaign!
I tried disabling Autorun on both DVD drives -- both still pop up that 'what do you want to do with' boxes every time I insert a disk.
Tried to put 'do nothing' beside every damn action in the pop up boxes described above. Still get the damn pop up box.
Inserted a Leahy cd with the Suncomm version of DRM on it. Yes, my sound drivers were overridden by default. Damn thing never ASKED my permission, never popped up a box asking me if I wanted to install the software.
So now I'm looking for a linux cd that comes with just enough programs to rip mp3s and dvd vob files to divx, but ignores any drm software on the disks.
After getting Sony malware on the PC, getting rid of it is a pain. First there was XCP uninstaller flaw. Now there is another DRM uninstaller flaw. Alex Halderman did found that removing Sony's other CD DRM/SpyWare technology, the SunnComm MediaMax, system will wide open for a web-based attack.
TrendMicro appears to have added it Nov 12. Looks like they just removed the cloaking, and leave the rest, like many of the others.
Styrofoam IS biodegradable, you're just impatient!
Here's something funny... Sony's rootkit/DRM provider's, First4Internet, XCP's press release links on their website suddenly start to slow down in October 2005...
http://www.xcp-aurora.com/press.aspx
Do you think they're in a panic, too busy to toot their own horns?
March 6
or
Whenever that virus from the movie Hackers was set to go off
take your pick
[Fuck Beta]
o0t!
So I am guessing now that pirating music is safer??
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
Maybe the questions were too uncomfortable.