|
Sony installs rootkits on Windows machines
http://www.sysinternals.com/blog/200...al-rights.html
In yet another move encouraging music piracy rather than buying CDs which may include spyware/malware, Sony is installing a rootkit on Windows machines when you insert one of their CDs. Rootkits are programs that install kernel intercepts which hide them from view, and hide all of their files. You need a very high level of tech skills to even detect them. The average user who uses a utility to remove them will usually leave their system completely dead. |
Or you could see it as encouragement to use an OS that doesn't allow this sort of thing. Say, OS X? Or some flavor of Unix?
|
Hmm! According to the DRM company's website, their products WILL work on the Mac: http://www.xcp-aurora.com/xcp1.aspx
Will investigate a bit further. |
Or both. I wouldn't do business with a company that treats its customers that way, even if it doesn't affect me directly.
|
UPDATE:
According to this webpage: http://www.it-enquirer.com/main/ite/...ts_management/ which recounts an interview with First4Internet's CEO the current state of play is: Quote:
|
I think we can be sure we don't want rootkits on our Macs... As with all DRM, this will only affect honest people. There's still no DRM out there that hasn't been hacked.
|
Anything that installs into Mac OS X's root system would require an Admin password, even if it's from Apple themselves. I guess if I stick a music CD in my Mac and get a password request, that CD goes back to the music store.
|
It's not the use of anti-piracy measures that I object to (although they are futile as Carlos points out) but I feel I have a clear right where anti-piracy software is concerned (much of its workings will be concealed) to expect it to be written to a high standard by competent programmers.
And in Sony/First4Internet's case, the software was written by people whose competence was such as to suggest they barely knew what a computer was. Incidentally, here is what Hollywood has dreamed up for DVDs: http://www.newscientist.com/article.ns?id=dn8247 [EDIT - Furthermore, I see that Secunia has now added the F4I software to their list: http://secunia.com/advisories/17408/ I like the bluntness of their current advice (even if it's probably not practical) Quote:
|
Apparently people are already using this to hide hacks/scrips for World of Warcraft, so they can cheat online. Any names starting with $sys$ will be hidden, but still directly accessible. It would be trivially simple for malware to call the Sony software and use it to hide itself too.
I would hope to see some lawsuits against Sony for damages. I'm tempted to go buy a Sony CD, install it, then clean it up, and file a small claims suit for the time. Just to make the point. |
Apparently Sony is backing off a bit:
http://news.com.com/Sony+to+patch+co...l?tag=nefd.pop |
Sort of. Now that they were caught with their hand in the cookie jar, they've got this patch to merely unhide their junk. You still have to go through another process to remove it, which they don't disclose. It says you have to "contact Sony" to do that. How do you "contact Sony?" It doesn't say in any of their press releases.
|
This is so pathetic.
Those old enough may remember "copy-protected" floppy disks (weak sectors, laser holes...) come and go once regular customers were sufficiently pissed of by the flakiness of the whole thing. I wonder when the industry will finally wisen up and start selling products the customers want to pay for rather than trying to hack their box instead. |
And this is so much worse than the floppy thing. This is installing a security hole into your PC!
|
Quote:
... there's a guy commenting on that cnet article that when he filled out the request he was not given instructions but offered a non-root kit DRM instead - one presumably still written by F4I, who are offering here: http://updates.xcp-aurora.com/ to provide a patch to make their code visible. The notice also says Quote:
Something else that gets me with this - is what happens if the drive manufacturer offers a firmware upgrade that breaks F4I's chained-in driver? Presumably your drive is u/s until either F4I rewrites its driver, or you rip out the driver, possibly wrecking your system. |
A lawyer wrote that BS, not a programmer. The programmers MAY be incompetent or may be brilliant, but they wouldn't let anyone knowledgeable write a PR statement. In today's world, all words have been redefined to mean whatever the person saying them intends for them to mean, not what is generally accepted meaning. This is particularly true in technology.
|
:mad: Check out their "privacy" policy. They require an e-mail address in order to obtain the removal instructions, and here's what they will do with it...
