Slashdot Mirror
Texas Sues Sony BMG over Rootkit
Mr. Sketch writes "According to Yahoo!, Texas Attorney General Greg Abbott 'filed a civil lawsuit on Monday against Sony BMG Music Entertainment for including "spyware" software on its media player designed to thwart music copying. [...] Texas is seeking civil penalties of $100,000 per violation of the state's Consumer Protection Against Computer Spyware Act, which was enacted earlier this year. "Sony has engaged in a technological version of cloak and dagger deceit against consumers by hiding secret files on their computers," Abbott said in a statement.'"
from the link:
Can anyone verify this on their own disks?
I'll just use my special getting high powers one more time...
Well today I felt a bit better about the situation. First my wife asked me about it which surprised me. She hasn't shown much interest in stuff like this in the past. And then a little later on when I went over to Stars and Stripes to read todays news they had a story about the rootkit and that they are pulling them out of the BX/PX's.
The more word of this gets out the more DRM will come to light. Eventually most people will know how bad DRM is and maybe, just maybe Sony and the rest will start to feel some pressure to stop trying to push it on us.
"Armed forces abroad are of little value unless there is prudent counsel at home" - Cicero
For $100,000 per violation, I don't know. My guess is that a violation is a provable installation of the software, which can add up fast if they had as many sales as were reported. Even if there is only 100 cases of the rootkit being installed, that's $10,000,000. Add in the image damage and that's a hefty tag. But we all know image damage can be fixed with a few donations to the right charities.
In Canada, the levy allows you to make copy of music CDs, even your friends CDs for you own personnal use without restriction. The 3 limit per CD is a clear restriction that goes against what Canadians pay for. I feel another law suit comming.
It's the AG's office, not a private law firm. The lawyers are public servants on salary, not working for a percentage. They are constrained by law to work in the public's (the people who provide their salaries) interest.
They're prosecutors.
When the NY Attorney General's office nailed Song BMG for "payola" the settelement included a $10 million grant to the Rockefeller Philanthropy Advisors to New York State, a non profit, to promote music education.
The EFF has also filled a rootkit suit against Sony BMG in LA. I guess you can decide for yourself whether these guys are just after a big paycheck.
KFG
Assuming a computer counts as tangible, movable property, and I do believe the rootkit at least counts as "criminal mischief", and the Texas AG has a legal duty to protect people's computers (or people ask him to), the use of lethal force against Sony BMG would be authorized. 9.43. PROTECTION OF THIRD PERSON'S PROPERTY. A person is justified in using force or deadly force against another to protect land or tangible, movable property of a third person if, under the circumstances as he reasonably believes them to be, the actor would be justified under Section 9.41 or 9.42 in using force or deadly force to protect his own land or property and: (1) the actor reasonably believes the unlawful interference constitutes attempted or consummated theft of or criminal mischief to the tangible, movable property; or (2) the actor reasonably believes that: (A) the third person has requested his protection of the land or property; (B) he has a legal duty to protect the third person's land or property; or (C) the third person whose land or property he uses force or deadly force to protect is the actor's spouse, parent, or child, resides with the actor, or is under the actor's care
Have any companies disallowed playing CD's at work computers because of potential security risks? Can someone be fired for unknowing installing rootkits and can fired employees sue the music distributors for costing them their jobs?
Not to ruin the joke but that is exactly what primes are.
Analogies don't equal equalities, they are merely somewhat analogous.
Sony claims that they are unaware of any case where their rootkit caused damages to customers.
Which is irrelevant. If I were to get my rootkit installed on Sony's machines, even if I didn't do any damage, I can't imagine they wouldn't go after me like Star Jones after the last Snackwell.
The Sony executives responsible for releasing this thing into the wild should get the exact same punishment any other criminal would get for distributing millions of copies of a trojan into the wild. Maybe if that were to happen (dream on!) - maybe if a few corporate execs were put in Federal Pound Me In The Ass Prison, forbidden from using a phone or a computer - treated like the criminals they are - people would rethink this crap...
Nah. They have money. Money > Justice.
Since I can't tell them apart, I treat all ACs as the same person.
