I’m proud to announce a significant victory in the ongoing Sony Digital Rights Management (DRM) saga; Sony has capitulated almost entirely. While not publicly admitting blame for distributing a rootkit, providing no uninstall for the DRM software, implementing a music player that sends information to Sony’s site, and supplying a remotely-exploitable ActiveX control for the on-line uninstall they eventually made available – all without any disclosure to users – they have come close.

Sony BMG’s site now includes a prominent link on its front page, “INFORMATION ON XCP CONTENT PROTECTION,” that takes visitors to a page with a statement from Sony that declares its concern over the security issues raised by its software. The first paragraph points out that Sony licensed the software from First 4 Internet, which while true, does not hold Sony any less responsible for its use of the software or the contents of the End User License Agreement (EULA).

The paragraph continues by saying that Sony will offer consumers that have purchased the spyware-laden CD’s with unprotected versions, that they are suspending production of the rootkit-based CD’s and that they are recalling existing from store shelves, which they’ve said elsewhere comes to around 2 million units. Furthermore, Sony has finally withdrawn the spyware-like uninstall-request process, which included the download of an ActiveX control that’s proven to be its own security risk, and promises the imminent release of a stand-alone uninstaller. Note that because the control is also used in the update patch, I strongly recommend that you do not apply the patch to disable the cloaking, but instead follow the manual steps I've outlined to disable the rootkit and wait for Sony to address the flaws.

Why did I qualify my statement regarding their response? Two reasons: first, as I’ve stated, they don’t admit wrongdoing, only that the software was a security concern. Second, there’s no statement on Sony’s site or their press releases regarding future policy. They go as far as saying that they “will continue to identify new ways to meet demands for flexibility in how you and other consumers listen to music”, but say nothing about their stance on rootkits or disclosure during software installation.

Speaking of disclosure, I hope this story isn’t over. Attention now needs to turn to the broader issues that go beyond DRM to software in general. They include acceptable behavior of commercial software, from both legal and ethical standpoints, and appropriate disclosure of software behavior. We’ve been living in a world of hazy laws surrounding EULAs and ideally this case will lead to more clearly defined laws and standard judicial principles.

There are several pending class action lawsuits, likely more to come, and its my expectation that a U.S. government agency will eventually announce a formal investigation. The Federal Trade Commission is the one most likely to take up the case and if so, some of its recent actions against spyware vendors may have set promising precedents.

Of course, this first victory would not have happened without your participation in bringing the story to the attention of the media both in this blog and in other publications. I congratulate everyone that voiced their concern over the trend Sony’s software portended and I encourage you to continue to fight for a long-lasting resolution on the issue of software installation and disclosure.

Originally by Mark Russinovich on 11/16/2005 7:42:00 AM
Migrated from original Sysinternals.com/Blog

# re: Victory!

Thank you for finding this problem. Without your great detective work, the general public would probably not know about the Rootkit. Given enough time, Sony may have pushed this software to all of it's CD's, and other publishing companies would have followed suit with other similar programs. Hopefully this general outcry will help to prevent that from happening.

11/16/2005 8:00:00 AM by Tartarus612
# re: Victory!

I think your first link about Sony's capitulation is incorrect. It's about virus creators, but not specifically about Sony ;)

11/16/2005 8:31:00 AM by Ytram
# re: Victory!

It was particularly relevant, I felt, that Sony have now confessed that 50 titles are affected and not the 20 they have been claiming for a while now. I don't believe for a minute that they didn't know how many titles were affected.

The word deceitful springs to mind.

11/16/2005 8:39:00 AM by kenny
# re: Victory!

Mark, why don't you get together with Kaminsky at doxpara.com and send all of your data to the FBI. A criminal investigation is the only way to get these people to take what they did seriously. Otherwise they'll just wait and try to sweep it under the carpet.

11/16/2005 8:48:00 AM by Captain555
# re: Victory!

SONY claims on their website that they have contacted their retailers and requested that they pull the copy protected CD's. Well... AMAZON.com can't be real hard to get a hold of and the current Neil Diamond CD is still available

http://www.amazon.com/exec/obidos/tg/detail/-/B0009NSCVC/qid=1132151741/sr=8-1/ref=pd_bbs_1/103-9575446-5823034?v=glance&s=music&n=507846

Complete with XCP for your enjoyment.

11/16/2005 8:51:00 AM by JTOR1138
# re: Victory!

This post has been removed by the author.

11/16/2005 8:51:00 AM by Adam Gates
# re: Victory!

Two things;

First, it is wrong for Sony to continue to hide security features from consumers.

Second, people ARE stealing in vast quantities from Sony BMG.

Intellectual property rights will NOT be enforceable by individual corporations.

Mark, you want to say “Shame on Sony” but who is going to pay them for the goods and services they have provided?

FOR INSTANCE, I've been very impressed with your work and I am going to BUY your book. I tell this to a friend and he offers to burn me a CD of your book no cost to me. On principle I refuse, but I know in the end my purchaseing YOUR book is really paying for 10 other people to steal YOUR book.

11/16/2005 8:55:00 AM by Adam Gates
# re: Victory!

Thanks for exposing Sony's spying tactics. I had my suspicions about them a year ago when my wife bought me a Sony MP3 player. Some wording in the EULA left me a little uncomfortable but I was not sure why. I returned the MP3 player and got a SanDisk which does not rely on proprietay software.

Perhaps you might look into how Sony's MP3 player software spies on its users. I no longer trust Sony and will probably avoid buying their products in the future. It is a shame because I have always thought highly of them.

11/16/2005 9:00:00 AM by Joe
# re: Victory!

From our side, I would hardly call this "Victory". From the corporation side this is just a small bump on the roadmap. There is no real FBI or FTC investigations, no arrests, nothing. Same virus/trojan/rootkit spread by individual would have been treated differently.

There is no longer "We the People", Congress/Parliament only deals with "We the Special Interest Groups".

There is something fundamentally wrong when the "People" are like slaves cannot own stuff, just be given "restricted rights" to using it.

So, rest asure, they'll be back one way or another, and stronger than before. Microsoft will embed unified DRM in the OS, Intel/AMD will be forced to implement DRM in hardware ...

Just boycott Sony as much as you can, that's what I am doing.

11/16/2005 9:02:00 AM by Enough
# re: Victory!

thanks for all ! and the first link should have been http://news.bbc.co.uk/2/hi/technology/4441928.stm i think.
(Sony has capitulated almost entirely. )

11/16/2005 9:07:00 AM by pcve
# re: Victory!

Thank-you. Great job. The fight will continue.

11/16/2005 9:22:00 AM by srynas
# re: Victory!

Mark has humbled Goliath! I’ll bet Sony’s legal staff is now running around like a bunch of ants who have just had their ant hill stepped on.

11/16/2005 9:51:00 AM by Jim Stuart
# re: Victory!

Link in the article should be:
http://news.bbc.co.uk/2/hi/technology/4441928.stm

11/16/2005 10:17:00 AM by Hooper3.0
# re: Victory!

Thank you Mark for a truly outstanding piece of forensic work! Without your efforts, the world would still be in the dark about these insidious practices. The world is a better place, knowing "technocrats" won't let anybody trick us with technical wizardry disguised as legitimate benevolent software.

Mark you've made a significant difference. I think other special interest groups will heed your warnings, and not dare commit the same stupidity as Sony. Too much to lose! Let’s face it; they are only interested in the bottom line, so their actions are so predictable.

I wonder how much ROI this episode will cost Sony. Negative I suppose. Reputation is priceless. That reputation is completely tarnished now; They are reaping what they sow. They treat their customers like criminals with prejudice, assuming we will do wrong.

Now Sony’s customers are treating them likewise. In business, when there is a conflict of interest, history tells us the consumer ultimately wins! Why? Because corporations require customers, but the converse is not true. Consumers have plenty to choose from.

As consumers, let’s make it count and vote with our dollars. I for one only patronize those who deserve my business, and treat me respect. Goodbye Sony and good riddance! Let this be a warning to all other wannabe corporations;

Treat your customer well, or suffer the consequences.