Quote:
|
So in other words, if you contact Sony for help in removing this rootkit, you open yourself up to being spammed. What an incentive to avoid p2p networks and "illegal" music downloads...
Good thing there's nothing like this for the Mac. Yet. |
Yes, and it continues to get better. The removal requires downloading and running an unsigned Active X applet... :rolleyes: I'm sure everyone's heard of Active X, the IE-specific scripting component that leads to most of the IE security problems, since once you allow an applet to run, it can do anything it wants on your system.
For all we know, the real fix is that they figured out how to hide the rootkit altogether. It's so nice to know that Apple kicked their asses in the Japanese music market. Sony refused to license their music to ITMS at the Apple price, so Apple launched without them. A week later, Sony gave in. That says a lot for a company well known for doing things its own way, no matter what. |
Where have the ethics gone :mad:
|
Ethics are subjective now. I'm sure Sony honestly believes this is ethical and fair, since in their minds, they "own" all the content and can protect it at any cost.
|
Mark Russinovich's latest post: http://www.sysinternals.com/blog/200...ecloaking.html The uninstaller uses 'fix it with a hammer' approach.
However, the most interesting thing is in the last few paragraphs. |
Quote:
|
Since it only affects PCs, it isn't a problem as far as I care. The only PC I have will never see an audio CD anyway. Let the PC world fight it out with Sony. :p
|
Quote:
|
Yep, they could make a version for OS X. Of course, it will most likely require an admin password to install. So, if you ever put a music CD into your Mac and it brings up an installer password dialog, it's in your best interest to STOP, eject the CD, and return it unplayed.
Or maybe just rip the music files off the disc, burn it another CD, and trash the original. |
We know that, but I have to wonder, how many "typical users" would know that? I bet if my mom brought home a CD and it asked for her password, she'd gleefully supply it. She's not an idiot, but she's just too trusting.
|
With respect to claims (that may or may not have originated with Sony) that Sony do not keep info on persons who want to download the patches or uninstaller, Sony's data collection policy (for their UK operation) is filed with the UK Information Commission. Sony do keep records on "customers, complainants and enquirers" - a list that I would have thought probably includes ungrateful customers.
It seems unlikely that this policy is only confined to Sony's UK operation. The policy is here: http://www.esd.informationcommission...sp?reg=2693561 They would also seem to be traders in personal info (at least with the EEA) Note that for "marketing purposes" they also keep details of 'sexual life.' This policy is the most intrusive policy I've read (not that I make a habit of comparing policies) Blanket denials that data received when the discs phone home seem a little weak under the circumstances. |
Sony backing out, rootkit possibly in violation of the LGPL
Sony now completely fell over and calls back all "infected" disks:
http://cp.sonybmg.com/xcp/ The EFF has a grocery list of what Sony would be well advised to contain the problem: http://www.eff.org/IP/DRM/Sony-BMG/?...005-11-14.html There are also great chances the Sony rootkit infringes the LGPL (Lesser GNU Public License): http://www.the-interweb.com/serendip...L-Part-II.html That would be more than a bit ironic if, in an attempt to "secure" their content, they violated the conditions of a free software license. Respecting it would not even cost them any money. I think we should be grateful that Sony has staged this major PR-disaster, educating the silent majority what a bunch of robber barons the content mafia really is. |
Quote:
|
Several of the media types have started calling it "Digital Restrictions Management," and I hope that sticks with consumers. Far more accurate.
|
I find it hard to believe that sony thinks what they are doing is ethical. I think they knew what they were doing and just hoped they wouldn't get caught. I see how they feel that it is thier right to protect software. But that blatatly violate the EULA, and I don't know how they can do that and feel they are not breaking any rules. Then they make it a goose chase to delete thier files, fully knowing that the process can be made about 7 steps shorter.
