November 1st, 2005, 04:01 AM
Sony, Rootkits and Digital Rights Management Gone Too Far
The following is a link to Mark Russinovich's (from SysInternals) blog.
This is an interesting (and a little scary) article about a 'rootkit' installed by Sony DRM software.
November 1st, 2005, 07:28 AM
There is one for my member of Parliament to get stuck into?
I would consider that to be a blatant and inept infringement of a person's rights in any country. It is a total justification of pirate media.............these people must be morons?
I would take the view that this crap is around, I cannot be bothered to go through all that rigmarole, so I will just buy PIRATE and only buy pirate because I know that at least I am safe, and won't get screwed when this stuff fouls up (and it will).......................err.........I cannot see these scumware vendors issuing patches?
Also, they have installed a very nice backdoor for creatures even more excremental than themselves (had to flip a coin to call that one)
Errr................Mister Gates..............put that joint down and go see if this crap is MS certified?........
What a superb can of worms?
November 1st, 2005, 08:04 AM
November 1st, 2005, 10:04 AM
I got once one virus that loaded itseslf and some of windows files into the hiden area. Most strange was that most of them was loaded from cashed areas and backups like "last good configuration" places.
// too far away outside of limit
November 1st, 2005, 10:30 AM
Those bastards really do belive that they are a law unto themselves.
I had a trawl through the EULA
Article 5. EXCLUSION OF WARRANTIES
YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT YOU ARE INSTALLING AND USING THE LICENSED MATERIALS AT YOUR OWN SOLE RISK. THE LICENSED MATERIALS ARE PROVIDED “AS IS” AND WITHOUT WARRANTY, TERM OR CONDITION OF ANY KIND, AND SONY BMG, ITS LICENSORS AND EACH OF THEIR LICENSEES, AFFILIATES AND AUTHORIZED REPRESENTATIVES (EACH, A “SONY BMG PARTY”) EXPRESSLY DISCLAIM ALL WARRANTIES, TERMS OR CONDITIONS. EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, NON-INFRINGEMENT AND FITNESS FOR A GENERAL OR PARTICULAR PURPOSE. NO ORAL, WRITTEN OR ELECTRONIC INFORMATION OR ADVICE GIVEN BY ANY SONY BMG PARTY SHALL CREATE ANY WARRANTY, TERM OR CONDITION WITH RESPECT TO THE LICENSED MATERIALS OR OTHERWISE. SHOULD THE LICENSED MATERIALS PROVE TO BE DEFECTIVE, YOU (AND NOT THE SONY BMG PARTY CONCERNED) AGREE TO ASSUME THE ENTIRE COST OF ALL NECESSARY SERVICING, REPAIRS OR CORRECTIONS. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, TERMS OR CONDITIONS IN CERTAIN INSTANCES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU. THIS ARTICLE WILL NOT APPLY ONLY WHEN AND TO THE EXTENT THAT APPLICABLE LAW SPECIFICALLY MANDATES LIABILITY, DESPITE THE FOREGOING DISCLAIMER, EXCLUSION AND LIMITATION.
Article 6. LIMITATION OF LIABILITY
NO SONY BMG PARTY SHALL BE LIABLE FOR ANY LOSS OR DAMAGE, EITHER DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL OR OTHERWISE, ARISING OUT OF THE BREACH OF ANY EXPRESS OR IMPLIED WARRANTY, TERM OR CONDITION, BREACH OF CONTRACT, NEGLIGENCE, STRICT LIABILITY MISREPRESENTATION, FAILURE OF ANY REMEDY TO ACHIEVE ITS ESSENTIAL PURPOSE OR ANY OTHER LEGAL THEORY ARISING OUT OF, OR RELATED TO, THIS EULA OR YOUR USE OF ANY OF THE LICENSED MATERIALS (SUCH DAMAGES INCLUDE, BUT ARE NOT LIMITED TO, LOSS OF PROFITS, LOSS OF REVENUE, LOSS OF DATA, LOSS OF USE OF THE PRODUCT OR ANY ASSOCIATED EQUIPMENT, DOWN TIME AND USER’S TIME), EVEN IF THE SONY BMG PARTY CONCERNED HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN ANY CASE, THE ENTIRE LIABILITY OF THE SONY BMG PARTIES, COLLECTIVELY, UNDER THE PROVISIONS OF THIS EULA SHALL BE LIMITED TO FIVE US DOLLARS (US $5.00). SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF DIRECT, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CERTAIN INSTANCES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU. THIS ARTICLE WILL NOT APPLY ONLY WHEN AND TO THE EXTENT THAT APPLICABLE LAW SPECIFICALLY REQUIRES LIABILITY DESPITE THE FOREGOING DISCLAIMER, EXCLUSION AND LIMITATION.