11/16/2005 10:28:00 AM by Kad
# re: Victory!

Well done Mark, good work. Though it still amazes me why these big companies use DRM on CD's in the first place; it doesn't stop determined crackers in the least and only hurts legally purchasing customers. It's ironic that if you want a good clean copy of a CD you have to download it...

11/16/2005 11:26:00 AM by Ray
# re: Victory!

I hope you find this as disturbing as I do. Regardless of all the bad publicity that the Sony case has generated, Sony is currently bragging (apparently for good reason) that their Santana CD (Arista, with XCP content) is "the #1 Artist Album today" (as of Nov. 9) on the Billboard charts and the #2 entry in the charts (next to the Now compilation). So much for hurting them in the pocketbook, apparently consumers do not care (or know). To add salt... a Neil Diamond CD (XCP also) is the #6 CD in Amazon regardless of the fact that there have been hundreds of reviews warning purchasers. Amazon is still selling these CDs regardless of the recall. If you want to upset your stomach read the Sony release on Santana under the news section of the SonyBMG web, http://www.sonybmg.com/ This is the same website that states that the CDs are recalled.... Gee

11/16/2005 11:30:00 AM by el cpu
# re: Victory!

I think they should remove the rootkit from all CDs except for Neil Diamond. Anyone who buys a Neil Diamond CD deserves to have malware installed.





Yes, I'm kidding. =)

P.S. Shame on Sony.

11/16/2005 11:32:00 AM by Irreligious
# re: Victory!

Sony: "[We, Sony,] will continue to identify new ways to meet demands for flexibility in how you and other consumers listen to music."

Which is a code phrase for, "we're sorry we got caught this time, but invasive DRM will be back." After all, meeting the demands for flexibility in how consumers listen to music is easy: plain on music CDs with no DRM. Complete flexibility. Because some people engage in copyright infringement, Sony wants to treat everyone like a criminal. In Sony's mind our computers, our CD players, and our DVD players will be guards that actively try to thwart the very people who purchased them. It's a pretty good deal: Charge customers more for hardware with less functionality. No rational customer would say, "Yes, I'd like to pay the extra money to cripple my DVD player so I can't play movies imported from Japan. Oh, and I'd like to pay a bit more to ensure that I can't route my DVD player through my VCR."

11/16/2005 11:32:00 AM by Alan De Smet
# re: Victory!

The argument presented by Adam Gates is still trotted out every time DRM is discussed, and still doesn't hold water.

The faulty assumption is that anyone who "steals" an item is a potential lost customer. The fact that digital music is easy to "steal" is not the fault of the consumer who is willing to pay for something of value.

So regarding the other 10 people that Adam is "paying" to steal Mark's book? If 9.9 of them were never going to buy it in the first place, how does that hurt Adam or Mark?

11/16/2005 11:53:00 AM by Zanzibar Buck-Buck Mcfate
# re: Victory!

Congrats for all your work that helped to make this public!

11/16/2005 11:54:00 AM by Diego Calleja
# re: Victory!

I agree with Mark in that this is a kind of victory.

I started monitoring this story from the first time I read the first post in your blog.

I monitored news.google.com Sci/Tech news and this story came from being totally underground to be the FIRST story there.

What this means to me, is that it is POSSIBLE for the "internet community" to make their voice heard to fight against non fair issues.

I am not from U.S. but I think this would show Americans it is possible to be heard. A lot of rights have been taken from us and this should show us we can fight back.

Thank you Mark!

11/16/2005 12:14:00 PM by xtracto
# re: Victory!

Regarding the comments made by xtracto "A lot of rights have been taken from us and this should show us we can fight back.".... yes we can fight back but as my previous post on this page mentioned, regardless of the terrible worldwide publicity Sony has received, consumers continue to buy these CDs like nothing happened. I think real victory is still not at hand and will not be until and if consumers stop rewarding SonyBMG.

11/16/2005 12:24:00 PM by el cpu
# re: Victory!

Someone brought along a cd from a company that make a flash type player saying that had copy protection included. Does anyone know about their solution?

11/16/2005 12:47:00 PM by Art Cube
# re: Victory!

I think Sony's problem is that they can't accept the idea that they should lose even one sale. They need to grow up and get over it.

It would be like a farmer who couldn't accept that there will be some natural loss, however small, from his crops and consequently sprays them with a pesticide that he knows to be dangerous to health (or even illegal to use, like DDT). That farmer wouldn't care if the food he grew harmed his customers so long as some pest didn't get a small percentage of it - and the government didn't catch him breaking the law.

This situation is much the same.

Even more absurdly, the truth is that studies have shown that the largest group of music downloaders is pretty much the same as the largest group of CD buyers. These people simply consume more music. For the most part they probably download a track here or there and if they like it buy the CD.

So all this probably gains Sony nothing. They need to stop being so infantile and accept that there will be some "natural wastage" and realize that it's not worth harming their customers in a vain effort to ensure that the inevitable won't occur.

Sony's attitude to DRM not only gains them nothing: it actually loses what they have - like the farmer getting DDT poisoning himself from having sprayed it.

Sony lost the portable music market, having won it with the Walkman cassette/CD players, because they got greedy and tied up their computer-file based player with a "DRM implementation was so nasty you would have had to have been insane to buy the product."

http://www.technewsworld.com/story/FgrMurUq4yEP3i/Why-You-Shouldnt-Buy-Products-From-Sony-This-Season.xhtml

Apple were not so stupid and not so greedy. Consequently, the market now belongs to the iPod. And over the rootkit affair, Sony now stands to lose who-knows-what in litigation.

Sony haven't hurt "pirates". They've hurt their customers, and finally they've hurt themselves.

It's all been about greed. For all the big talk about "artists", the record labels have never tried to do anything other than maximize their own share of the loot. A band would have to sell tens of thousands of albums to even break even. In fact, most bands would probably do better giving away their music as downloads and hoping instead to make money on live appearances. People like Sony aren't going to give them a fair cut of what their own labor has produced.

11/16/2005 12:49:00 PM by Damian
# re: Victory!

This post has been removed by the author.

11/16/2005 1:17:00 PM by ruy_lopez
# re: Victory!

It should be interesting to take a look at the stand-alone uninstaller when it comes out.

There's absolutely no reason why sony couldn't produce a decent uninstaller. They probably have good coders in their computer division. Remember this whole DRM fisco was down to their Sony/BMG music division contracting out the copy protection element of their cd production to an outside company--First4.

Incidentally, it seems someone here has taken exception [or wants it to appear that way] to my nickname "ruy_lopez" [the 'Spanish' chess opening].

The other morning, as I was reading comments on this site, I got hydra'd from the Universidad de Santiago de Compostela in Spain! of all places. The fact that this is the only place I've used the nick ruy_lopez, leads me to suspect that it originated here.

Maybe just a coincidence.

Good work everyone!

11/16/2005 1:36:00 PM by ruy_lopez
# re: Victory!

I think the bigger picture is lost here behind this DRM stuff.

What Sony did, was not only reprehensible, but criminal. As someone said, if an individual had done the same thing they would be dragging him to jail right now.

They've exposed an incredible amount of computer around the world to virus/trojan/malware (take your pick). Then they also created an incredible amount of useless traffic on the internet (check doxpara.com), which is basically stealing bandwith to legitimate purpose.

If enough people complain to congress, maybe somebody will take notice.

http://energycommerce.house.gov

http://judiciary.house.gov

http://judiciary.senate.gov

Of course people will keep buying the CDs, how many people don't read news on the internet.

11/16/2005 2:19:00 PM by Captain555
# re: Victory!

If you are inclined to write and/or leave postings:
---------------------------------------------
F. James Sensenbrenner, Jr., Chairman
Committee on the Judiciary
U.S. House of Representatives
2138 Rayburn House Office Building
Washington, DC 20515

http://judiciary.house.gov/default.aspx
----------------------------------------------
Joe Barton, Chairman
The Committee on Energy and Commerce
U.S. House of Representatives
2125 Rayburn House Office Building
Washington, DC 20515

http://energycommerce.house.gov/
----------------------------------------------

11/16/2005 2:31:00 PM by srynas
# re: Victory!