This company breaks basic rules and violates users rights. I can only hope that this stunt costs then dearly, so they can be punished for what they have done. So the whole story can end like a nice moral fable. Like the three bears or something. |
Quote:
Two things boggle my mind about this, however: first that they thought that the next upgrade to WinXP wouldn't completely bust the whole thing (or was MS in cahoots?), and second that not one single Virus program caught what is from my perspective a virus. Quote:
|
Quote:
http://www.wired.com/news/privacy/0,1848,69601,00.html |
Sony’s corporate embarrassment - and great public service
.
My personal policy is simple: I refuse to purchase any music CD with DRM – whether from Sony or anyone else. "Digital Restrictions Management" is indeed an apt phrase, Carlos, and I refuse to accept this. The thought of purchasing a CD, only to discover that I can’t transfer it to my Macs music library, gets me very angry. Bramley, Voldenuit, Carlos, Hayne and everyone – thanks for posting the references. Those are well worth reading in detail. There has recently been a lot written in the Norwegian press as well. I seem to recall a lecture given at Microsoft, arguing why DRM doesn’t work, and offering a very convincing case of why it should not even be attempted. Very, very convincing! (Maybe somebody can post that again.) Sony has unwittingly done a wonderful public service with its triple botching of the issue: 1.) Attempting DRM 2.) Installing rootkits without the consent or knowledge of computer owners 3.) "Fixing" the problem in such a way that it leaves PCs wide open to all sorts of malware and hostile hacks Thank you, Sony. You have truly done a wonderful public service! Talk about corporate embarrassment before a whole world. Respecting digital rights? YES! Accepting "Digital Restrictions Management"? NO WAY!!! With best regards, ArcticStones |
At the end of the day, the market will decide and the market is you !
Thanks for the kind words, you might remember the text about DRM-sillyness from this thread:
"... I would prefer the focus to be on DRM-free content, concurring with Cory Doctorow: "Here's what I'm here to convince you of: 1. That DRM systems don't work 2. That DRM systems are bad for society 3. That DRM systems are bad for business 4. That DRM systems are bad for artists 5. That DRM is a bad business-move for MSFT" Source: http://craphound.com/msftdrm.txt ..." http://forums.macosxhints.com/showthread.php?t=41799 I think Arctic's conclusion is spot on and the Good Thing is that, at the end of the day, the market will decide and the market is you ! |
|
Quote:
"Microsoft's anti-virus team said earlier on Tuesday it would add a detection and removal mechanism to rid a PC of the Sony DRM copy-protection software, because it jeopardized the security of Windows computers." This astonishing sequence of failed strategic decisions has jump started a really heated debate here in Norway. And it has brought the whole issue of "Digital Restrictions Management" to the awareness of a very broad public. Here, Sony is saying as loudly as it can: "No comment". And they’re being heard – although definitely in the way they want. With best regards, ArcticStones PS. Voldenuit, that’s the one. I read that lecture three times. Searched for logical lapses in Cory Doctorrow’s argumentation – couldn’t find a single one. (I did, however, see a nice PDF of what looked like his original presentation. Far more impressive to read. Couldn’t find it now...) |
At the very beginning of the text, there are links to various other formats, including pdf and even a norvegian translation, just in case ;) :
pdf: http://www.changethis.com/4.DRM * Norwegian translation (Espen Andersen): http://www.espen.com/papers/doctorow-msft.html and yes, you would really have to pay a lot of lobbyists to damage the content mafia more than Sony just did. After reading Schneiers blog entry and Wired article, this whole thing is also an important reminder that you should carefully examine whatever you install on your computer, regardless of the size of the vendor. The ethical behaviour you'd naturally expect is not always there, as demonstrated. The conspiracy-like silence of both Antivirus-editors and Microsoft themselves (until the scandal got out of hand) is really scary. And Mac users are just one password-dialog away from getting infected as well, so simply laughing at Windows-users is neither nice nor appropriate... |
.
