Slashdot Mirror
Sony Rootkit Redux: Canadian Business Groups Lobby For Right To Install Spyware
An anonymous reader writes "Michael Geist reports
that a coalition of Canadian industry groups, including the Canadian
Chamber of Commerce, the Canadian Marketing Association, the
Canadian Wireless Telecommunications Association and the
Entertainment Software Association of Canada, are demanding
legalized spyware for private enforcement purposes. The potential
scope of coverage is breathtaking: a software program secretly
installed by an entertainment software company designed to detect or
investigate alleged copyright infringement would be covered by this
exception. This exception could potentially cover programs designed
to block access to certain websites (preventing the contravention of
a law as would have been the case with SOPA), attempts to access
wireless networks without authorization, or even keylogger programs
tracking unsuspecting users (detection and investigation)."
will you be installing your spyware on my computer.
Law enforcement computers, politician's computers, government computers, homeland security computers. My bet is within a week 50% of those folks wouldn't have jobs, and 75% in a month.
Screw off. Sincerely, Canadians.
On every machine I find.
This makes a good argument for using open source. Removing a secret rootkit is a lot easier when the underlying layers of the operating system aren't obscured. I'll be this goes nowhere. Either that or proprietary OS vendors suffer sales losses as people flock to Linux and *BSD
It's getting pretty hard to differentiate between living in North America under corporate controlled government and China under government controlled corporatism.
If only there were a similarity that I could put my finger on, it seems there is but it escapes me.
I guess we'll see how similar if this passes. I doubt it will, but it indicates we have more in common that I'm comfortable with. Hell, just the fact that this has been proposed is a lot more egregious than I'd have ever imagined possible just a few years ago.
Hang them. Problem solved.
Instead of legalizing a practice that would otherwise be illegal to protect obsolete businesses, why not legalize a practice that is otherwise illegal to rid ourselves of those obsolete businesses?
Palm trees and 8
My own computer running Windows 7 was hacked in a drive-by when I visited a website (didn't download anything), and the drive began spinning wildly. The router logs showed connections to the Dutch anti-piracy group, BREIN. If it's not currently legal, it isn't stopping them.
They are saying
"Look. Piracy exists, and with piracy, you get none of this spyware. With piracy, things are free, often easier and faster to get, and many times they work better. We know you need your money, so we want to make sure once and for all time, that you never, ever waste it giving it to us."
Loud and clear.
Also: How far down the road is piratebay.org in comparison to sneakyfucktards.com? Discuss.
This is just a case of bureaucrats being bureaucrats as usual and common sense taking a back seat.
There are plenty of level-headed folks with a tenacity for doing what's right up there in moose country that will fight this tooth and nail (Theo comes to mind). At most, this will cause a whole lot of noise a la SOPA and eventually get dumped.
Besides, the anti-spam legislation, I hear, is quite popular. More than this rubbish is popular with law enforcement.
If computers were people, I'd be a misanthrope.
I was dismayed to see this article in the paper today:
http://www.calgaryherald.com/technology/Smartphone+storage+memory+cards+exempt+from+copying+fees/7920963/story.html
I didn't think we'd (Canada) be stupid enough to actually go through with this new copyright bill, but it seems that it has.
Spyware like this can prove that someone did indeed commit acts of copyright infringement as alleged. Do in a sense, it's the next logical step from a law enforcement perspective.
But we're getting to the point where the cure is clearly more harmful than the disease. Have the *AA's not learned anything from the Sony rootkit debacle?
How far all thess jokes will go until we decide collectively for a stop, and just throw all those IP crap out the window?
Video of some good progressive thrash music
I say absolutely. As long as part of the law is continuous video surveillance of all executives of the companies that install the spyware. (Bedroom, bathroom, mistress' place, hotel room, etc.) And their families. And it has to be accessible by any Canadian citizen to do with as they please at any time.
Not even if it is open source.
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
in Canada seems to be where the problems would stem from. Would it be considered in 'my' best interests to install software to incriminate myself?
Don't complain about syntax, grammar, or spelling. There is no.hell like input on android.
It is amazing that corporations do not recognize this simple truth.
The spyware should also be able to $SYS$steal retrieve banking and credit card information from the users. This way they could automatically charge them for any usage of their 'content'.
...these so-called "business groups" will get everything they're asking for. With extra tongue.
The U.S. administration has probably given this up long ago, we just haven't heard about it yet.
[End Of Line]
I guess I am okay with this, as long as we can install stuff on their machines as well. I am pretty sure that they have a lot more to hide than I do...
When they do install it on your computer, you will know who to hunt down and kill.