Reply to Zanzibar-

Whether they are a "potential lost customer" does not matter. They are STEALING. They have no right to listen, look, etc at the property without the owners consent.

With your logic I should have to leave the keys in my car to make it easier for someone to steal it, "It's not like they were going to pay for it anyway."
Or instead of paying at the pump you should just leave what you own in a big fish bowl after or decide how much you owe for that tank of gas.

To Everyone-

While Sony's response has been unethical and plain stupid, the public is not crying out at the millions and possibly billions of dollars stolen every year.

The common person thinks it is perfectly okay to steal music, movies, video games, etc.

The government/s are not enforcing the law.

To Zansibar-

What can companies and individuals who have intellectual property do?
Trust people will pay for what that use on good faith?

11/16/2005 3:33:00 PM by Adam Gates
# re: Victory!

Hi all,

A couple of predictions if I may:

1. Some form of DRM will reappear in the future - Sony have just been 'unlucky' and got caught with their 'pants down' by Mark. The recording companies, rightly or wrongly, are determined to try to stem the tide of falling sales which they perceive as happening because of increasing levels of piracy. Whether their perceptions of the problems is true or not (and many would argue it is more to do with pricing and other factors) they are determined to press ahead with their plans - so we may well have to go through this all again yet.

2. I predict that ultimately Sony will try to 'wash their hands' of this affair, and I wonder whether First4Internet will be offered up on the altar as the sacrificial lamb ?

3. Mark is right in his comments - this whole affair is the mere tip of a very much larger iceberg ! I've been dismayed at the levels of arrogance displayed by software companies (particularly several VERY large software companies) over their attitude of 'we own your computer' and 'we can install whatever we like, for any reason', without even so much as a 'by your leave' ! Again often, software copyright control is cited as the reason for their actions. I'm convinced most of this is a smokescreen, and the real reasons are more to do with locking in a customer so they can't escape, even if they want to.

Calvin.

11/16/2005 4:28:00 PM by Calvin
# re: Victory!

Adam Gates said:

"While Sony's response has been unethical and plain stupid, the public is not crying out at the millions and possibly billions of dollars stolen every year.

The common person thinks it is perfectly okay to steal music, movies, video games, etc.

The government/s are not enforcing the law."

I'm not sure this is a fair analysis, especially the part about the government not enforcing the law.

Practically running in tandem with this SONY/DRM story has been the story about Attorney General Gonzales' proposed toughening of the Copyright law.

An example just pulled from google news as I write this comment:

http://www.nobodysmiling.com/hiphop/news/85368.php

Many are concerned about the proposed introducton of jail terms of "unspecified length" even for "casual piracy."

I'd hardly call jail terms of "unspecified length" an example of governments not enforcing the law.

11/16/2005 5:36:00 PM by ruy_lopez
# re: Victory!

somebody please think of the profits! Adam, as much as you must loooove trolling (or are you really serious?), please take this issue up on another day. Profit protection and Sony's actions are separate animals - please treat them as such.

11/16/2005 5:40:00 PM by Nick
# re: Victory!

I hope Vista can halt this spyware garbage. I have no idea how the built in firewall will work but I would like it to give control back to the user like this and block installations from automatically adding themselves to the trusted list without your explicit consent:

Vista: "The following application is requesting permission for outbound network communication."

Application: XCP
Company: First4Internet
Source: [Serice name or executable]
Encryption: [none/details]
Protocol: HTTP
Port: 80
Destination: http://updates.xcp-aurora.com
Reason as stated by the application/vendor : "Dear Sony BMG customer- XCP would like to enhance your music playing experience by updating itself to the latest version and further protect the content you have licensed. In compliance with the EULA you must accept this notice. Please visit our website for the latest copy of the EULA as we continue to improve it."

Vista: Do you wish to allow communication to take place? You should only accept if you trust the company and it's product.

Yes - One time
Yes - Always- "Trust this application"
No - One time
No - Never
Advanced - Enable logging, capture packets for analysis, shutdown this service/application.
What is the risk? - click here for details about privacy and protecting your computer from malicious software.

11/16/2005 6:23:00 PM by geek27
# re: Victory!

Mark,
I love your column.
Wanted to tell you that you have a typo in the beginning: claoking.

Thanks

-Ronny

11/16/2005 7:27:00 PM by RoNNY
# re: Victory!

Great Job!!! I guess this shows that even the "little guys" can stand up to "out of control" corporate interests.

On a side note: You probably are already aware of the attention your blog has recieved as a result of your original report <g>. But in case you needed more financially uplifing evidence check out the How Much Is My Blog Worth? entry at the Business Opportunities Weblog

11/16/2005 7:28:00 PM by Jason Thorn
# re: Victory!

Adam Gates: please stop using words in a deliberately misleading and incorrect way. Nobody has mentioned stealing anything, except for you. Making a copy of a CD for a friend may be against the law, but it certainly isn't theft.

11/16/2005 7:35:00 PM by sploo22
# re: Victory!

Perhaps someone should check out the new Sony Media Center PC (Sony® VAIO® VGX-XL1 Digital Living System™VGX-XL1) with 200 DVD/CD changer to see if it is preloaded with tracking software? It could track not just CD's but DVDs and even what you watch on TV!
And, for that matter, what about any Sony PC? They have complete control over the OS install with plenty of opportunity to hide their footprints.

Over the years I have bought dozens of Sony electronics (cameras, radios, CD players and including 5 PC's) and was planning to get the VGX-XL1 for our home this Christmas but never again. And get this, my teenagers are telling all their friends "Just Say No Sony". Sony has become a garbage brand in our book.

11/16/2005 8:18:00 PM by John S.
# re: Victory!

Stand up to Cor-pirate control freaks speak out against our loss of writes to us our own computers!!!
http://img.photobucket.com/albums/v165/wawadave/cor-piratefinger2.jpg

11/16/2005 9:29:00 PM by wawadave
# re: Victory!

In answer to Adam Gates:
You are comparing things that can't be compared. Your car stealing example is therefore not usable. One is stealing manufacturing, "sound" goods, the other is "stealing" intangible bits. Stealing a car cost money to the person that brought it, to insurances, to the car manufacturer, to society. Stealing bits, things that do not exist in real life, cost nothing to no one. And don't give the argument of "lost sales". The majority would not have brought it anyway since it's free things they are after...

It's not to say that intellectual property should not be protected, far from it! But it should not be protected in the context of a business model, manufactured goods, that is not adequate for it. An all new business model must be build-up. Some company understand that and exploit the new context and make tons of money. Some don't and try to force the consumer to stay in their inadequate business model. They don't want to change and they protect their turf. It's normal, but they can't succeed.

Just look at what is going on with the new High-Definition disk. They now want to implement protection technologies that will only drive the consumer away! Even if it's moraly unacceptable to steal someone intellectual property, how can these measure do any good to anyone? Everyone lose... And looking at DVD sales, I honestly think they try to fix a problem that don't exist in the first place.

11/16/2005 10:13:00 PM by Bobby Bob
# re: Victory!

Here's an interesting aside from the Devil's Advocate. I run a music store that will most likely take a total bath this Christmas because the 4 biggest sellers of the season got nixed. Neil Diamond, Bette Midler, Chris Botti, and Jane Monheit. And what's worse, most of my customers buying this stuff aren't the kind of people who are likely to burn copies at all, possibly not even PC owners. Unless Sony can get copies back out to me that you guys can burn and rip to your hearts content in a VERY timely manner, I might not have my store too far into 2006, already hurting because fewer and fewer people seem to feel that they should buy the things they want. I'm the independent businessman, here. The very personification of the good natured small business guy trying to not get screwed. Well, now I'm screwed. Is that cool?

11/16/2005 11:43:00 PM by Rocko
# re: Victory!

Just FYI, this actually just made the channel 3 6:00pm news here in New Zealand (we only really have 3 major channels).

