The following is a link to Mark Russinovich's (from SysInternals) blog.
This is an interesting (and a little scary) article about a 'rootkit' installed by Sony DRM software.
http://www.sysinternals.com/blog/200...al-rights.html
Printable View
The following is a link to Mark Russinovich's (from SysInternals) blog.
This is an interesting (and a little scary) article about a 'rootkit' installed by Sony DRM software.
http://www.sysinternals.com/blog/200...al-rights.html
Well,
There is one for my member of Parliament to get stuck into?
I would consider that to be a blatant and inept infringement of a person's rights in any country. It is a total justification of pirate media.............these people must be morons?
I would take the view that this crap is around, I cannot be bothered to go through all that rigmarole, so I will just buy PIRATE and only buy pirate because I know that at least I am safe, and won't get screwed when this stuff fouls up (and it will).......................err.........I cannot see these scumware vendors issuing patches?
Also, they have installed a very nice backdoor for creatures even more excremental than themselves (had to flip a coin to call that one)
Errr................Mister Gates..............put that joint down and go see if this crap is MS certified?........
What a superb can of worms?
:D
thanx guy
I got once one virus that loaded itseslf and some of windows files into the hiden area. Most strange was that most of them was loaded from cashed areas and backups like "last good configuration" places.
Those bastards really do belive that they are a law unto themselves.
I had a trawl through the EULA
andQuote:
Article 5. EXCLUSION OF WARRANTIES
YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT YOU ARE INSTALLING AND USING THE LICENSED MATERIALS AT YOUR OWN SOLE RISK. THE LICENSED MATERIALS ARE PROVIDED “AS IS” AND WITHOUT WARRANTY, TERM OR CONDITION OF ANY KIND, AND SONY BMG, ITS LICENSORS AND EACH OF THEIR LICENSEES, AFFILIATES AND AUTHORIZED REPRESENTATIVES (EACH, A “SONY BMG PARTY”) EXPRESSLY DISCLAIM ALL WARRANTIES, TERMS OR CONDITIONS. EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, NON-INFRINGEMENT AND FITNESS FOR A GENERAL OR PARTICULAR PURPOSE. NO ORAL, WRITTEN OR ELECTRONIC INFORMATION OR ADVICE GIVEN BY ANY SONY BMG PARTY SHALL CREATE ANY WARRANTY, TERM OR CONDITION WITH RESPECT TO THE LICENSED MATERIALS OR OTHERWISE. SHOULD THE LICENSED MATERIALS PROVE TO BE DEFECTIVE, YOU (AND NOT THE SONY BMG PARTY CONCERNED) AGREE TO ASSUME THE ENTIRE COST OF ALL NECESSARY SERVICING, REPAIRS OR CORRECTIONS. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, TERMS OR CONDITIONS IN CERTAIN INSTANCES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU. THIS ARTICLE WILL NOT APPLY ONLY WHEN AND TO THE EXTENT THAT APPLICABLE LAW SPECIFICALLY MANDATES LIABILITY, DESPITE THE FOREGOING DISCLAIMER, EXCLUSION AND LIMITATION.
