Slashdot Mirror
Texas Sues Sony BMG over Rootkit
Mr. Sketch writes "According to Yahoo!, Texas Attorney General Greg Abbott 'filed a civil lawsuit on Monday against Sony BMG Music Entertainment for including "spyware" software on its media player designed to thwart music copying. [...] Texas is seeking civil penalties of $100,000 per violation of the state's Consumer Protection Against Computer Spyware Act, which was enacted earlier this year. "Sony has engaged in a technological version of cloak and dagger deceit against consumers by hiding secret files on their computers," Abbott said in a statement.'"
EFF has launched a class-action suit against Sony.
Man is a slave because freedom is difficult, whereas slavery is easy.
Here's a link to the official Texas AG's press release.
= 1266
http://www.oag.state.tx.us/oagNews/release.php?id
They even have an online complaint form. Be the first on your block to get in on the lawsuit!
Heck is a place for people that don't believe in gosh.
The PDF is available here. The press release is here.
:) )
(cough
If you have been damaged in any way, shape or form, it's time to call their bluff!
I believe it can also be bypassed by holding down the shift key while inserting the CD into the drive (temporarily disabling AutoRun), or by permanately disabling AutoRun.
Using a bit of tap to do it is just grandstanding.
Congratulations, you just violated the DMCA.
I believe it wasn't turned on. It doesn't self balance when its off.
So basically, the rootkit would install itself on your PC even if you clicked NO on the popup that appears after inserting the disk? Wow... Now re-read this (different article, posted on Slashdot earlier):
"Most people, I think, don't even know what a rootkit is, so why should they care about it?" the head of Sony BMG's global digital business, Thomas Hesse, told National Public Radio.
I don't know... So they are counting on tricking gullible PC users into installing something which will ultimately harm their PC, which is heinous in itself, but somewhat legally "murky" enough for them to get away with it. But when your answer to the EULA actually has no effect whatsoever on whether the r00tkit is installed or not, that is beyond words. It shows how much these corporations disrespect their customers. We are sheep. With cash they gave us for working for them... and they want it back.
Unfortunately, that only works if killing them will prevent your property from getting damaged/stolen. Inapplicable in this case.
This was someone else's idea here on slashdot, and it works.
"Sony intentionally infected that CD with DRM. It is infected with DRM. It will take over your computer." I just told this to a friend of mine who is a huge fan of Imogen Heap and was about to buy her recent US release of Speak for Yourself through Sony.
Sony infected this CD with DRM for the Mac, and maybe Windows, too.
My friend has spoken with Immi before and is writing her to tell her why, although he supports her and goes to her shows when possible (the hotel/cafe tour for example), he will not be buying the album.
He will not be buying it because It is INFECTED with DRM.
Whomever came up with this brilliant strategy, please feel free to take credit in a reply here. I can't find the original comment.
http://www.deathpenaltyinfo.org/article.php?scid=8 &did=245
Protoplasm. Quiet Protoplasm. I like quiet protoplasm.
That the AG, like basically all state employees, is paid salary. So it doesn't matter how many of what kind of cases he wins, he gets the same amount of money, it's not a contenginecy basis like private lawyers. So ALL the money goes to the state, not just a certian percentage. You don't get rich working as a lawyer for the state.
No, this sentence refers to SunnComm MediaMax, not First4Internet XCP. MediaMax doesn't use a rootkit, but installs even if you reject the EULA, phones home when you play a CD, does not include a functioning uninstaller--but if you jump through a bunch of hoops, SunnComm will give you an ActiveX uninstaller that opens a huge security hole on your computer, kind of like XCP's.
Sony recalled XCP CDs but didn't say a word about MediaMax. The EFF is pressuring them to recall those CDs as well, which have been on the market for two years and number at least ten times as many as XCP.
- Using random or deceptive filenames to make it difficult for the consumer to find and uninstall the program, in violation of CPACSA 48.053(5).
- Inducing the consumer to install software by falsely claiming that it is necessary to play the media, in violation of CPACSA 48.055(1).
Seems pretty weak, but I imagine they'll tack on additional charges once they've had the chance to do some discovery.People don't know what DRM is, but they DO know what a virus is.
This isn't EXACTLY a virus, but it's VERY close, so call it that.
You're not enough of a salesperson. You're trying to be exact and precise about what you say--instead, give them a term they understand that is close to reality.
"Sony distributed a virus on their CD's in an attempt to break your CD drive so that it cannot copy their CD's. In addition, it opens your computer up so that it can get many other viruses, and it has the ability to report your usage back to Sony at any time."