Apparently Sony is recalling all of the affected CDs here, and replacing them will unprotected discs.

Interestingly enough, Sony doesn't use protection on locally made discs, so those with them must have bought them online or from parallel imports.

11/16/2005 11:44:00 PM by Michael K
# re: Victory!

Thank you for finding this problem. I have been on line everyday checking to see what the latest news is. This is a huge example of how the voice of the people CAN have an impact. (Or should I say the written word!)

I doubt that Sony is going to dry up and blow away, but it would be nice wouldn't it? I certainly hope that First 4 goes right along with them.

11/16/2005 11:44:00 PM by Glory
# re: Victory!

Sony's bungling oafs- First4Internet who specialize in the protection of copyrighted intellectual property apparently don't give a crap out copyright!

Looks like we now have proof. Heads will roll:

Thursday, November 17. 2005

Breakthrough after breakthrough in the F4I case

Ladies and gentlemen, muzzy and I made what's maybe the most significant progress since we began our little examination of the F4I binaries a few days ago. Thanks to Halvar Flake of Sabre Security who provided us with results from newer versions of BinDiff than those that were available to us, I was able to positively identify several functions from the mpglib library in the F4I code. What's significantly more important is that muzzy found actual GPL code in the files too! Yes, GPL, not LGPL! This opens up a completely different can of worms.

http://www.the-interweb.com/serendipity/index.php?/archives/54-Breakthrough-after-breakthrough-in-the-F4I-case.html
Perma link: http://www.the-interweb.com/serendipity/index.php?/archives/54-Breakthrough-after-breakthrough-in-the-F4I-case.html

11/17/2005 1:04:00 AM by geek27
# re: Victory!

Mark, thank YOU ! for finding and disclosing this rootkit. Thanks for your persistence over the last view weeks, keeping the blog active with new info. Many users and consumers around the world who do not have your expertise and knowledge would not have found this on their computers.... thank YOU !

11/17/2005 1:52:00 AM by _Edwin_
# re: Victory!

Ok, now that you have got the world's attention, why not raise the issue of vendors plans about having DRM hardwired into desktop and server operating systems.
August 02, 2005:
"Remote Attestation" and content access monopolies


"Hollywood and the recording industry hold an effective monopoly on a large section of popular content. Both Microsoft and Apple are now offering the ability to content providers to demand that users must use unmodified systems to view said content. It locks you out of parts of your system that will inevitably be abused by third parties wanting to abuse you."

11/17/2005 3:54:00 AM by David
# re: Victory!

Rocko: "I might not have my store too far into 2006, already hurting because fewer and fewer people seem to feel that they should buy the things they want."

Small businessman my foot. First4/Sony send you, did they?

What a load of nonsense! Because Sony is recalling dangerous rootkitted CDs, because Mark has revealed just how dangerous they are, a record store is going to go bankrupt. What Sony baloney!

Because I can't (temporarily) get a Neil Diamond CD for John or Mary's Christmas present, I won't buy something else instead. Do you think we were all born yesterday?

I'd like to know how a real "small businessman" would compete on price for the popular chart recordings you mention with big chain-stores anyway.

This is not about stealing - except the theft of CPU cycles, LAME copyright, and trust (if you know what that means) by Sony/First 4.

And it is certainly not about small businesses: it's about the highly toxic nature of one very large business: Sony.

11/17/2005 5:20:00 AM by Damian
# re: Victory!

"Sony's bungling oafs- First4Internet who specialize in the protection of copyrighted intellectual property apparently don't give a crap out copyright!"
"What's significantly more important is that muzzy found actual GPL code in the files too! Yes, GPL, not LGPL!"

Please report it here:
http://www.fsf.org/licensing/licenses/gpl-violation.html

11/17/2005 5:40:00 AM by zeh
# re: Victory!

To respond to Rocko's Devil Advocate hypothetical.
1. Your store may be techologically obsolete. Many businesses go out of business because techology has simply passed them by. Kodak is dying a slow death because film is passe.
2. By accepting a "defective" product from a vendor you are putting yourself out of business. Why should a customer buy from you if the product does not work and they can not return it to you for a refund.
3. We live in a capitalistic system, at least in theory, so if customers do not come, you have no business being in business. You have a bad busines model. Time to come up with a new money making scheme.

11/17/2005 7:37:00 AM by srynas
# re: Victory!

Unfortunately, Sony BMG has *removed* that link from its front page, about the XCP content protection. (From Mark's blog, the following:)
"Sony BMG’s site now includes a prominent link on its front page, “INFORMATION ON XCP CONTENT PROTECTION,” that takes visitors to a page with a statement from Sony that declares its concern over the security issues raised by its software"

11/17/2005 8:37:00 AM by bicycleChica
# re: Victory!

Doug Lay reported: http://blogs.washingtonpost.com/securityfix/2005/11/this_post_is_ge.html#comment-11287538

Yesterday in the Subcommittee on Commerce, Trade, and Consumer Protection of the House Committee on Energy and Commerce. The topic was "Fair Use: Its Effect on Consumers and Industry." The real topic was H.R. 1201, a bill cosponsored by Rick Boucher (D-VA) and Joe Barton (R-TX), which would amend the DMCA to allow circumvention of content protection systems for purposes of fair use. Among other things, H.R. 1201 would presumably remove the threat of lawsuits or prosecution from the security researchers who have been working so diligently to expose Sony and F4I's misdeeds.
Judging by the comments of many committee members, Boucher and Barton have their work cut out for them. While it seems there is an emerging consensus among both consumers and technologists that current DRM systems are flawed at best, many committee members don't seem to be hearing that message, believing instead that DRM systems are working as intended, and that the protections of the DMCA are necessary to the development of a marketplace in digital content. Some members, notably Rep. Blackburn (R-TN) go so far as to call Fair Use little more than cover for thievery.
Of course the Sony fiasco was brought up by several witnesses sympathetic to 1201 (as well as Rep. Boucher himself), but pro-DRM members simply did not want to discuss the episode, with the exception of Rep. Bono, who stated flatly that Sony had provided a patch and therefore the problem was resolved..end of story.
A Webcast of the hearing is available at http://energycommerce.house.gov/108/Hearings/11162005hearing1716/hearing.htm
I recommend that anyone interested in digital rights issues listen in. It will be a real wake-up call for those who believe the tables have turned on the content industry's plans for DRM.
Posted by: Doug Lay | Nov 17, 2005 9:45:44 AM

11/17/2005 9:00:00 AM by srynas
# re: Victory!

This is a cut and paste from the URL below

AN OPEN LETTER TO AMERICA'S CORPORATE LEADERS

As with any business, the people and companies that create music, movies and other copyrighted material rely on getting a fair reward for their creativity, time and hard work. That happens when people buy these works, but not when they steal them—including by copying or transmitting them without the permission of the copyright owners.

Unfortunately, employees of companies and other organizations sometimes use their employers’ computer systems to engage in unauthorized copying of music, movies and other copyrighted material. This activity not only wastes the organization’s time and system resources, but it is also illegal. Such activities on your systems can put your organization at legal risk, tarnish your organization’s reputation and increase security risks for your computer systems.

This brochure explains the problem of copyright theft in the corporate and office environment, what can be done about it, and how you can implement policies to minimize the risk to your organization. Copyright theft is bad business for everyone!

Sincerely,

Hilary B. Rosen
Chairman and CEO
Recording Industry Association of America


Jack Valenti
President and CEO
Motion Picture Association of America

http://www.musicunited.org/Corp_Brochure_2003.pdf

11/17/2005 9:31:00 AM by Stephen
# re: Victory!

Mark, great work. However, I think your caveats are important, and Victory might be a bit pre-mature. Lets face it, DRM is here to stay, but you point out that you need the ability to say no, and the writers must be accountable for security issues and system damage for installation. What's clear here is that 1) the software is easily circumvented, 2) poorly written with huge security holes, and 3) the DRM MANIA of Sony far exceeds any concerns about their customers, there will always be a market for music and they hold a monopoly on some artists. IF artists could change their distributors, this would put real pressure on them to rethink...