Does anyone else find it ironic that Texas is one of the states that severely caps monetary awards in most damage suits?
OK I typed way too fast and my calculator converted these fines to exponential notation, so i got some numbers slightly (ha!) wrong.
n ess/14rights.html>
e &symb=SNE
24 Million times 1000000 is 2.4 Trillion not 2 Trillion.
But that is irrelevant because I did more/better research and the lower bound is 568,000 CDs (based on Dan Kaminsky's network DNS cache analysis) http://www.doxpara.com/?q=sony
A good conservitive higher bound is 2.1 Million sold (based on Sony's statements)http://www.nytimes.com/2005/11/14/busi
The revised maximum fine numbers would then be $3,362,560,000 to $14,208,000,000.
So its just $3 to $14 Trillion in potential fines.
Sony has total corporate value (Market Cap) of $36,358,000,000. http://money.cnn.com/quote/quote.html?shownav=tru
My guess is that having a fine of (approx) 40% of your net worth hanging over your head is not gonna be good. Of course this is just Texas we're talking about here, 49 more states to go (and many many countries).
Its not users who are broken, it's systems not taking account their likely behaviour and fixing it technically.
[QUOTE]$100,000 per rootkit'd CD times 20,000,000 million CDs = $2,000,000,000,000 (2 trillion dollars)[/QUOTE]
Someone at Arstechnica pointed out that 'per incidence' meant the creation of the master CD, so however many different master CDs had been created with it installed would be the liability number. I think it 16 or so CDs. So 1.6 million.
Just make sure to kill off a few innocents
The little thug Cantu isn't a innocent - the little car-theif confessed to shooting somebody in a pool hall. That somebody turned out to be a cop - and Cantu probably got a bit more attention after that.
Payback's a bitch.
Moneyed corporations, non-working 'poor' and criminal prisoners are turning productive citizens into tax-slaves.
With all the focus on the Sony rootkit installed by audio CDs, no one has mentioned whether the Sony Connect software installs any questionable components. I ask because the terms of the Sony Connect music service are particularly strict and onerous and given what little they think of consumers, I wouldn't put it past them to have done "something" with Connect as well.
Perhaps the cloaking on the Connect software is better than for the audio CDs and no one has found it yet...
Inquiring minds.
I guess anyone who runs Linux/BSD/etc. would be in violation as well.
If what has been mentioned is true, that the rootkit is installed even when a user clicks "no" on the EULA, I'd expect some felony computer tresspass charges to be pressed soon.
Can RIAA be sued for openly supporting criminal activity?
There's also another benefit, showing lawyers that there's money to be made suing large media companies can only be good for us.
I love it. Hackers and the like are often banned from touching computers, why not Sony? A court order prohibiting them from bundling any software with their "music" CDs would be quite appropriate. Or at the very least, any software required to play back the content or that modifies the system behavior in any way. Of course, that's on top of any fines they should get.
Live today, because you never know what tomorrow brings
You forgot the fine.
Even if the outcome isn't perhaps what was wanted, the fact remains that they still took action against Microsoft for abusing its monopoly powers. The American government, on the other hand, cowered.
Cyric Zndovzny at your service.
Only in America, remember, are corporations granted more privileges than individuals.
"Plus "The US" is way wrong,"
Find a single historian that will tell you the Allies had any chance of winning the war without the US.
You won't be able to. It was specifically the US intervening in BOTH wars that turned the tide, and claiming otherwise is historical revisionism and ignorance.
"Many of us will stand up against racism, regardless of who it's against."
Great, what does that have to do with the French? France is a COUNTRY, you do know what that is right? And you do realize that the French are NOT a race right? And you also realize that claiming they are like you did is inexcusably ignorant right? What is wrong with you?
So apart from making claims that are historically inaccurate, and calling a criticism of France "racism" (which is the catch all phrase of those who want to claim persecution, regardless of whether they are actually a race or not) what did your post add to the discussion?
Why would anyone take you seriously when you can't even figure out what racism is?
How pathetic are you that you follow me from topic to topic and waste all your mod points at once modding me down?