That'll sell, and it's true.
-=Lothsahn=-
I had sent a friend information about this Sony thing last week and it got not a lot of attention. However same friend was trying to de-lous another persons PC yesterday and called me for support (Note: I'm not particularly qualified for Windows support at this point, but I can do Google searches and say things like "hang in there" from time to time). I think by that time I was called many of the virus and spyware elements had been cleaned by conventional means, but there seemed to be some persistent problems. Just in case, I asked whether they had played any of those Sony BMG music discs in the machine. Apparently I was on a speakerphone setup, and I heard several denials of the form "We never use our machine for such things" while my friend asked me what I was talking about.
After refreshing his memory, and in turn having the family involved talk among themselves for a while, it turned out that some Sony BMG discs HAD been played in that machine, and some of the remaining questionable files had Sony all over them even though the family didn't own a Sony camera, Sony music player or any other Sony device that they could think of. Finally someone remembered that the little girl in the family HAD played, or ripped, or SOMETHING some music CDs in the machine and off they rushed to find them. In the mean time I was looking for the list of Sony BMG discs affected, originally numbered 20 and widely circulated at that count, but subsequently updated to 50, and listed on a Sony website. I found the list of 50 at about the same time that they found their played/ripped/inserted/whatever CDs and sure enough, several of them had the Sony BMG label on them. Now the catch was that (a) none of the CDs they had found were on the list and (b) none of the CDs they had found had the warning that they contained copyright protection software, and my understanding was that the affected discs did contain such a warning.
Well, by getting rid of the Sony BMG stuff they seemed to be back to a clean machine, and they swore to never insert a music CD into their machine again or to buy a CD from Sony. So, congratulations should go out to Sony BMG and First4Internet for accomplishing their objectives. Now to round out the picture:
(1) I suspect that Sony BMG, Sony alone, and BMG alone have in the past used other protection schemes and while they haven't been vocal about it, other companies are doing the same experimentation. All of these programs have their own ways and means of hiding themselves and controlling what YOU do with YOUR PC. But NONE of them have exhaustively looked into the legal, much less technical ramifications of what they do. They think that by merely relying on third party companies like First4Internet they can claim ignorance of the consequences.
(2) Rumor has it that by the time you are asked for your permission to install software when you insert these disks SOME software has already been installed.
(3) Sony/BMG isn't the only company doing this, they are just the only company that has been caught.
(4) These discs have been out for a year, and some people say two years, or maybe more.
(5) There is no quick and easy way to uninstall these programs, either from Sony BMG or the s
That this is a STATE Attorney General, suing on behalf of the citizens of his (MY) state, the State Of Texas. Considering that any statutory penalties would go into the state coffers and NOT into the AG's pockets (He's a salaried employee of the State of Texas, not your lawfirm type attorney...) your claims of 33% of this going into his pockets would be dead wrong. Your rant, nice though it was, was like a tale told by an idiot, full of sound and fury, signifying nothing. (With apologies to Wm. Shakespeare...)
But then, this IS Slashdot, afterall...
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
That they stole code from LAME and violated the LGPL got like one minute of news airtime before falling into the background. That really isn't important to the average person, which is really a damn shame. I would expect that part to be more important or at least more-covered in the media.
NPR Covered the story which pleased me. They started it off like this:
"Today's vocabulary word is 2 words: ROOT KIT"
A decent 5 minute segment on it.
Actually Texas didn't give you Bush. Connecticut gave you Bush. He lived in Texas for a bit before moving back to New England for high school, college and then graduate school. His mom is from New York and his dad is from Massachusetts. I'm half-way convinced that the accent is faked.
Texas did however produce Ann Richards, the democrat governor of Texas prior Bush and David Cobb, 2004's Green Party candidate.
Sorry -- I know the above was an attempt at humor, but I do get sick of the assumption that everyone in Texas is far-flung Bush-lovin' right wingers.
That would be billion, not trillion.
//not trying to be an ass...
$3,362,560,000 ($3 billion, 362 million, 560 thousand, 000.00)
Just thought I'd clear that up, since you made the mistake twice in your post.
Of course, I may be wrong...if the whole counting thing was changed recently.
BDR Gear
Outdoor gear, MREs, and more!
It's not so ironic as predictable. The mods will moderate you whatever you ask them not to, provided you post early enough, and the rest of your content is good enough to make them look.
Mods, I forbid you to moderate this post informative.
"Who is the Journal of Quantum Physics going to believe?" --Stephen Hawking