ANDQuote:
Article 6. LIMITATION OF LIABILITY
NO SONY BMG PARTY SHALL BE LIABLE FOR ANY LOSS OR DAMAGE, EITHER DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL OR OTHERWISE, ARISING OUT OF THE BREACH OF ANY EXPRESS OR IMPLIED WARRANTY, TERM OR CONDITION, BREACH OF CONTRACT, NEGLIGENCE, STRICT LIABILITY MISREPRESENTATION, FAILURE OF ANY REMEDY TO ACHIEVE ITS ESSENTIAL PURPOSE OR ANY OTHER LEGAL THEORY ARISING OUT OF, OR RELATED TO, THIS EULA OR YOUR USE OF ANY OF THE LICENSED MATERIALS (SUCH DAMAGES INCLUDE, BUT ARE NOT LIMITED TO, LOSS OF PROFITS, LOSS OF REVENUE, LOSS OF DATA, LOSS OF USE OF THE PRODUCT OR ANY ASSOCIATED EQUIPMENT, DOWN TIME AND USER’S TIME), EVEN IF THE SONY BMG PARTY CONCERNED HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN ANY CASE, THE ENTIRE LIABILITY OF THE SONY BMG PARTIES, COLLECTIVELY, UNDER THE PROVISIONS OF THIS EULA SHALL BE LIMITED TO FIVE US DOLLARS (US $5.00). SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF DIRECT, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CERTAIN INSTANCES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU. THIS ARTICLE WILL NOT APPLY ONLY WHEN AND TO THE EXTENT THAT APPLICABLE LAW SPECIFICALLY REQUIRES LIABILITY DESPITE THE FOREGOING DISCLAIMER, EXCLUSION AND LIMITATION.
Is this crap legal?Quote:
2. YOU HEREBY WAIVE ALL RIGHTS AND/OR ENTITLEMENT TO TRIAL BY JURY IN CONNECTION WITH ANY DISPUTE THAT ARISES OUT OF OR RELATES IN ANY WAY TO THIS EULA OR THE SOFTWARE.
I wonder if a UK EULA would be worded in the same legalese.
Anyone have a UK Sony EULA?
When did they start to put this crap on CDs?
I noticed that the installation goes ahead immediately after agreeing to the EULA. How many people actually read them?
I'm glad I listen to back catalogue stuff mostly and buy CD from Ebay. I've steered clear of DRM'd music up to now and I'll continue to plus I'll give Sony a bodyswerve.
Just a thought, have they a custom player for DVDs also?
It probably isn't legal in the EU, but it still loads the crapware onto your box?
Sony? bleh! I bet most of their junk is made in China these days? Just another has been Japanese company trading on its name and former reputation?
I went to my local camera shop a few days ago and looked at some binoculars:
Nikon
Pentax
Yashica
Minolta
And guess where they were all made...................China..............
And do remember that there is a big difference between "made in" and "assembled in".........they were all "made" ;)
Most people share the view that its perfectly fine and acceptable for the rich to do drugs... but they are tottally agianst it when your average Joe does the same. The idea most people have is that these people are more likely to raid a pharmacy or rob a bank in order to gain the money needed to support their habbit. This is really never the case.
Isn't it funny that the moment some child does something illegal with a computer it is not only accepted but it is fully praised by many. But when a EULA is slapped on some adware program and the like... the masses are in an uproar.
The Vines and Ozzy for example have included videos along with software to view them. Its become quite common. Uhhh... when asked, remember that you don't actually need to install this ****? Umm... disable the auto-run crap?
http://www.f-secure.com/weblog/#00000691
Blog entry with a link to a Sony form from which they will supposedly supply you with instructions and software to remove the RootKit from your pc without damage.
Anyone tried it?
Like, we'd trust Sony to remove that software????
8)
Thats from the EULA the guy linked to in his blog. Even though they don't say what they are installing, or what it does he agreed to them installing it. Also,Quote:
As soon as you have agreed to be bound by the terms and conditions of the EULA, this CD will automatically install a small proprietary software program (the “SOFTWARE”) onto YOUR COMPUTER. The SOFTWARE is intended to protect the audio files embodied on the CD, and it may also facilitate your use of the DIGITAL CONTENT. Once installed, the SOFTWARE will reside on YOUR COMPUTER until removed or deleted. However, the SOFTWARE will not be used at any time to collect any personal information from you, whether stored on YOUR COMPUTER or otherwise.