That’s the one. Thanks! I’m just now finishing editing an article based on a corporate lecture by Kåre Valebrokk, head of Norway’s largest private TV broadcaster. It was a great lecture! I think this is an important side note; so permit me to digress: Roughly translated, his topic was: "Honesty endures – but is it profitable?" And he quipped about the reason som many corporations hire him to do a lecture on this topic. "I don’t think it’s necessarily because they’re so concerned with business morals. In fact I suspect it is because they wish to stay out of the headlines." He made the point that exxagerated loyalty and subservience is a major cause of corporate troubles, offering the Norwegian bank crisis some years ago as an example. It’s a real problem when no one stands up to their bosses to say: "No, this is wrong. We shouldn’t be doing this." In fact, he felt companies should be grateful for whistleblowers. The real test of corporate morality (and individual morality) is what they decide when they believe no one is looking. Certainly Microsoft, Sony and antivirus editors waited until the staring eye of the public was glaring at them. I think that timing says it all. With best regards, ArcticStones |
No more Sony anymore
That is enough for me. I boycott Sony until this infringement is canceled.
|
The plot thickens from day to day !
After violations of the LGPL were discovered in Sonys code, there is now evidence that the stricter GNU Public License has been violated as well:
http://hack.fi/~muzzy/sony-drm/ Some select tidbits in the "Rants and Whine"-page http://hack.fi/~muzzy/sony-drm/rant-and-whine.html : Quote:
http://forums.macosxhints.com/showthread.php?t=37178 To what extent the whole thing was really done by a "third party" is at least questionable after considering the following facts: Quote:
|
.
If they (First4Internet) are incorporated, and in addition a public company, then the annual report should be a matter of public record. (At least that is the way it works here in Norway.) It would be interesting to see a list of shareholder, and know how in the world they covered those accumulated losses. I mean, that’s not exactly small change. The way I read the information you’ve referenced to, there is strong reason to believe that First4Internet might essentially be a camouflaged division of Sony. Now, would that be to spread judicial risk? Or is this just an innocent new venture? It is very interesting to watch what happens when corporations are no longer able to hide their intentions. In this case, I suppose, it remains an open question whether Sony’s misguided DRM/rootkit strategies were formulated inhouse, and it was merely the tecnhological incompetence that was outsourced. Or whether everything deserves the Sony signature. Regardless – Sony has unwittingly offered the world of music buyers and computer users a timely lesson, although hardly in the direction they intended. Sony has thereby done everyone a great public service! With best regards, ArcticStones |
I suspect we shall find that F4I is a private venture by some Sony directors who saw an opportunity to make a little bit extra, selling the idea to their colleagues at Sony. Unfortunately, they decided to do everything on the cheap (probably because they didn't understand the details of what they were getting into) and have been found out. I expect we shall know if this is all true if the above directors cease to be Sony directors in the near future.
With respect to LGPL infringement, I don't see any legal action arising. I don't think LAME's developers have the money or time to hire lawyers capable of decking those from Sony - and they are the only people who seem to have a cast iron case. I would imagine that Sony would be found guilty of violating the license, but as they have recalled the CDs, it's hard to see any significant damages being awarded. Of course, Sony has weakened any moral position they take on copyrighting with their actions, and it remains to see what action they take to remedy that. I think that even though the board of Sony haven't understood much until now, they must realise that some concessions on the future of DRM will be necessary. |
.
