Slashdot Mirror
Sony, Amazon Detail Rootkit CD Buybacks
An anonymous reader writes "Washingtonpost.com is reporting that Sony BMG today detailed a program that should allow customers who bought one of the 52 titles known to be tainted with the company's deeply flawed anti-piracy software to exchange them for CDs of the same title, sans rootkit of course. Oddly enough, Sony is offering those who want to return the CDs the chance to download MP3 versions of the discs, but only after Sony has received the returned discs. Amazon.com also is sending out e-mails to customers who bought the discs, offering to replace or refund them at no cost."
And how will we know Sony isn't trying something *ELSE* with their dissatisfied customers as guinea pigs?
No option to get cash back? I'd want my money back if I were one of the unfortunate people who had bought one of these CDs.
Bradley Holt
I bet that the MP3's will be watermarked with the individual downloader's unique ID, so Sony/RIAA can later sue their customers...
That said, what bitrate, frequency and codec is used for the MP3s?
Regards,
--
*Art
A refund isn't enough - I hope to see some lawsuits go forward against Sony, as the very least to scare other companies from trying something like this.
I have owned Sony Walkmen, Playstation, Playstation 2, etc.
I have owned dozens of Sony CDs.
I have 6 Sony audio components.
I will NEVER buy another Sony product ever again, and I urge ALL of you to do the same.
If you "get" pointers add me as a friend (116)!
http://img169.imageshack.us/full.php?image=helloki tty6na.jpg
Nice of Amazon to do this, since it wasn't really their rootkit (or maybe they're thinking about potential liability, doesn't really matter).
It'd be great if Amazon and other big vendors refused to carry discs with this sort of horrible DRM. That'd probably get the music company's attention a little better than a few geeks organizing a boycott.
Why does Sony not simply provide an update for their rootkit? Improved security, expanded DRM, and distinguished keylogging, get it all now with Sony's rootkit 2.0. New and improved.
Always at your service
sincerely yours, Sony.
Windows is like decaf - it tastes like the real thing, but it won't get you through the day.
offering to replace or refund them at no cost
R.Mo
Sony seems to be in PR-damage control mode but they could care less about the customers. Sony *still* has failed to release any sort of uninstaller that truly cleans up the affected systems. Great move, there.
/dev/random
Step 1: Buy DRMed CD off a friend cheap.
Step 2: Return to Sony.
Step 3: Download free MP3s.
Step 4: ???
Step 5: PROFIT!
Let customers download the MP3s via a server side script which quietly puts their customer number for tracking and a hash for non-repudiation into the ID3 tags, which'll survive most transcoding. Then if it appears on a P2P network (not likely, unless it's not already there), they'll know who did it.
Recalling the CD's is merely a slap on the wrist. It doesn't cost Sony as nearly as much money as a lawsuit, costs Amazon money, and it does not repair the damage to numerous artists names by this rootkit.
If Sony actually would own up to their stupid mistake, the artists wouldn't be impacted so much. Look at Van Dant's CD on Amazon. 1.5 stars, 300 reviews, most mentioning the rootkit. Do you think that he'll fare so well in the future.
I have lost faith in Sony. Propietary formats and other things were a little odd, but I accepted them. But rootkits, a patent for games that only play on the console they were originally put in...seems like a ridiculous infringement on user rights.
Rather than losing money to pirates, people will turn to better solutions and Sony will be the loser.
It'd be easy to tell probably. If the disc lacks a data sector, you can be sure there isn't one. CDs have different kinds of sectors for audio and data. So if it's all audio, there's no possibility of malicious software since there's no software.
Dodged a bullet there. I thought they would be popular titles people would auctually buy. I sure feel sorry for those couple hundred people that have the rootkit on their system from buying the CD.
Click Click Bloody Click PANCAKES!
They, for once, were doing the right thing preventing that music from infesting your favourite p2p network!!!
6. Bette Midler - Sings the Peggy Lee Songbook
Who in their right mind would subject themselves to such torture. And, what's more, someone paid for the privlege.
This is on her own damn label and they can't get Lady Day's name right?
Unbelieveable. They could have at least looked at the CD cover.
I'll create an amusing sig when I have something meaningful to post.
No no no! They got it all wrong. They should do what my friend's landlord did when he kept complaining that the dishwasher didn't work: They came, turned it on, and when it made noise, they said, "It works fine." And of course, it didn't: First, it smelled disgusting in there, like there was rotten food inside the machine. Second, just because it sprayed (dirty smelling) water doesn't mean it "works fine." Third, if you put a dish in there that was clean to begin with, it came out dirty. And I believe that such a dishwasher makes a perfect analogy for compact discs that contain defective software.