He has allowed them to install updates to the unexplained software whenever they feel like it.Quote:
Article 8. UPDATES TO THE LICENSED MATERIALS
The SONY BMG PARTIES may from time to time provide you with updates of the SOFTWARE in a manner that the SONY BMG PARTIES deem to be appropriate. All such updates shall be deemed to be part of the SOFTWARE for all purposes hereunder. In the event that you fail to install an update, the SONY BMG PARTIES reserve the right to terminate the term of this EULA, along with your rights to use the LICENSED MATERIALS, immediately, without additional notice to you. The SONY BMG PARTIES shall not be liable for any loss or damage caused by reason of your failure to install any such update or your failure to do so in the manner instructed.
My biggest problem with this is the way they make it so that it is so hard to remove, to the extent that you can and up disabling your CD drive if you aren't 100% sure what your doing.
How would they justify that to a court? Their EULA states that you can remove the software, but in doing so you will possibly lose your CD drive. Could that be considered a Denial of Service Attack?
EDIT: Just saw your post Aspman. Gonna look at that link now.
I've been ranting about DRM for months, that it is, by definition, a trojan horse.
As for the legalities, right now it's the wild wild west. They can say anything
they want in a EULA. It's when it gets to court that issues get defined. You can sue them.
Maybe you'll win. Maybe not. If you hack their copy protection, then they have
to sue you if they hope to get satisfaction.
The real worrisome thing is that stuff like this is only experimental, and that they
are eventually going to ask government for a final solution, mandatory
DRM designed in to all hardware and software.
http://www.eff.org/IP/DRM/
Looks like 2 schools of thought for this DRM stuff.
Ahhhh the VHS vs Betamax wars, I remember them it was at the same time I was trying to learn how to set the digital clock on the massive VHS playerQuote:
DRM technology has its first two major trainwrecks
Posted by David Berlind @ 1:09 pm
Sooner or later, it was bound to happen — a Digital Restrictions Management (DRM) management technology that, by design, often keeps you from consuming that content on devices that use other DRM technologies actually ends up keeping you from consuming content that's protected by it as well. Talk about a trainwreck. Actually, in this case, we have two trainwrecks in one — trainwrecks that perfectly demonstrate how proprietary DRM technologies are going to turn the frictionless utopia we should be after into a friction-laden migraine headache.
If you've been following my series on DRM and why we must stop being sheeple and delcare our inDRMpendence before it's too late (it is for some of us already), then you'd also know by now that we're in the midst of a content dumping crisis where some of the digital content we're downloading for free or buying today will only be viewable or playable on certain products tomorrow, while other digital content that we're acquiring will only be viewable/playable on other products. Imagine for example how upset you'd be if that CD you just purchased worked in your boombox, but not in your car. On its current course, that's where the world today's DRM technologies are leading us right now. It's a repeat of the VHS vs. Betamax war only far worse because of the way multiple proprietary/incompatible technologies have been successful at simultaneously penetrating the market.
But going back to the VHS vs. Betamax war, imagine if you had a VHS machine and a bunch of VHS tapes and everything was working and then suddenly, after upgrading your VHS machine at the manufacturer's suggestion, your VHS tapes stopped working. Much the same way VHS tapes only work in VHS machines (and not Betamax machines), content wrapped in Microsoft's DRM technology only works in devices that are compliant with that technology. For example music purchased from Yahoo!'s Music Store (which recently doubled its prices) only works where Microsoft's playback and DRM technologies live together (ie: Windows Media Player or a PlaysforSure-compliant device). But DRM is software (complex software at that) and like all software, it is affected by upgrades. And when complex software is affected by upgrades, sometimes, things that once worked, stop working.
Judging by Microsoft's MSDN Web site, this is apparently happening to some users of Microsoft's Media Center solutions. According to a blog entry by Aaron Stebner:
I have heard of several folks running into issues playing protected content (such as purchased songs/movies, or HBO television shows) after installing Update Rollup 2 for Media Center 2005. As I described here, Update Rollup 2 installs an updated Digital Rights Management (DRM) redistributable package. We are still investigating reports of content protection problems in order to identify root causes and provide fixes. In the meantime, I wanted to offer some suggestions.