11/17/2005 9:39:00 AM by Dave
# re: Victory!

This post has been removed by the author.

11/17/2005 10:15:00 AM by gmudtoe
# re: Victory!

I share the concerns of a previous poster about what Sony might be putting into their PC products. I was thinking about buying one of the small Sony VAIO laptops, but this whole episode made me change my mind. As the previous poster indicated, who knows what they may have put into the OS or BIOS on a machine that they have complete control over? I would also be wary of Sony digital cameras. It's really easy to get code onto a computer when you attach a device to a USB port. There are lots of security holes in the USB protocols.

My personal opinion is that Sony has morphed from primarily an equipment vendor to a content distributor, and as such they are willing to risk damage to their equipment brand name in order to protect their content.

I used to buy lots of Sony stuff (my house is full of Sony products), but this episode has changed my mind, and I absolutely won't buy anything from Sony that is a PC or has any kind of network interface to the rest of my systems, or can potentially download code into any of my PCs (i.e. cameras). I may not even buy anymore Sony TVs, even though I can't think of a way at this point that a TV could be used to distribute malware into my network.

11/17/2005 10:18:00 AM by gmudtoe
# re: Victory!

No, I do not work for Sony.

I work for myself, I have a small store that specializes in Jazz and Pop Standards, most of my customers are older/elderly.

I'd say I'm a fairly sharp bussinessman, I worked for several years as an executive at a company you've heard of. I retired early so that I could persue my lifelong dream of owning a music store, despite the fact that all my colleagues told me it would never fly. I have a love for all kinds of music, particularly Jazz, which is my specialty, and it just so happens that those 4 albums were big, big hits for me already.

They tell me not to expect to break even for 8 years, well, this is 10 this christmas, and it finally looked like I might make it. Now, I probably will not. CD sales are already shrinking thanks to the relative ease of burning CDs. My Big Idea was that by selling to an older base that I would get more people actually willing to pay for what they have. My contention has always been that if you're not ready to pay for something, you aren't ready to have it.

11/17/2005 10:40:00 AM by Rocko
# re: Victory!

No, I do not work for Sony.

I work for myself, I have a small store that specializes in Jazz and Pop Standards, most of my customers are older/elderly.

I'd say I'm a fairly sharp bussinessman, I worked for several years as an executive at a company you've heard of. I retired early so that I could persue my lifelong dream of owning a music store, despite the fact that all my colleagues told me it would never fly. I have a love for all kinds of music, particularly Jazz, which is my specialty, and it just so happens that those 4 albums were big, big hits for me already.

They tell me not to expect to break even for 8 years, well, this is 10 this christmas, and it finally looked like I might make it. Now, I probably will not. CD sales are already shrinking thanks to the relative ease of burning CDs. My Big Idea was that by selling to an older base that I would get more people actually willing to pay for what they have. My contention has always been that if you're not ready to pay for something, you aren't ready to have it.

11/17/2005 10:40:00 AM by Rocko
# re: Victory!

Rocko said: you guys can burn and rip to your hearts content

You've fingered the wrong group here Rocko. I understand that you might be in for a rough winter, and that sucks... but you should put the blame for that squarely on Sony, not the researchers here on this forum.

If GM was selling cars that came with a "hotwire" switch on the dash, and your local newspaper brought to the public's attention that switch could be used for evil... would you blame the newspaper, or GM?

11/17/2005 11:04:00 AM by Roastbeef
# re: Victory!

The Sony DCR-DVD203E can only be browsed as a disk drive (to recover videos) if the user is logged-in as administrator. This is clearly stated in the documentation. I have tried (without success) to circumvent this by assigning privileges for certain directories to users. The result is that my son, who owns the camera, always uses an administrator account.
I have seen questions on the web about this in relation to other Sony models. Like other posters, I have no intention of buying any Sony kit in future.

11/17/2005 11:10:00 AM by Andrew
# re: Victory!

Rocko: "My contention has always been that if you're not ready to pay for something, you aren't ready to have it."

Not sure what you mean by "not ready".

Your posts are basically dishonest and slip and slide all over the place. What are you suppose to be posting about? Theft or your business model or DRM or what?

Is this about theft? Well, then: If Sony won't pay for the CPU cycles its stolen or for the information on people that it is gathering (contrary to its claims) from its phone-home programs then it shouldn't have either (or as you might say it is "not ready").

Or is this about your business model? Well, then: Amazon, for example, undermines your sales - far more than any copying and distribution that is, or that you imagine to be, going on - by selling online at good prices with massive stocks so there's no waiting. Does this mean that Amazon has no right to sell?

Or is this about DRM? Well, then: I'm not clear that people object to DRM. The iTunes music store does good business, and its content is protected. But it is not instrusive or destructive DRM. Get out of that one.

The fact that you think what Sony has done is OK shows that your claims to morality are but hollow. As Mr. Baker at the DHS had to remind them "it is not your computer". This intrusive dangerous dishonest software was deliberately hidden from users, it phones homes, it is implicated in system crashes, it will make the Vista beta unbootable, it opens gaping security holes. As Mr. Baker also said the nation can't afford to have the internet infrastructure damaged at a time when avian flu threatens. All this may not matter to you, but it matters to me.

And you present yourself as standing on the moral high ground! Moral high ground, my *ss.

That is all terrible, terrible.

I'm sorry: you may like Sony, but they are filth. There is no other word for it. I will never buy another product from them.

11/17/2005 11:37:00 AM by Damian
# re: Victory!

Dave said: "Victory might be a bit pre-mature. Lets face it, DRM is here to stay"

If I read one more time a comment like this, I'm going to scream.

This is not about DRM.
Mark is claiming VICTORY because he got what he wanted, for Sony to
say they would stop the production of CD with this
particular software
.

It's about the way they went about it.

11/17/2005 11:51:00 AM by Captain555
# re: Victory!

Well said, cap'n.

11/17/2005 12:02:00 PM by ruy_lopez
# re: Victory!

Rocko:

The idea that your business stands or fall on the basis of the albums of 4 artists [and you are a sharp businessman!] is hard to believe.

But lets assume that what you say is true.

Also you are basically suggesting that Sony cannot supply you with replacement CD's in time for christmas. This is also hard to believe.

But, again, lets assume that it is true.

These premises notwithstanding, then, you are suggesting that in future, when some large company infringes our privacy, and undermines the security of our computers, we are supposed to just turn a blind eye.

What about the little guys who depend on the integrity of the data on their computers to survive in business? (I'm sure we could cook up a compelling scenario about a fledgling accounting company who loses the accounting data of their 4 prize clients to viruses because of Sony's DRM software vulnerabilities)

But your story (and the fact you prepended it by saying you were playing "devils advocate") hits too many bases to be credible.

If you had merely said that "casual piracy" was driving you under, and by extension this blog had helped encourage such behavior, then it might have been believable.

So have you contacted Sony about replacing the stock [and explained your reliance on certain DRM protected artists]? How did they respond?

11/17/2005 12:35:00 PM by ruy_lopez
# re: Victory!

Hate to blog hog but just had to post this:

"Sony has now published a full list of the 52 titles that use XCP. Previously it would only say that about 20 titles used it."

"Although figures for how many people have installed XCP are hard to come by, respected net expert Dan Kaminsky has found evidence that the software is in use on more than 500,000 networks."

http://news.bbc.co.uk/1/hi/technology/4445550.stm

11/17/2005 12:59:00 PM by ruy_lopez
# re: Victory!

http://biz.yahoo.com/prnews/051116/nyw143.html?.v=31

Press Release Source: Columbia Records

Neil Diamond's '12 Songs' Makes Chart History as Artist's First-Ever Top 10 Debut & First Top 10 Album in 13 Years
Wednesday November 16, 2:45 pm ET
Critically Acclaimed '12 Songs,' Produced by Rick Rubin, With Music & Lyrics by Neil Diamond, Debuts at #4 on Billboard Top 200
NEW YORK, Nov. 16 /PRNewswire/ -- Neil Diamond's critically-acclaimed new album, 12 Songs, has debuted at #4 on the Billboard Top 200 and is the artist's first album to debut in the Top 10.
Released on November 8, with first true week's sales of 92,705, according to SoundScan, 12 Songs is providing the strongest opening week's numbers of Neil's career. His last studio album, Three Chord Opera, opened at #15 -- his highest previous debut position, with first week's sales of 67,975 -- in July 2001.
_______________

I put this very simple question to SonyBMG:

Why are you still selling the Number 4 chart album on Billboard on your own web site?