So what Sony should do is this: They should publicly offer customers who bought one of the flawed CDs to exchange them for identical ones! As if we're talking about workmanship in the production of the compact disc proper and not the contents. Hey, just act like you don't know a darn thing about technology when it comes to this type of thing! And when the customer complains that the replacement still contains the rootkit, just say, "It works fine."
Sony. Where do you want to go today? (Hell, they almost make Microsoft look good in comparison. Almost.)
... 2 weeks waiting for my replacement disc, and when I opened my "Suspicious Activity" CD again, I just didn't really feel like listening to it any more.
He who knows best knows how little he knows. - Thomas Jefferson
Sony is offering those who want to return the CDs the chance to download MP3 versions of the discs
Too late ya bastards, I already ripped me music off ye DRM'd cd. Yarrr!
Don't take life so seriously. No one makes it out alive.
And well they should be! In many countries what they did is criminal and should land the decision makers in prison. Both the computer sabotage and the code theft are an issue. Even if Sony can claim they trusted the vendor of the rootkit, then people there should go to prison and Sony would not look that much better.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Son, if you're into Celine Dion and Bette Midler, your rights aren't the only things being violated.
The world's burning. Moped Jesus spotted on I50. Details at 11.
Because they were just testing the water.
The article seems to indicate the offers cover CDs with First4Internet's XCP crap, but that's it. There's apparently similar ugliness with CDs using Sunncomm's MediaMaz copy protection (see http://www.freedom-to-tinker.com/?p=925) which is not covered. I guess that one hasn't gotten enough mainstream media coverage yet...
On the Sony site, they are talking about a secure updater which removes the rootkit:
If you obtain regular security updates from a major anti-virus service, you should receive an update through that process. You may also download the update yourself from http://cp.sonybmg.com/xcp/english/updates.html.
The update its talking about simply removes the rootkit, but does not remove the copy protection portion.
Therefore, I believe these disks will still be executable in format (besides, any with images/videos on will need the media player software as well...)
Just read the home page on the sony site, they still don't get it:
Going forward, we will continue to identify new ways to meet demands for flexibility in how you and other consumers listen to music.
We just want true cds without any bullshit, plain and simple.
liqbase
You're a bit confused here. A Sony user does not have rights. A Sony user should feel that the heavens themselves allowed him to use Sony software and hardware, and be in eternal debt to Sony for it.
"The way we can tell it's C# instead of Haskell is because it's nine lines instead of two." -- wadler
Well the Devil had a brand new plan,
"I don't want any ordinary DRM!"
So he called his boys at Sony Corp,
"I'll make this fast and I'll make it short."
"There's a Limey company, as evil as hell,
They've got a rootkit they're waiting to sell.
So grab some cash, make it quick,
There's a half million networks we just gotta fix."
Now Sony knew the Devil well,
Why these guys were already half way to Hell.
So off they went to England fair,
And bought themselves a rootkit there.
To protect themselves and their evil scheme,
They wrote a EULA that would make you scream.
"No problem," they said, "we can do as we please,
We're all scummy bastards, so what's some more sleaze?"
But not all were asleep when they played Van Zant,
And the racket grew so loud Sony just had to recant.
"We'll take back all those discs, we really were wrong,
Oh, and you Mac users, your turn's coming before long."
The world's burning. Moped Jesus spotted on I50. Details at 11.
There are 10 kinds of people in the world - those who understand binary and those who don't
The best part is that that sony will charge the recall costs against the artists royalties so sony won't be out a penny and the artists get ripped off.
Easy, just check that it has the logo "Compact Disc Digital Audio" . If they put that on anything that is not compliant to the Red Book standard - that is, not a pure audio CD - Philips can sue them for trademark infringement.
Circumcision is child abuse.
Going forward, we will continue to identify new ways to meet demands for flexibility in how you and other consumers listen to music.
"meet" means "deny", the problem as Sony see it is that CD's are already too flexible!
Just as the minister for public safety gets to define where public safety ends, so will Sony meeting demands for flexibility define where that flexibility ends.
Sam
blog.sam.liddicott.com
Getting your money back is not enough.
I don't doubt that sony will try this again only they will dump money in so it isn't a half assed rootkit. They will make sure the EULA covers all actions and potential damages. A court ruling sets precedent and will deter future attempts. Accept the payoff and you're only taking a step closer to the confined world of DRM.The bad press sony is feeling is not enough
Even without the root kit, Sony is being obnoxious with the DRM shit. I got a copy of Chevelle's new album and couldn't even rip it into MP3 without installing some damn proprietary Sony software, and then it would only rip into locked down WMA format. The CD was so screwed up that an older car CD player of mine wouldn't play it, Linux wouldn't recognize it, Windows kept trying to autorun it, but wouldn't recognize the audio side of it. Mac was the only one that would, for some reason, play it just fine. I finally got pissed off and downloaded the whole album via P2P. It was more file sharing than I've done in the last year. Congratulations Sony, now you're going to insent the legitimate people into sharing the files! To me, a CD I can't get into MP3 is useless and defective. I only listen to music on my car stereo in MP3 format, or on my computer in MP3 format, or on my Zen in MP3 format. The original CDs get stored away for safe keeping. I only have two words for Sony... BITE ME!!!