Remediation involves resetting the DRM system and points to an entry in the Microsoft Knowledge Base that lists the necessary steps entitled The Windows Media Digital Rights Management system may not work if your computer hardware changes. Check it out. Can you imagine Grandma doing this? Perhaps it should be called "If anything can go wrong with DRM technology, it will". So, trainwreck #1 is where, in addition to making sure your content doesn't work on incompatible devices, now the DRM technology keeps the content from working on compatible ones. This was bound to happen and it will happen again. After all, with DRM-breaking technlogies like those of the Hymn Project and United Virtualities on the loose, DRM technologies will have to be like anti-virus technologies — staying one step ahead of the hackers and forcing people to upgrade their gear in the process.
Trainwreck #2 is where, in Stebner's blog, it says that before you reset your DRM, you'll need to backup your content licenses through a feature called "Manage Licenses." Manage licenses? You've got to be kidding. So, not only will DRM technology restrict where and when I can enjoy my content, I may have to manage my licenses to that content as well? But wait, it gets better. Stebner goes onto say
Some license issuers will not allow you to store backups of their license files….However, if you use these steps to reset the DRM system and do not have backup copies of your licenses, you will lose the ability to play any previously acquired protected content. If you have content that you do not want to lose, I would encourage you to wait until we can identify and post a fix.
:D http://blogs.zdnet.com/BTL/?p=2083&tag=nl.e589
I just have to add this. I was working through the Washington State RCW and stumbled on this. It is codified in RCW 19.270. What Sony did with their "DRM" software is illegal in the State of Washington (USA). The damages section says you can recover actual damages or $100,000, whichever is greater. A judge is specifically given the authority to award up to three times the damages, plus costs and attorney fees.
Ya'll move to Washington, copy the Sony stuff on and then file a claim. Yeeehaaaaaw!
;)
Man, sony sony sony, when are you gonna learn... You can't knock up someone, and then go after the A. Hole:
http://www.boingboing.net/2005/11/01...fter_the_.html
This is where stuff starts to get a little bit more interesting. Rootkits in DRM, now they are trying to make it so that you need permission from the RIAA for any analog connections. Rediculous, rediculous.
All I have to say, is I'm glad I know how to solder, and I have plenty of p2p'd copies of electronics textbooks so that when the **** comes down, i'll be the only guy in town able to use the massive amounts of TVs people are going to be throwing out. I'll finally be able to have my dream....A house with as many TVs as a sports bar, playing all the pirated content I've ever wanted.
OK can someone tell me where I am technically incorrect with this:
1. If I can play something, I can re-record it without crapware?
2. I can burn copies of my re-recording?
And I DO know how to format and reinstall an OS ;) In fact, maybe I will use one of my boxes with removable drives, and a drive just for ripping off Sony :D
Ack! Phtt! this is arrogance, not intelligence. When will these guys learn that it is COMMERCIAL PIRACY that is their problem, not private individuals?
Let me make it clear that I do not "steal" anyone's intellectual property.............I actually buy what I listen to, and have transaction records to prove it............I have actually been made redundant because of music piracy, so I can assure you that my position is based purely on practicality ;)
Just my £0.02
I think that virtual sound cards are available.
Music is puched through that which can then be recorded as a straight wav then re-encoded to MP3 or whatever.
http://www.highcriteria.com/main_pro...trsdk_info.htm
Maybe not for long :Quote:
Originally posted here by nihil
OK can someone tell me where I am technically incorrect with this:
1. If I can play something, I can re-record it without crapware?
2. I can burn copies of my re-recording?
http://www.newscientist.com/article....ne-news_rss20.Quote:
Hollywood has unveiled a powerful new technology which it hopes will help kill the pirating of movies. The system relies on sound – not vision – and was unveiled at a conference held by the international DVD Forum in Paris, France.