The press release on Yahoo here states the source of the release as "Columbia Records" at "Wednesday November 16, 2:45pm ET". Why does Sony have a subsidiary company “Columbia Records” releasing promotional and marketing hype surrounding the great success of Neil’s new album? This press release was received many hours after you had publicly noted on your web site that there is a product recall, retail and inventory stocks to halt distribution and sales of ALL the affected XCP CD’s. You have released a press release promoting and advertising this CD from Neil Diamond and continue to actively promote this. This will increase the amount of customers who have the potential to be infected with this security flaw. If any of the customers who have purchased this CD insert there CD into their Windows Personal Computer and they idly agree to the EULA you provide, which on the original disc has not been modified. Then the user thanks you very much for a great CD. They leave and are quite impressed with the listening experience they have just had getting a real kick and buzz from one of the great legends of the music industry. Neil Diamond does not deserve such treatment of your arrogance, ineptitude and deceit that you are continue to display by your entire organisation. You are hurting and making it worse for Neil, his fans and your customers.

These two titles for the ’12 Songs’ album the ‘CD’ and ‘CD Special Digipak Edition’ versions of the disc are still available for purchase. This CD from Neil Diamond is stated as his best success so far. You give no disclaimers on the homepage for http://www.neildiamond.com of what is really on his CD. The current part numbers for the two versions available online are the two part numbers you list in the document you have online for the ‘Affected Titles’ yet you continue.

These two titles are still for sale with the unaltered original XCP software security threat. With no mention of the security implications. There are proven cases of Virus's in the wild that now attack this software in an unpatched state.

Who is speaking for the 92,705 customers (Less 4,057 Digital Purchases) who have purchased this CD.? Why do you continue even on your own website to still be offering this CD for sale from these locations?

Title CK94776 Neil Diamond 12 Songs [CD (Special Digipak Edition)] $16.98
http://www.sonymusicstore.com/store/catalog/MerchandiseDetails.jsp?merchId=86715&sms=label-smo

Title 1CK97811 Neil Diamond 12 Songs [CD] $13.98
http://www.sonymusicstore.com/store/catalog/MerchandiseDetails.jsp?merchId=91159&skuId=91169

You have on your website here:

"We also have asked our retail partners to remove all unsold CDs with XCP software from their store shelves and inventory."

How about you start from the top at your organisation and work from there including timely and accurate media releases about this issue and no more media releases promoting this as a musical CD and not the clear security breach that it is also.

A statement made publicly by The Department of Homeland Security made mention of tactics used by companies that are dangerous to National Infrastructure and Security, which if you have not caught the drift of it yet, Sony they are talking about YOU but you continue to do the WRONG thing.

When will you release a public media release regarding the security issue involved here? We have been warned by the great work of the security people within our industry. And now we are communicating this same information around the world to all of our clients. In a single step you have breached the trust that we have given to the music industry by letting our users of computer networks play and use their own personal CD’s on internal company networks. By doing this we then trusted that the users would play there favourite audio CD’s at work instead of downloading music from the internet to play on there computer. We have proactively helped by attempting to eliminate the P2P downloads that may end up on our networks and have that chance of a security threat in the download. Now all users in many organisations will very shortly face disciplinary action if a single piece of audio music is placed or played on the personal computer at the office because firstly downloaded music is illegal and often is just nasty, second the CD’s you may bring from home to listen have a greater chance or doing more harm than the P2P download and that is worse than nasty.

When will you release a media release that states the software that is on the 50 titles affected is a security threat and that all products affected have been withdrawn from sales, distribution and production?

Or will you wait until the next form of patch is created by the First 4 Internet Company which we can see from the three service packs they have released so far that they are completely inept. They cannot even create a good security solution for your DRM policy and then to update it with the current third patch. The removal instructions should be an exe file on a web site available for public download. Not an ActiveX control that creates an ever bigger security risk than the original DRM package. It has taken a couple of people from Princeton University to do this well before you could. Why are you not in damage control of this problem and have people such as Mark Russinovic, Jeff Dwoskin and Alex Halderman develop, create and release a removal tool for this. Oh I forgot Sony and First 4 Internet haven’t done this yet. But Jeff Dwoskin and Alex Halderman have and have made it public for people to use. How can they already know more about the product than the manufacturers, simple that’s how bad the original software truly is. Everything that First 4 Internet have done is extremely nasty programming and now they are faced with piracy and copyright infringements that the recording industry is trying to protect and now they use the exact technique to attempt to stop the music piracy by pirating GPL source code to implement such a design with no support or credits to the original authors and on the acceptance that if you use this code you must release the source code to the public.

ALL global media should NOW receive a media release stating a fair amount of the facts that have been listed in the case. If you stood up and mentioned a couple of these security threats you have on this product honestly to your customers you have a chance of some praise for your being a big and honest company to admit you made a rather big mistake. If you tell the truth people may still respect you for finally be honest. If you do not and continue to deceive people your any chance of ever saving your audio and video business’s including upcoming technologies such as Blu-Ray will be non-existent, if you are lucky you may still be able to hold onto your Television and Playstation arms of the business but all audio/video credibility you once had is now gone. Sony we trusted you explicitly now you have broken a major trust relationship that will take you a very long-time to re-establish if you actually are able to at all.

You need to immediately advise all 88,648 customers (plus the new customers) that have purchased this CD (And every other Artist) that it is a threat to infrastructure and national security as per the Department of Homeland Security. Sony you are literally putting your reputation before the lives of people. Sony you are WRONG you need to admit this and inform your customers of your installed security threat. You do not have the right to wait until First 4 Internet release there 4th version of a patch to fail again. You need to publicly endorse what has been done by Mark Russinovic, Jeff Dwoskin and Alex Halderman and utilise these people as independent people who are helping you achieve compliance in fixing your product. If it was not for people like the investigative analysis that Mark Russinovic produced in the first place on this particular topic, we would not have anywhere near the complex security that we take for granted on personal computers connected to the internet. You actually owe Mark a great deal of thanks. If this had come out from a virus writer first submitting it and it going wild on all the XCP music listeners’ personal computers you would be facing extremely costly litigation from many customers. So you should be thanking this man for this, and it should be contained in your press release.


Oh in case you were wondering the happy experience of the customer did not get infected by a virus so they were lucky. They do however have the computer in at a repair shop being looked at by computer technicians and engineers as when they got up the next morning to check there e-mail they noticed the Microsoft Blue Screen of Death. The only information they have so far from the computer shop is appears your anti-virus software did a virus scan and that was the last thing your computer ever did.

Sony it has been said and will again. It is your intelectual property but it is my computer and you cannot trespass illegly.

Now all those nasty trojan, spywar, malware & virus writers I just wonder how many of them now own there own personal loving copy of the Van Zants CD. Or after this post how many will go ahead and purchase it. And somehow I do not think I was the first person to think of this theory.

11/17/2005 2:05:00 PM by Stephen
# re: Victory!

Amazon may have fixed this by the time you read this but check out the following URL:

http://www.amazon.com/gp/product/B00092ZM02/103-8182569-7354261?v=glance&n=5174&s=music&v=glance

Amazon has pulled the XCP infected discs from it's website.

The funny thing is that not all browsers can view Amazon's statement:

"This Sony CD includes XCP digital rights management (DRM) software. Due to security concerns raised about the use of CDs containing this software on PCs, Sony has asked Amazon.com to remove all unsold CDs with XCP software from our store. If you have purchased this CD from Amazon.com, you may return it for a full refund regardless of whether the CD is opened or unopened, following our normal returns process. Simply indicate that the CD is "defective" as the reason for return."

