Slashdot Mirror
Texas Sues Sony BMG over Rootkit
Mr. Sketch writes "According to Yahoo!, Texas Attorney General Greg Abbott 'filed a civil lawsuit on Monday against Sony BMG Music Entertainment for including "spyware" software on its media player designed to thwart music copying. [...] Texas is seeking civil penalties of $100,000 per violation of the state's Consumer Protection Against Computer Spyware Act, which was enacted earlier this year. "Sony has engaged in a technological version of cloak and dagger deceit against consumers by hiding secret files on their computers," Abbott said in a statement.'"
EFF has launched a class-action suit against Sony.
Man is a slave because freedom is difficult, whereas slavery is easy.
Here's a link to the official Texas AG's press release.
= 1266
http://www.oag.state.tx.us/oagNews/release.php?id
They even have an online complaint form. Be the first on your block to get in on the lawsuit!
Heck is a place for people that don't believe in gosh.
Congratulations, you just violated the DMCA.
So basically, the rootkit would install itself on your PC even if you clicked NO on the popup that appears after inserting the disk? Wow... Now re-read this (different article, posted on Slashdot earlier):
"Most people, I think, don't even know what a rootkit is, so why should they care about it?" the head of Sony BMG's global digital business, Thomas Hesse, told National Public Radio.
I don't know... So they are counting on tricking gullible PC users into installing something which will ultimately harm their PC, which is heinous in itself, but somewhat legally "murky" enough for them to get away with it. But when your answer to the EULA actually has no effect whatsoever on whether the r00tkit is installed or not, that is beyond words. It shows how much these corporations disrespect their customers. We are sheep. With cash they gave us for working for them... and they want it back.
This was someone else's idea here on slashdot, and it works.
"Sony intentionally infected that CD with DRM. It is infected with DRM. It will take over your computer." I just told this to a friend of mine who is a huge fan of Imogen Heap and was about to buy her recent US release of Speak for Yourself through Sony.
Sony infected this CD with DRM for the Mac, and maybe Windows, too.
My friend has spoken with Immi before and is writing her to tell her why, although he supports her and goes to her shows when possible (the hotel/cafe tour for example), he will not be buying the album.
He will not be buying it because It is INFECTED with DRM.
Whomever came up with this brilliant strategy, please feel free to take credit in a reply here. I can't find the original comment.
No, this sentence refers to SunnComm MediaMax, not First4Internet XCP. MediaMax doesn't use a rootkit, but installs even if you reject the EULA, phones home when you play a CD, does not include a functioning uninstaller--but if you jump through a bunch of hoops, SunnComm will give you an ActiveX uninstaller that opens a huge security hole on your computer, kind of like XCP's.
Sony recalled XCP CDs but didn't say a word about MediaMax. The EFF is pressuring them to recall those CDs as well, which have been on the market for two years and number at least ten times as many as XCP.
I had sent a friend information about this Sony thing last week and it got not a lot of attention. However same friend was trying to de-lous another persons PC yesterday and called me for support (Note: I'm not particularly qualified for Windows support at this point, but I can do Google searches and say things like "hang in there" from time to time). I think by that time I was called many of the virus and spyware elements had been cleaned by conventional means, but there seemed to be some persistent problems. Just in case, I asked whether they had played any of those Sony BMG music discs in the machine. Apparently I was on a speakerphone setup, and I heard several denials of the form "We never use our machine for such things" while my friend asked me what I was talking about.
After refreshing his memory, and in turn having the family involved talk among themselves for a while, it turned out that some Sony BMG discs HAD been played in that machine, and some of the remaining questionable files had Sony all over them even though the family didn't own a Sony camera, Sony music player or any other Sony device that they could think of. Finally someone remembered that the little girl in the family HAD played, or ripped, or SOMETHING some music CDs in the machine and off they rushed to find them. In the mean time I was looking for the list of Sony BMG discs affected, originally numbered 20 and widely circulated at that count, but subsequently updated to 50, and listed on a Sony website. I found the list of 50 at about the same time that they found their played/ripped/inserted/whatever CDs and sure enough, several of them had the Sony BMG label on them. Now the catch was that (a) none of the CDs they had found were on the list and (b) none of the CDs they had found had the warning that they contained copyright protection software, and my understanding was that the affected discs did contain such a warning.
Well, by getting rid of the Sony BMG stuff they seemed to be back to a clean machine, and they swore to never insert a music CD into their machine again or to buy a CD from Sony. So, congratulations should go out to Sony BMG and First4Internet for accomplishing their objectives. Now to round out the picture:
(1) I suspect that Sony BMG, Sony alone, and BMG alone have in the past used other protection schemes and while they haven't been vocal about it, other companies are doing the same experimentation. All of these programs have their own ways and means of hiding themselves and controlling what YOU do with YOUR PC. But NONE of them have exhaustively looked into the legal, much less technical ramifications of what they do. They think that by merely relying on third party companies like First4Internet they can claim ignorance of the consequences.
(2) Rumor has it that by the time you are asked for your permission to install software when you insert these disks SOME software has already been installed.
(3) Sony/BMG isn't the only company doing this, they are just the only company that has been caught.
(4) These discs have been out for a year, and some people say two years, or maybe more.
(5) There is no quick and easy way to uninstall these programs, either from Sony BMG or the s