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
The only appropriate response to such a request is, "Go fuck yourself."
This space unintentionally left blank.
...for the Linux version. Ooo ooo ooo & Linus' comments on how badly implemented it is...:-)
That doesn't solve the problem, though - more and more people are using Linux on a regular basis, and while they are shielded from a good majority of threats seen on Windows, it doesn't meant that 1) there isn't spyware that can affect them and 2) that they would know how to lock down their systems just because they have an OS more capable of being finely-tuned and locked down. Don't mistake a great tool for a great carpenter.
See? Problem solved. Second line.
I don't use a PC for copyright infringement anymore.
I haven't thought of anything clever to put here, but then again most of you haven't either.
And when the software inevitably bricks a few thousand (or hundred thousand, or million) devices and people lose untold billions worth of data...Will these companies be required to provide just compensation since no EULA was even clicked?
How much are those lost photos of a couple's new baby worth to them, anyway?
Go find a cliff or a bridge somewhere then take your entire fucktarded family. Have all of them jump off to their deaths and after that jump to yours as you are too fucking stupid to even exist let alone use a computer.
http://tinyurl.com/9wpxjg6 Page 11-12
These exceptions they are asking for are so very broad. Take a look this exception they're seeking,
(a) a program that is installed by or on behalf of a person to prevent, detect, investigate, or terminate activities that the person reasonably believes (i) present a risk or threatens the security, privacy, or unauthorized or fraudulent use, of a computer system, telecommunications facility, or network,
Do you believe the RIAA poses a reasonable threat to your privacy from their new rootkits? Well then it seems, under this law, you could install a trojan horse on their computer, read their files, and then crash programs that might end up help the RIAA from violating your privacy...Like Windows
I hope they provide the source to their security software or at least port it so it can run on on Linux/BSD. I want to continue to legally be able to watch DVD's and BluRay movies/TV shows on my Linux HTPC.
In this case, the only people with rootkits installed on their machines will be the law abiding citizens.
PS: I assume they'll also make it illegal to remove a rootkit, so people that just care about their privacy instantly become criminals too.
Yes this sounds like an excellent idea.
Corporations are already tax havens, now they're turning into law havens.
Microsoft - stop these dick fucks jacking the kernel please. Windows is turning into an STD infested cheap hooker of an OS.
This is Canada were talking about here, no politician has the balls to go through with this. Even one of our provinces doesn't have the balls to separate after they continuously threaten to do it.
Watch out for those Windows 8/RT ARM-based machines. Not possible without money going to Microsoft for a key.
Exactly. The average naive user will enter their password, or the root password, in a box when prompted to do so.
I lobby for the right to kick these fuckers squarely in the nuts.
-- green led
They wanna do WHAT now?
I'm starting to think it's going to take some heads on pikes before they get the message. And every day it seems more likely I'll see such in my lifetime.
I don't know about you all, but I'm putting some money in guillotine futures.
You are welcome on my lawn.
I have a drill press in my garage for dealing with such defective equipment.
I'd rather by spied on by the chinese than corporations in the united states
spend some time up in .ca land, leave a message.
thank you.
if this is supposed to be a new economy, how come they still want my old fashioned money?
why dont they just put it in their EULA, like how adobe scans for registration keys and whatnot for their own products if you install flash player. oh they dont want to look like evil maple syrup mainlining weirdo's i get it... blame canada.
You joke, but look where being nice and/or polite has gotten us so far.
These guys don't play nice...
So it's basically what we already have now.
This will spawn an entirely new term:
Pirivacy. Those who practice it will be Silicon Pirites :D
Although I condone raising chemistry and geology geekdom, what's wrong with reusing good old term "Privateering" and "Privateers" in this new context?
Rootkits written by Foreign Governments. Undisclosed Zero Day Microsoft Exploits. Badly written Laws. Secretly Installed Software. LOL! What could go wrong?
Somebody has been snorting the magic security fairy dust again.
Of course they realize the IT budget line is going to need a Fat Increase this year to deal with this additional vector of security compromise. Training. Scanners. Awareness. Detection. Monitoring. Logging. Removal. Forensics to figure out what got stolen, and who has it now.
Better bump up the budget for the Lawyers too to take the case to court. That would be a court in a foreign country. Travel Expense. Hotel Expense. Translators. Can Canadian Lawyers practice law in Red China ?
The accountants will need a bigger budget to add paragraphs on the financial statements disclosing the new risks. After an audit. A new type of audit that will take money to decide what that new type of audit is supposed to do.
The Insurance Guy is going to want more. More Risk == More money.
Or just exploiting a bug in the root kit.