Well, I’ll tell you two things that I am going to do: 1.) I will wait until Sony takes serious steps to re-establish its credibility before purchasing any of the company’s products. I may be in for a long wait... 2.) At first opportunity I am also going to re-read Cory Doctorrow’s fascinating lecture to Microsoft. At their invitation he made a very convincing case against DRM ("Digital Restrictions Management"). Sony’s recent actions seem to have greatly strengthened Mr Doctorrow’s arguments! (His fascinating and highly entertaining lecture may be downloaded as a PDF here. http://www.changethis.com/4.DRM. If you haven’t read it yet – DO!!) :) – ArcticStones |
Quote:
There now seems to be evidence that not only the LGPL, but also the GPL were violated. So the public release of the complete source is required which might still hold some surprises. 2 We owe the fact that at least linux-based devices with firewall code in them often comply and publish the source in good part to the action of Harald Welte and his website http://gpl-violations.org/ . It certainly takes some energy to do that, but it's entirely proven to work. And if those who've already read and liked Cory Doctorows brilliant speech at Microsoft on how stupid exactly DRM is, you might want to read the sequel, ordered by hp: http://www.xs4all.nl/~collin/test/hpdrm.html I think that his conclusion, two guys in a garage could come up with a non-DRM business model that would do a major killing is pretty interesting. Apples move to more or less "own" podcasting by creating the best client for it is one smart step in that direction. What could follow would be for-pay, but non-DRM content, explicitly promoted as completely portable. |
Quote:
Some penalties might be incurred due to the unauthorized distribution that has already taken place. But these penalties are merely those available under regular copyright law - i.e. they might have to pay damages etc. To say it another way, you only need to make the source code available if you don't want to be guilty of copyright violation in distributing the executable. |
Quote:
I fail to get your point, could you please elaborate ? The whole thing is not an accident, it went on for a long time with a clear intent from Sony and due to the astonishing silence of AV-software editors until some russian guy spoke up and hell broke lose. If he hadn't, this would still be going on, Sony 0wning the boxes of all their CD-customers, happily phoning home, giving malware shelter from detection, slowing down the machine... So there certainly are a lot of Bad Things Sony did far worse than the GPL-violation, but I see no reason whatsoever that could make Sony win the case if the copyright-owners of that GPL-code decided to sue them. |
Quote:
My point was in response to your statement that Sony would have to reveal the source code. I pointed out that there is no such compulsion in the GPL - indeed since the GPL is just a distribution license, such a compulsion would not make sense in law. If Sony distributed GPL-code then they are guilty of copyright violation (since they didn't have permission to distribute this code without supplying the source), but the penalties for that will be determined in a court the same as any other copyright violation. I.e. the GPL does not (and cannot) specify penalties for a copyright violation. Quote:
|
Hidden Feature in Sony DRM Uses Open Source Code to Add Apple DRM
Yet another astonishing turn in one of the most long-lasting weird stories I've ever followed:
"Hidden Feature in Sony DRM Uses Open Source Code to Add Apple DRM" http://www.freedom-to-tinker.com/?p=940 Sony included code capable of +encoding+ FairPlay-"protected" music for use on an iPod. The code is not used as of today, but strikes as a somewhat mysterious move within the bigger picture of this scandal. This code was lifted from a project by "DVD-Jon" under GPL initially intended to allow Linux-users to use the ITMS. They have also a pretty smart analysis why that happened: http://www.freedom-to-tinker.com/?p=941 |
The Princeton researchers Felten and Halderman just published a paper that gives a complete overview over the whole story entitled:
"Lessons from the Sony CD DRM Episode" http://itpolicy.princeton.edu/pub/sonydrm-ext.pdf Having quickly skimmed the whole thing, I wonder: Wouldn't it be the most sensible solution to completely outlaw any and all DRM, period ? We have had ample occasion to see that
Doing away with it for all actors in the market at the same time will allow real competition on the merit of the contents to take place rather than dividing the world into people who can listen to ITMS-artists and those who'll be with the plays-for-sure crowd and endless hassles of right now questionable legality to move music from some DRM-jail onto a free player. |
How to check if you have the Sony Rootkit
This is a transcripts from the Podcast "Security Now" hosted by Steve Gipson and Leo Laporte.
Quote; Steve: Oh, yeah. And one last thing. What it does is it hides anything that begins with $sys$ dot dot dot, I mean, you know, anything that begins with $sys$ gets hidden by this tool, even things that are not its. So, for example, to test this, Mark renamed notepad.exe to $sys$notepad.exe. It promptly disappeared. The url for this is http://www.grc.com/sn/SN-012.htm |
By holding down the shift key when inserting the CD it will not load the rootkit into your computer.