And interestingly, Sony is preparing to issue a patch through AV companies. No mention of an uninstaller, though.
http://news.com.com/Sony+to+patch+co...8608&subj=newsQuote:
Sony BMG Music Entertainment and a technology partner are working with antivirus companies on a fix for a potential security problem in some copy-protected CDs.
Lol, I love this. They don't want you downloading the albums and not paying for it, yet they do something that makes you not want to EVER buy it. Like, HELLO JACK ASS, if you do things like this people are more likely to download it to not screw the computer in the ass they want to listen to it with.
.... Who the hell buys these albums from them? My whole CD collection has nothing like this at all. And just to piss Sony off more, if you see an album you want and it's an older one but the Copyright **** is on there, go to Ebay and buy the older version without the bullshit on it. Make sure you take it home and rip it and make a legal back up copy and store it in your friend's CD collection as off site storage.
If you get in trouble, tell them you didn't want to buy it again in case of a fire at your house so you're using a friend for offsite storage, that should hold up in court with the right Judge.
I left a sticker on my first computer I ever bought. The sticker reads:
"Download MP3 Music files off the web
Create custom music CDs with the HP CD Writer Plus".
I ever get caught, I'll play stupid and say I thought they were instructions. Works for everyone else claiming stupidity and ignorance, hell, a sticker is proof I'm not making it up. And hell, it WAS the first computer I EVER bought, how was I supposed to know it was an advertisement for a CD-Writer?... Buahahahahahahaha.
gore: yer a gem!
And you're.... A guy in Depends from the looks of your pic in the BG thread ;)
Nope, all systems functional.Quote:
Originally posted here by gore
And you're.... A guy in Depends from the looks of your pic in the BG thread ;)
I pee my pants sometimes :)
Well, not really, but it seemed funny at the time.
see this site you can find some Thread about rootkit www.rootkit.com
It's made the BBC website
http://news.bbc.co.uk/1/hi/technology/4400148.stm
The thing that may bug me the most out of all this is... Sony's program can help malware writers hide their code. World of Warcraft "hackers" are already doing this.
http://www.securityfocus.com/brief/34
What are the chances that users have purchased a CD and sony has already installed this rootkit on users PCs.
Even though Sony is releasing a patch to make the files visible (but not remove them), IMO, that is still not enough. They are acting as an enabler for malware writers to easily hide their malware.
I smell a class action suit in the works. Bring out the lawyers! They should have to pay fines to the users who have installed this malware on their PCs similar to what the RIAA has been getting.
The sad thing is... I KNOW I have it on ONE of my PCs. I bought a Leo Kottke and Mike Gordon CD this past August that had the said protected content. Though, when I first put it in my PC, I had the auto start disabled, so they rootkit wasn't automagically installed. I was able to grab a good copy of the files. I wasn't putting them on p2p or anything. I just wanted to put them on my mp3 player.
I then ran the autorun just to see what it did. Sure enough, I couldn't access the content using anything but their player. The songs would start to play, but then start skipping. I found no way to uninstall the program they installed on my PC.
The good copy I had grabbed before the rootkit was installed still played fine.
I say this is all BULLSHIT! I don't care what the EULA says. You can modify those (stored in a .txt file on the CDs) to stay whatever you want.
I just so happened to be visiting Washington State when I purchased the CD and installed the malware on my PC. Does that mean that the "crime" was committed in WA even though I don't live there?Quote:
Originally posted here by rapier57
I just have to add this. I was working through the Washington State RCW and stumbled on this. It is codified in RCW 19.270. What Sony did with their "DRM" software is illegal in the State of Washington (USA). The damages section says you can recover actual damages or $100,000, whichever is greater. A judge is specifically given the authority to award up to three times the damages, plus costs and attorney fees.
Ya'll move to Washington, copy the Sony stuff on and then file a claim. Yeeehaaaaaw!
;)