And Linux, just as OSX and Windows, often assigns the root password to the first user's password - OEMs used to add their own passwords (at least on some Windows boxes I've used), but it seems they stopped after there was a bunch of "WTF is an Administrator Password? Try Kitties123" I'm thankful for it when I work on someone else's computer, while simultaneously cringing that an entire machine is at the mercy of "stormclouds1"
Still, security ultimately falls on the user - to make an OS stronger we inevitably must make the user smarter, but let's keep throwing firewalls, anit-virus, and ad-block at them until at least they have a computer, even if they don't know what it does or why they haven't seen strange pop ups in months (how many frickin times can you advise someone to at least use a different browser, or less malware-laden porn site?)
Has asked the Head of IT security of TransCanada about how he is going to protect his company's sensitive against this threat?
How about the plant operators at Syncrude and Suncor? What measures are they taking to secure against this new attack vector?
If they disclose this on clearly the package, similarly to what is done w/ cigarettes, I have no issues with it. The labeling certainly hasn't done much to stop the sale of tobacco.
As far as I'm concerned, they can put key-loggers, root-kits, or whatever the hell else they want as long as they make the consumer aware.
For an icon, they could use a 'human looking' figure. Bent forward, pants down, maybe holding a jar of Vaseline?
I, of course, won't be buying it. But I wasn't buying it anyway.
Simply stop buying their crap, there are alternatives. I think the choices will start to become more apparent to the masses over time, and the losers will be those depending on unsupportable business models.
Consider: You can buy DRM-free music, today, where they make no attempt to lock it to specific devices. Emusic is one, and Magnatune is another. In the latter case, you are even encouraged to share your purchase in limited amounts, and there's also free streaming if you are OK with the per-song nag message. Non-lossy formats are supported too, and they go for quality content instead of large amounts of crap. (Yeah, preaching here, but I just bought a lifetime membership.)
In TV/movie terms, Netflix has just released a season of a series, "House of Cards", that *they* produced. Screw Sony and their ilk, this is produced and distributed without their help. I'm hoping this gives big media companies a shocking wheeze, where it's apparent even to them that they're becoming irrelevant.
I doubt the courts will accept that argument even if it plainly written in the law. Only sufficiently rich corporations are allowed to install rootkits.
And Linux, just as OSX and Windows, often assigns the root password to the first user's password
I have NEVER seen a distro do this and I've worked with Ubuntu, Fedora, Arch, Debian, Mint, FreeBSD* and more. Unless you meant "sudo", but that is NOT root's password.
* Not technically Linux, but uses almost identical security design.
Anything like you're suggesting would quickly be picked up on; installing what amounts to a trojan on someone else's PC is likely to remain a crime in Europe, even if not the US and Canada. This means that vendors would have to supply different software and firmware packages to different geographical locations, even though the hardware is identical. Anyone even remotely sav would just grab the European versions, via proxy or p2p networks if need be.
That said, some vendors would outright refuse to install third party malware regardless of what they were paid; malware tends to hurt performance and incur additional support costs when it fails. On top of that, vendors based in Europe (eg, anyone using Ireland as their tax haven) would put themselves in danger of legal challenges even if the affected 'ware never made it into Europe.
You can (try to) install spyware on anyone's computer without legal penalty, but people can (try to) pirate anything from your company without legal penalty. Deal?
I really like my Mac, worlds better than windows. But I just installed a linux computer at home that I've been using more and more, and news like this makes me want to use it more. I'm not a programmer, but I feel reasonably safe that the many eyes of you programmers will catch this code should it ever be inserted into a distribution. Only question is, with rhel essentially being closed off to all of you - if they were to adopt software like this. Would it be caught and removed in centos (the distro I settled on?) or will they faithfully include that "feature" as well? Otherwise, I'll have to go to openbsd, which would suck, because as much as I admire the is and theo, I'm very excited about the possibilities afforded by virtualization, which he doesn't seem inclined to support thus far.
Lets start with his computer. How long till Anonymous uploads dumps form his hard drive?
Who logs in to gdm? Not I, said the duck.
every time it complains that the key is already in use - But then I call the phone activation bot and get a whopping great number that will only work to activate Windows 1 time (so I have to repeat this process every time I get issues).
It doesn't cost me anything but I do wonder why this number will only work once... what an annoying feature!
PS why are the captures always the same?
These corporate carpet bagger cunts deserve to be sued into a smoking hole in the ground. I hope the community opens the gates of Hell on them.
Slackware
File under 'M' for 'Manic ranting'
As a former Army Sergeant in the Canadian Army, I just want to point out that trying to do this violates my Constitutional rights as a Citizen of Canada.