I can see the statement in Firefox 1.5 Beta RC2

This same page is missing the statement when I load it in IE 6.0.

11/17/2005 3:11:00 PM by geek27
# re: Victory!

The Van Zant CD has also been given some nice tags. I don't rememeber seeing this feature before.

Customers tagged this item with
First tag: rootkit (D. Wolf on Nov 12, 2005)
Last tag: boycott Sony

rootkit (3),DRM infested (2),boycott Sony (2),breaks your computer (2),spyware (2),drm (1),Van Zant (1),XCP (1),sucks (1),cd (1),RIAA scumbags (1),evil (1),assbag (1),dangerous rootkit malware (1),installs rootkit (1)


Also here's the GPL violation Slashdot link:

http://yro.slashdot.org/yro/05/11/17/1350209.shtml?tid=188&tid=158

11/17/2005 3:16:00 PM by geek27
# re: Victory!

To Rocko:
If Sony' recall and DRM scheme (I am not buying Santana's CD because of it)is affecting your bussiness that's a reasonable grounds to go to court, don't you think?. btw you meant you do not work for sony...anymore!

To Mark and comunity:
Lets now go for the next one Sunncomm, -giving credit to the freedom to thinker.- as I mentioned before a friend borrow me a CD (Luther Vandross) and even though I did not accept the eula, I have a bunch of files now in my harddrive, which it is unacceptable.

To Mark:
If you have the time I would like to point your attention to macromedia programs. from work the firewall/rules will stop any intends of downloading mp3, wmv, mov, wma, mpeg, etc, etc.

however I noticed that some movie websites which are entirely flash based, in those you can play the trailer without the firewall/rules stopping you.

My point here is: a flash program seems capable of bypasing any firewall settings, so, where is the good of having one?

Can you build one?

A Firewall that will actually protect us from all this Sony and the likes phoning home spyware.

I would gladly pay you instead of paying to symantec and the likes.

Thanks

PS: Some Universal DVDs comes with a flash player, I would not doubt it phones home too.

11/17/2005 3:20:00 PM by mishka
# re: Victory!

You should be able to filter outgoing traffic according to the destination IP address. Most firewalls have a rule to allow all outgoing traffic. To block traffic to a specific outbound address you have to make sure the rule you create is placed before that allow-all rule, so it rejects the packets first.

For instance this would block anyone inside your network from connecting to www.msn.com

deny tcp from any to 207.68.183.32 80 out

This was tested using IPFW on a mac. If you are using XP I'm afraid I can't see the same abibility with the built-in firewall.

The trick is to find a firewall that lets you specify an IP address for both sides of the connection [XP's built-in only lets you specify the inside IP].

11/17/2005 4:25:00 PM by ruy_lopez
# re: Victory!

Any "security experts" reading this whom would like to acheive Mark's new international celebrity status should analyze Sunncomm's copy protection.

I keep hearing that it installs something whether you accept the EULA or not. I have not seen a blog or site with evidence yet.

Links welcome. Thanks

11/17/2005 4:45:00 PM by geek27
# re: Victory!

I should have refreshed the tab next to this one before posting.

Not Again! Uninstaller for Other Sony DRM Also Opens Huge Security Hole
Thursday November 17, 2005 by J. Alex Halderman

"I have good news and bad news about Sony’s other CD DRM technology, the SunnComm MediaMax system. (For those keeping score at home, Ed and I have written a lot recently about Sony’s XCP copy protection technology, but this post is about a separate system that Sony ships on other CDs.)..."

http://www.freedom-to-tinker.com/
Permalink: http://www.freedom-to-tinker.com/?p=931

11/17/2005 4:49:00 PM by geek27
# re: Victory!

I wonder how many other people missed this article in all of the excitement. This is arguably worse than XCP!

Freedom to Tinker
Sony Shipping Spyware from SunnComm, Too

"MediaMax installs without meaningful consent or notification

When a MediaMax-protected CD is inserted into a computer running Windows, the Windows Autorun feature launches a program from the CD called PlayDisc.exe. Like most installers, this program displays a license agreement, which you may accept or decline. But before the agreement appears, MediaMax installs around a dozen files that consume more than 12 MB on the hard disk. Most are copied to the folder c:\Program Files\Common Files\SunnComm Shared\, shown below:..."

http://www.freedom-to-tinker.com/?p=925

11/17/2005 4:59:00 PM by geek27
# re: Victory!

Just an FYI to all the Apple users out there...Sony lied again:

http://www.security.ithub.com/article/Sonys+DRM+Rootkit+Comes+in+Mac+Flavor+Too/165172_1.aspx

11/17/2005 5:18:00 PM by Nads
# re: Victory!

Not sure if this has already posted, but there is a CNET article stating Sony have pulled the uninstaller as "several Web sites designed to exploit security flaws in a rootkit uninstaller program issued by Sony BMG Music Entertainment"

Link: http://news.com.com/Attack+targets+Sony+rootkit+fix/2100-7349_3-5956707.html

Just to make this story even more interesting, the unistaller has not been pulled so, what are Sony up to. CNET has a direct quote from Sony saying the installer was pulled, but its clearly still available here:

http://cp.sonybmg.com/xcp/english/updates.html

11/17/2005 5:29:00 PM by madsonv
# re: Victory!

This post has been removed by the author.

11/17/2005 5:33:00 PM by madsonv
# re: Victory!

As far as I am concerned, this issue is done, and the only conclusion is to avoid buying any Sony products, and make sure you tell others to do the same.

Nothing else will work, as now we know Sony was never on the sights of the FBI for spreading virus/trojan and violating our PCs. The Congress will make a new law that MPAA/RIAA members cannot be sued even when they break your PCs, and will eliminate "fair use" as we know it.

We will hear about someone being jailed for 3 years just by spreading the same virus/trojan as Sony's before we hear about corporate executive being "disciplined".

One of my favourite sayings is "if a tree falls in a forest and nobody hears it, does it make a sound?". Well, let the Sony DRM stay on the music disc in the store, don't take it home.

The much, much bigger issue will be when Microsoft, and other OS, will implememt DRM as part of the OS, and Intel/AMD will implement DRM as part of the hardware, like we now have V-chip in TV, just that we will be jailed if we disable it :(.

11/17/2005 6:51:00 PM by Enough
# re: Victory!

madsonv wrote:

"... but there is a CNET article stating Sony have pulled the uninstaller..."

This is an ambiguity-based error on CNET's part.

Sony originally offered the uninstall program only through arduous jumping-thru-hoops on their website

(Y'know... Sony's "Our DRM pwnz your sorry thieving ass, you piss-poor excuse for customer!" worldview...)

which culminated in Sony requiring the abused user to download an ActiveX control into the users Internet Explorer browser. This ActiveX control would then actually download and run the uninstaller.

According to Mark the uninstaller itself worked fine... it's just that the ActiveX control was left behind on the Users system after the uninstall was complete... ready for anyone to use a webpage to download and execute any code they wanted on the victims computer.

Thus CNET's mixup.

The uninstaller currently available on the Sony websites should just be the executable without the CraptiveX nonsense.

11/17/2005 7:03:00 PM by zapkitty
# re: Victory!

Looks like Reuters have picked up on Matti Nikki's (Muzzi) findings:

http://today.reuters.com/news/newsarticle.aspx?type=technologyNews&storyid=2005-11-18T013502Z_01_MCC805647_RTRUKOC_0_US-SONYBMG-OPENSOURCE.xml

11/17/2005 8:56:00 PM by ruy_lopez
# re: Victory!

This post has been removed by the author.

11/17/2005 8:57:00 PM by ruy_lopez
# re: Victory!

Steve Gibson covers Sony in part with his weekly podcast again today.


