More bad news about that Sony rootkit

Yep. Quite a screw-up. Ony 20 CD's affected, though. Wonder how much that will cost them.

I hope they get it stuck to them. For the most part, PC users are not savvy enough to detect and correct virus problems. Sony has lumped itself into the same dark group as the virus writers.

I abandoned P2P music downloads because of the inherent spyware problems with the host software. Now that Sony is including these features on their CDs, it makes me reconsider my strategies.

That's what itty bitty fonts are for.

--

Tim Wescott
Wescott Design Services
http://www.wescottdesign.com

From the BBC article:

"In response to the concerns, Sony has released a statement "deeply regretting any disruption that this may have caused." It added that it would work with anti-virus firms to ensure its anti-piracy system stayed safe."

"to ensure its anti-piracy system stayed safe." !!!!

Whos saftey are they talking about ??

Its only going to get worse.

Hello Graham,

Assuming they don't inform users on the CD wrapper about that I smell a whole lot more lawsuits.

Regards, Joerg

Hello Tim,

True. They might have a warning about DRM or whatever on there. But then the question will arise whether an average consumer can be expected to understand it and whether the consumer was made aware of the fact that this can increase the virus risks. Most likely these questions are going to be asked in court.

Anyway, this morning's paper had a short blurb in there, about Sony stopping this scheme for now. Maybe their lawyers pulled the emergency brake.

The company may be able to swallow a few cases. But if it comes to some widespread virus problem and a class action is permitted, oh boy.

Regards, Joerg

According to the BBC website, Sony have announced that they are discontinuing the practice.

Let them try getting the genie back in the bottle ...

--
"Electricity is of two kinds, positive and negative. The difference
is, I presume, that one comes a little more expensive, but is more
durable; the other is a cheaper thing, but the moths get into it."
                                             (Stephen Leacock)

change to open source software. GTK-gnutella is clean. there may be something for windows too... possibly the pay version of your favourite client.

--

Bye.
   Jasen

[snip]

Actually, even expert users cannot necessarily be expected to figure out things as tricky as this DRM rootkit. The guy who made all this stuff public (Mark Russinovich) is a pretty savvy customer. ;-)

--Mac

I especially like this line:

[Now anti-virus companies have discovered three malicious programs that use XCP's stealthy capabilities if they find it installed on a compromised PC.]

I think they misspelled "unleashed", or "wrote". Damned efficient of them.

And Sony's anti-piracy software itself contains pirated code:

John

Sony have really made a hash of the whole business.

How about this from the above link.. " Microsoft's anti-virus team said earlier on Tuesday it would add a detection and removal mechanism to rid a PC of the Sony DRM copy-protection software, because it jeopardized the security of Windows computers. "

Graham

Maybe Sony should have read this first:

The effort required to enforce copyright is approaching infinity.

Encryption, the Industry counters: we will be so clever that we'll only distribute a product that can be unlocked and used by the customer, by the miracle of the cipher, a secret code.

The Internet was built for maximum survivability in a nuclear war. It's everywhere, and growing exponentially. How's the hell is Entertainment business going to keep up with that? And copyright all you want. The Internet doesn't care; if it can be digitized and loaded onto a networked computer, it will be everywhere, soon. The cyborg guarantees it. Go ahead - sick your lawyers on a few dozen downloaders. It's just a finger in the dyke; a thousand new holes will appear every day. Squared.

Comparisons of the Internet to a military cyborg really aren't hyperbole. The grim history is that Internet was originally built as a cybernetic military command-and-control infrastructure for coordinating, among other things, the launch of nuclear missiles. Researchers at the Department of Defense figured out that virtual communication circuits on a network beat the heck out of literal, point-to-point circuits of dedicated wiring. This scheme of virtual circuits brought with it the prospect the military could build a control system that could fix itself instantaneously if it sustained damage. Damage, as in, nuclear damage. When a segment of the network was compromised - as in, "Oh, heck - they just nuked Denver"

- the system could re-configure these virtual circuits on-the-fly - with computers and routers instead of work crews with pliers, wire and soldering guns - and the messages would still get through, right now. Simply, the Net interpreted sudden silences in any of its network nodes as damage, and routed around it.

That is the Prime Directive, core message, and DNA of the Internet, all in one: If you can't get a message through one channel, route around it - invisibly, silently, relentlessly - until you make the connection.

And here's the commercially grizzly implication of that Prime Directive no entertainment executive has, as of yet, been able to understand: The Internet interprets commercial interest, censorship or virtual toll-booths of any kind as damage. And routes around them. Invisibly, automatically, instantaneously.

quoted from

"Why downloading isn't wrong, copyright is dead and Hollywood is in decline."

The corollary to this is that the effort required to circumvent copyrights (even for 100% legitimate fair uses) is also approaching infinity. :-(

This is why we're rapidly heading towards seeing a lot of new legislation that defines what is and isn't allowable for companies to do in their (reasonable enough) quest ot protect their IP. Unfortunately, Sony went way over the line of "acceptable protection" into what's clearly the sleazball and possibly even illegal arena with their root kit... jerks.

The folks who decry the putative millions/billions/whatever dollars lost per year due to software piracy are kinda in the same boat as environmentlists: The Earth will outlast the human race anyway, it's just a question of how crappy we leave the planet by the time it gets there. Likewise, software creation will outlast all attempts at IP protection/legislation/etc., it's just a question of how crappy it becomes if piracy becomes so rampant companies really do lose significant sales and can't afford to hire decent programmers anymore.

One or two people can write a good application program, and make a ton of money selling it for $25 a copy, or just charging for corporate support. Similarly, one or three people can make great music, and get rich giving it away and doing concerts. But Microsoft writes rotten, buggy bloatware and charges a mint for it, and Sony gives the "artists" a pittance and price-fixes the CD market.

There's only one proper response to Microsoft or Sony: bootleg.

John

The corollary to this is that the effort required to circumvent copyrights (even for 100% legitimate fair uses) is also approaching infinity. :-(

Nope, not true... if you can play it in the analog domain it can easily be re-digitized without the copy protection.

they may as well give up now...

Mark

Hi Mark,

1) True, and as far as 'fair use' is concerned this is a pretty viable means, I suppose. But of course you don't end up with an exact copy, so over time the information will degrade. 2) The proposed DVD replacement standard, Blu-ray, requires that the original, uncompressed digital bitstream only be output when the connection to the display device is, itself, an encrypted link. Which such a link isn't present, players are required to ouptut a significantly lower quality analog rendering. !@$#@#$

They're not going to -- just as book publishers were worried that libraries would put them out of business and Hollywood initially sued to keep VCRs off the market. Content publishing and distribution is very much a commodity business, so anyone who's presently making bucketes of money at it is naturally going to be scared to death of anything they perceive that'll reduce their sales.

"Richard the Dreaded Libertarian" wrote in message news: snipped-for-privacy@doubleclick.net...

In general I agree, although I do think there's some single digit percentage of people who WOULD pony up for software/videos/whatever if they couldn't get them for free.

Not really the same thing, but sd you're probably aware that a surprisingly large percentages of shoplifters actually have enough money on their person such that they could have paid for their items if they'd chosen to!

My DVDR will detect copy protection (MacroVision?) from my older (6-7 years?) DVD player and refuse to copy a DVD. I know it's SMOP with a PC but apparently they don't want to make it too easy for those who already own a license.

Not going to happen.

--
  Keith

Actually, this is a boogeyman. Regardless how draconian the penalties, the people who would download freebies wound't have bought the work anyway - if we can't get it for nothing, we'll do without. :-)

Cheers! Rich