This is very un-Canadian.
-- Tigger warning: This post may contain tiggers! --
but that is NOT root's password.
Touché - I had hastily assigned the ability to sudo to the ability to login as root. And, just tested, it does not set the same as root in OSX. So...Windows, at least XP and Vista. Where's my hat? *begins eating*
speeding up the appointment with the gun control civil war showdown
Time to write letters that border on being impolite!
Not only that but the act itself is indeed fraudulent use of a computer system. They would become guilty themselves by exercising this software. What if their software captured copyrighted data? Ouroboros would eat his own tail!
If they can by law install spyware on my computer, then by reciprocity, I can install spyware on their computer too, right? I can install botnets, viruses and spyware because the law allows them, and everyone is equal under the law, then I can install spyware, botnets, trojans and virii on their computers too, right?
Not so much like China really.
Before they manipulated the media. Then the internet came, word spread faster than ever, people became more much informed about events that were going on.
Government lost some control.
Now they're trying to regain it and stifle the internet. It might look like it's all about money and anti-piracy, but how long before suddenly that spyware is used for monitoring people under future laws, like 'Causing unrest in the general populace' Post something the government doesn't like, even if it's true, and if it upsets people against the government, suddenly the unrest law comes into affect and you get arrested, thankfully to the spyware on your pc identifying you on the net.
Like how youtube wants to use your real name.
Sure we might be a long way off before it gets that bad, but that's only because they're doing it slowly and trying to make it about something that doesn't really matter. Most of us won't cry that much if you have to purchase all your content, for some it will suck but life will go on.
Some companies will die because we won't buy their shit.
Keep everyone focused on that, later it becomes a tool to root out anyone who protests the government. Surprise.
http://tinyurl.com/9wpxjg6 Page 11-12 (a) a program that is installed by or on behalf of a person to prevent, detect, investigate, or terminate activities that the person reasonably believes (i) present a risk or threatens the security, privacy, or unauthorized or fraudulent use, of a computer system, telecommunications facility, or network, Do you believe the RIAA poses a reasonable threat to your privacy from their new rootkits? Well then it seems, under this law, you could install a trojan horse on their computer, read their files, and then crash programs that might end up help the RIAA from violating your privacy...Like Windows
I think I like section (b):
(b) a program that is installed, by or on behalf of a person who provides services related to the operation of the Internet or another digital network or who operates a network including a telecommunications service provider for the purposes of network management;
legalizing botnets... awesome.
First off, you won't be told when they install spyware on your computer. And I'm fairly positive that you lack the time, inclination, and competence to either use sourcecode distributions of FOSS exclusively (_and_ read the entire source before you install), or to disassemble and thoroughly study all and any proprietary software you may be installing. And neither will you thoroughly secure all the ports and networking software on your box, again because it takes too much time, hassle, and expertise.
Should you be using MS Windows or X-os, there's no need to talk further as you've already lost.
Secondly, "they" won't be installing any spyware on your box. You will be doing that for them. By running binary installers (legitimate or illegitimate doesn't matter), by installing software that employs DRM, or by surfing to dodgy sites.
There are basically two ways: you can follow Stallman's lead, or you can get accustomed to the fact that there's a lot going on on your box that you don't get told about. Get used to it or go sourcecode-FOSS exclusively.
It appears that the Act is trying to prevent installation of programs that 'do things' without the computer users consent. Where 'do things' are things like collecting and transmitting private data from the owners pc. It does not seem to prevent a computer from releasing this data when the user has been specifically informed and agreed to the conditions.
The suggested amendments by the corporate interests suggest that programs should be able to be installed without the computer owners permission or knowledge. And that these programs should be able to monitor the activities of the user and report secretly without the owners knowledge whenever the program suspects that the user is breaking 'any law'. Where 'any law' is: "any law of Canada, of a province or municipality of Canada or of a foreign state".
Logical conclusion:
- these corporations want to install programs that monitor and control your computer usage and secretly collect this information.
- these corporations want to limit the usability of your computer when it conflicts with their interests (profits).
- these corporations want you to abide by arbitrary laws of foreign states!!! Circumventing our own legal process.
A reasonable solution:
- do NOT allow these changes to be implemented into the Act.
- require these corporations to provide all users with consent prior to installing what is effectively corporate backed spyware. After all... with the existing act, the corporations are still allowed to have these programs installed on your computer. The only difference is that as the law stands, you will be informed about it and you will be able to decide whether or not you want to install software that would allow them to monitor and control what you can do with your own computer.
- do not allow foreign states to dictate how we are allowed to operate our own computers within our own borders.