Tip thanks to Steve Gipson. www.grc.com |
iTunes – new restrictions on music you’ve paid for!
Quote:
DRM always gives rightsholders the ability to unilaterally renegotiate the terms of the deal to take away rights you acquired when you got your device and media. For example, many updates to iTunes contain new restrictions on the music you (have already) purchase(d). In the past 18 months, iTunes has instituted the following new restrictions: •• Music can no longer be streamed to your computers wherever they are -- now they can only be streamed to computers on your LAN (no more listening to your home music server while you're at the office) •• Music can no longer be streamed to any number of people on your LAN -- now you can only stream music to a maximum of five people per 24 hours. If your friends tune in for ten seconds of music and then tune away, that eats up one of your 24-hour slots. •• Playlists can no longer be burned 10 times -- now they can only be burned seven times. •• The iTunes API will no longer respond to all the apps you download to increase iTunes' functionality -- now iTunes contains a blacklist of apps whose API calls are silently discarded, as punishment for adding functionality that Apple doesn't care for. You buy a song on day one and can do ten things with it. A few weeks later, you can only do nine things with it. Then eight. Then seven. (Quoted here with kind permission of Cory Doctorow) Question: Is it legal for a seller to change the terms of the sale after you’ve purchased their product?! With best regards, ArcticStones |
I forgot to post here about some interesting points made in this article on The Register several weeks ago. Original article is here: http://www.theregister.co.uk/2006/01...ll_widespread/
A researcher checked DNS servers around the world to see if the Sony Rootkit was still hitting Sony's servers. Some of his conclusions are a little suspect, but not where piracy was concerned. Quote:
Good evidence if anyone asks "Yes, but do you have any evidence that DRMs don't prevent piracy." |
It probably shouldn't be, but municipalities do it to home owners all the time.
|
Quote:
|
Quote:
|
Quote:
http://forbrukerportalen.no/Artikler/2006/1138119849.71 I couldn't agree more. Is anybody aware of a broader initiative to outlaw DRM as it has proven only harmful so far ? |
Stealing from the public domain
.
Thanks for bringing to my attention the Norwegian link, and for pointing out that steps are being attempted to remedy the situation – at least here in Norway. I must say that I was suprised to read that Apple was doing. :( Because I was actually under the impression that Apple was finding a good middle ground! Perhaps the best example Doctorow gives of DRM simply not working is the following: "Big Champagne, a company that monitors P2P networks, says that iTunes-only tracks (e.g. assets that are only released within DRM wrappers) typically appear on P2P networks less than three minutes after they are released to the iTunes Music Store." (my emphasis) What is also of great concern, however, is how the entertainment industry has gotten away with implementing a policy that encroaches on copyright. Essentially, for years they have been "stealing" from the public domain on behalf of their shareholders! Zone/region control has nothing to do with copyright. Nor does limitations on remote viewing, re-sale, lending, etc. How does this apply to me? Simple! When I was in California last year, I purchased some movies on DVDs, and like movies purchased in Norway, watch them on my 17" PowerBook. Reason: Other than my Mac we didn’t have a DVD player, and I had better things to spend my money on. Well, to my great frustration and suprise I couldn’t do that! Why not? Because Apple has imposed a "limit" as to how many times you can switch back and forth between zones. To me this represents a perfect example of an ureasonable limitation on equipment and DVDs that I have purchased legitimately. I mean, all I want to do is watch my movies -- there is not a single pirated copy amongst them. So, can a moderator, or anyone else, give me a single legitimate reason for Apple’s limitation? :mad: Or one that has to do with copyright? If not, why should I simply not hack my way around it, i.e. permanently disabling the zone control on my PowerBook? Would you be willing to share the recipe for doing so? With best regards, ArcticStones |
I think the DVD region stuff is part of the license agreement that Apple has to adhere to in order to be able to use the DVD specification. I.e. it's not really Apple who is restricting you - it is the DVD technology owners.
|
Quote:
|
| All times are GMT -5. The time now is 03:04 AM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.