Is this crap legal?
2. YOU HEREBY WAIVE ALL RIGHTS AND/OR ENTITLEMENT TO TRIAL BY JURY IN CONNECTION WITH ANY DISPUTE THAT ARISES OUT OF OR RELATES IN ANY WAY TO THIS EULA OR THE SOFTWARE.
I wonder if a UK EULA would be worded in the same legalese.
Anyone have a UK Sony EULA?
When did they start to put this crap on CDs?
I noticed that the installation goes ahead immediately after agreeing to the EULA. How many people actually read them?
I'm glad I listen to back catalogue stuff mostly and buy CD from Ebay. I've steered clear of DRM'd music up to now and I'll continue to plus I'll give Sony a bodyswerve.
Just a thought, have they a custom player for DVDs also?
November 1st, 2005, 11:03 AM
It probably isn't legal in the EU, but it still loads the crapware onto your box?
Sony? bleh! I bet most of their junk is made in China these days? Just another has been Japanese company trading on its name and former reputation?
I went to my local camera shop a few days ago and looked at some binoculars:
And guess where they were all made...................China..............
And do remember that there is a big difference between "made in" and "assembled in".........they were all "made"
November 1st, 2005, 11:20 AM
Most people share the view that its perfectly fine and acceptable for the rich to do drugs... but they are tottally agianst it when your average Joe does the same. The idea most people have is that these people are more likely to raid a pharmacy or rob a bank in order to gain the money needed to support their habbit. This is really never the case.
Isn't it funny that the moment some child does something illegal with a computer it is not only accepted but it is fully praised by many. But when a EULA is slapped on some adware program and the like... the masses are in an uproar.
The Vines and Ozzy for example have included videos along with software to view them. Its become quite common. Uhhh... when asked, remember that you don't actually need to install this ****? Umm... disable the auto-run crap?
November 1st, 2005, 06:07 PM
Blog entry with a link to a Sony form from which they will supposedly supply you with instructions and software to remove the RootKit from your pc without damage.
Anyone tried it?
November 1st, 2005, 06:12 PM
Like, we'd trust Sony to remove that software????
November 1st, 2005, 06:18 PM
Thats from the EULA the guy linked to in his blog. Even though they don't say what they are installing, or what it does he agreed to them installing it. Also,
As soon as you have agreed to be bound by the terms and conditions of the EULA, this CD will automatically install a small proprietary software program (the “SOFTWARE”) onto YOUR COMPUTER. The SOFTWARE is intended to protect the audio files embodied on the CD, and it may also facilitate your use of the DIGITAL CONTENT. Once installed, the SOFTWARE will reside on YOUR COMPUTER until removed or deleted. However, the SOFTWARE will not be used at any time to collect any personal information from you, whether stored on YOUR COMPUTER or otherwise.
He has allowed them to install updates to the unexplained software whenever they feel like it.
Article 8. UPDATES TO THE LICENSED MATERIALS
The SONY BMG PARTIES may from time to time provide you with updates of the SOFTWARE in a manner that the SONY BMG PARTIES deem to be appropriate. All such updates shall be deemed to be part of the SOFTWARE for all purposes hereunder. In the event that you fail to install an update, the SONY BMG PARTIES reserve the right to terminate the term of this EULA, along with your rights to use the LICENSED MATERIALS, immediately, without additional notice to you. The SONY BMG PARTIES shall not be liable for any loss or damage caused by reason of your failure to install any such update or your failure to do so in the manner instructed.
My biggest problem with this is the way they make it so that it is so hard to remove, to the extent that you can and up disabling your CD drive if you aren't 100% sure what your doing.
How would they justify that to a court? Their EULA states that you can remove the software, but in doing so you will possibly lose your CD drive. Could that be considered a Denial of Service Attack?
EDIT: Just saw your post Aspman. Gonna look at that link now.
If everything looks perfect, then there is something you don\'t know