My software never has bugs.
It just develops random features.
I'm curious about one aspect of having .mp3 replacements of the defective CDs that you've purchased. TFA says you have to physically return the CD to Sony in order to get access to a set of .mp3 files for that disc. So what becomes of your license? I mean, we've been making a big deal for days now about how your .mp3 files are only legal if you've got the original disc, as well. So, what, are they going to send you some kind of certificate that says you have a right to own these .mp3s? Or how could you possibly prove that your files were legal?
.mp3s with a particular customer. But then who has the proof that your files are yours? Sony? I'd feel a lot more comfortable with a new, DRM-less CD that I could rip to my computer, so I'd have proof that I own the CD.
.mp3s using bogus contact information. You UPS a disc to Sony with completely unverifiable and incorrect return information, they email your brand-new Hotmail account with the .mp3 download URL, you get the files on a public terminal, walk away, and never look back. You can share these .mp3s with anyone you want to, and Sony will never be able to identify you as the originator. Though all of that seems like more trouble than it's worth, since you could accomplish the same thing by getting a DRM-less copy of the CD, ripping it, and distributing it.
There's muttering here about digital watermarks or somesuch to uniquely identify each set of
On another note, the digital watermark doesn't seem like it would be effective. It wouldn't take a rocket scientist to send in a real copy of the CD and download the
Oddly enough, Sony is offering those who want to return the CDs the chance to download MP3 versions of the discs, but only after Sony has received the returned discs.
They probably want to determine what percentage of the people who were sufficiently outraged by XCP to go to the trouble of sending back the CD are interested in a MP3 version instead (and therefore the sort of people who would've probably tried circumventing said copy-protection in the first place) vs those who actually had genuine technical issues with it.
Good market research for them really.
Here's some favorable press that First4Internet received a couple of years ago.
x cp_art8
http://www.xcp-aurora.com/press_article.aspx?art=
If there were any justice in the world, the next step would be an artists revolt.
If I were one of the artists involved my lawyer would argue something along these lines: Obviously all this negative press will result in fewer of my art being sold. Some number of my fans (regular customers) will no longer trust my work because of this and refrain from future purchases. This is, of course, the fault of Sony. Therefore Sony should pay me the difference. In addition, Sony will immediately consider any contract with me to be null and void because I can no longer count on them to represent me and my work in a respectful manner.
But I'm betting that the artists themselves don't give a wet slap about this either way.
. Quit playing Monopoly with Bill. Switch to one of many non-Microsoft products today.
Maybe if the recording industry had to buy overpriced 1 hit wonder cds back from consumers for 20 bux a each, maybe they would think twice about ripping off the public
...for buying Bette Midler CDs.
OEÉæÁÄZÝÈA OEÉæé_CX
No offense, but here is an idea: how about you go out and try some of the MP3 players and just choose the one you like or you think works best for you, rather than choosing one because everyone is (or is not, in your case) using it? I understand the desire to feel like a non-conformist, but don't let conformity or non-conformity get in the way of function. If an iPod works best for you, then don't worry about who else has one. If an iPod doesn't work best for you, then get whatever else you want, as long as you are willing to support the company that produces it.
I will grant you that the Sony player does indeed look pretty cool, but being Sony, one has to wonder how well the software is designed and how easy it is to use over all. Of course, being Sony, I (like you) will never buy one after all of this crap they are pulling.
Disclaimer: I am a proud iPod owner, and I recommend it to a LOT of people, but not because it is "cool". I recommend it because it is REALLY easy and comfortable to use. However, if you do get one, the first thing to do is get rid of the Apple Ear Buds and plug in some real headphones. I personally use a set of Technics RP-DJ1200s. :D
"Empathise with stupidity, and you're halfway to thinking like an idiot." - Iain M. Banks
Can I buy that song on a Sony CD?
Ddn't people say that about JPEGs and other media files? If it involves a Windows player, there's a way...
"Enjoy what you're doing! If it becomes drudgery, you're doing it wrong!" - Jim Butterfield
You installed a rootkit on a customer who bought Neil F'ing Diamond! Get a grip on your demographics! WTF!
Yes, I know that ND has sold lots-o-albums...