Episode #14 | 17 Nov 2005 | 27 min.
Virtual Private Networks (VPN): Theory

Leo and I first follow-up on the past two episodes, discussing new developments in the continuing Sony Rootkit DRM drama, and clearing up some confusion over the crackability of WPA passphrases. Then, in this first of our two-part series on VPNs, we discuss the theory of VPN connections and tunnels, explaining how they work and why they represent such a terrific solution for anyone who needs security while they're away from home.

http://www.grc.com/securitynow.htm

11/17/2005 9:28:00 PM by geek27
# re: Victory!

Hey, guys, lay off Rocko!

ROCKO, if you're still tuned in, I get you. You are fighting hard to get where you want to be, and just when it looks like you can start relaxing and enjoying it, this unexpected two-ton elephant walks in and sits on your dreams. I get it, but I agree with the fact that you need to blame SONY for this one, not the techno-geeks.

You are well advised to take aim at the older generation with your store, as the younger generation doesn't buy as many CD's, but it ISN'T because of piracy or theft - it's because they only want 2 or 3 tracks on a given CD, and this they can get LEGALLY for $2 or $3 on-line - and not have to buy the whole $15 CD. So, for those with a store front, you're wise to appeal to people less likely to trust the on-line world.

But, Rocko, you really need to seek redress from SONY for destroying your Christmas spirit - They are the ones who have wronged you, not us.

TO THE REST OF US: We really need to understand Rocko if we are ever going to rid the world of the evils of DRM. Yelling at him and telling him off won't help anything. There is a certain reason to his response, and while it is not the programmatic logic that techno-geeks are inclined to use, it is the gut level reactionary emotional reasoning that we are up against in mainstream America, and which we MUST understand if we are going to learn how to move the masses into forcing the big companies away from DRM and useless, cumbersome, fair-use limiting protection schemes.

There are many reasons for these feelings and beliefs, such as the propaganda of the content providers, their main street news whores and the RIAA types; the sense that most people have that somewhere, somehow, someone is getting away with something; our tendancy to believe that most strangers are essentially dishonest people who would take advantage of us if they thought they could get away with it; our basic, non-specific paranoia and xenophobia - we're up against a lot of things! But since they are based on emotion, not logic, they cannot be combated by logic alone. We must give homage to the emotions. Brow beating someone for feeling the way they feel, will not change their feelings.

SONY as a corporation also has feelings on this, as do other big corporations. They feel like everytime there is a ripped platter, they've lost money. They feel like the reduction in CD sales can ONLY be explained by illegal copies and piracy. They feel like the only way to make up for the loss in sales is to charge more so they get more per sale, and then wonder why the sales drop even lower.

Let's shed some light on some truths we need to teach the big content providers and the world:

1) Heat makes fire. With the exception of REALLY great music (which will grab you the first time you hear it), It takes the average person 3 or 4 auditions of a song to really decide they like it, and want it. It doesn't matter if that audition is on the radio or TV, at a friend's house, in the record store, or off a burned CD. The more your music gets out there, in front of people, the more people will want it, and the more it will sell. One of the reasons most people are willing to settle for 2 or 3 songs off a CD is that they have never really heard the rest of the music on it, and it isn't worth the money to find out if they will like it.

SONY, are you listening? When "casual" pirates burn your music and pass it around, you are getting more fans, and you will get more sells, if not of the current CD, then of future ones.

Heat makes fire.

2-ANYTHING that encumbers the music listening and using (fair use) experience will turn people off from even participating in the process, costing everyone with a stake in it money. While these encumberments DO NOT justify seeking the P2P solution to "get it for free", that will be the end result. All honesty, if I were given a SONY/BMG audio disc for Christmas, I wouldn't open it, but would download the P2P content. Would I really be wrong to, since I had a legitimate right to the content of the disc?

3-Honest people understand that if you don't eventually pay for the music, the people making it go away. It won't matter how they first hear it, they will eventually support it financially. By the way, most people I know are honest.

Rocko, some people are not ready to pay for it, not from a lack of desire, but from a lack of ability (starving students, under-aged with no allowance, or whatever). I've seen it a hundred times: The music they ripped and burned from their friend's CD's became the music they bought when they did have money. Neither you nor SONY has lost any money on these guys. In fact, their desire for the music they have been using in their poverty has made your future sales of it possible.

4-The greater the challenge you lay, the greater the temptation to beat it: There are people who will rip copy protected discs NOT out of any desire to have the music or software on it, but just to show that they are stud enough to do it. The harder it is to do, the more copies they will spread around to show how good they are. The trickier you make your DRM, the more defeated it will become in the wild. You'll have wasted your money developing it in the end.

5-Want to make more sales? Lower your price. Ask GM if that works. They almost couldn't give their cars away, but some clever advertising and making customers feel like they were getting away with something (the employee discount), and they turned the market completely around. SONY may not be able to even give away their music discs right now, but I still think that if they lowered their price, they would end up making more money.

6-On-line content is cheaper to sell since there is no packaging or actual material used to produce it, but it will always sale best when it isn't tied in knots by intrusive DRM. Apple does do DRM right, but I'll bet you could double the price and sale straight MP3's at the same rate, since they would be easier to back up and use on restored systems, etc.

Now, if you know that the thing that makes a CD more expensive are of a tangible nature, be advised that it is in this arena that you have a chance to convince people to purchase the CD instesd of downloading the tracks. And no, I'm not talking about cheesy posters of the band as an incentive.

7-You would do better to spend the money you waste in DRM development on advertising to remind people that they have a duty to pay for the art they like. Make the ads clever, funny and appealing, but not propagandized, and they will work. Come on, the best demographic for music sales is also known for its politically correct principles and morality. Refusal to use fur and leather on moral grounds doesn't sound like they kind of people that would rip-off their favorite artist!

So, for us cynical techno-crats, we need to understand the irrational feelings driving the movement toward DRM if we are going to help change this around. We also must stop using DRM as an excuse to p2p without intent to buy.

Big companies need to understand that many of the direct assault approaches they are using will result in the opposite of what they seek to have happen. They are fostering more reasons and desires to rip and burn and download for free.

Oh, and Rocko - Any chance you've got some Jacqueline Francois CD's? Let me know - my old vinyl has had it!

11/17/2005 11:15:00 PM by Donosaur
# re: Victory!

Great job Mark.

Have you seen the article on Wired (http://www.wired.com/news/privacy/0,1848,69601,00.html) - as they say the real story was the initial neutered response from the security comapanies like McAfee & Symantec

11/17/2005 11:41:00 PM by Troy Phillips
# re: Victory!

Take a look at what they are writing on Santana's website:
http://www.santana.com/news/popup.asp?a=1&NewsID=624&More=

11/18/2005 12:26:00 AM by AsbjornM
# re: Victory!

I have been following this Rootkit –case ever since Mark broke the story out in his blog. Outstanding job Mark.

It is interesting to see how “the development” has been reported on the Internet on various blogs and message boards versus how the big media companies have told about it…. and when. It has been sort of a surprise to me how the media companies has softened down their critiques against Sony in the news compared to the comments of some anti-virus companies (like CA and F-secure) not to mention what you can find on the Internet. However I am not a great believer of conspiracy theories (like in the one that CNN failed to report on this case in the beginning because of the economical ties it has with Sony.) I believe all the major media companies have been cautious on commenting on this case sharply because all of them themselves own huge amounts of content and they have not all yet clearly made up their minds where they stand in their own copy-protection policies.

But even on the Internet the discussion of the Sony/BMG Rootkit case have for the most part concentrated on technical, ethical and legal matters. I find the business side of it very interesting too. Now Sony promises to withdraw their XCP product finally from the market. But what was interesting was for instance that the re-sellers like Amazon did not react to any of the comments about XCP made on their site. Maybe this can be explained by that big companies react to consumer complaints slowly. They are like big ocean liners and it can take for ages to steer the ship to new courses. But when the message gets through – then they head for new clearer directions. I am not sure if the message went through to Sony. They only did damage control – they did what was necessarily to minimize the damages. They still use a copy-protection system like MediaMax, which is another questionable protection method.

Personally I do not believe that any copy-protection scheme is directed towards piratism. I think its main purpose is to change the way the general consumer thinks of buying i.e. licensing music. The pirate industry will still be able to make as many pirated CDs they like. But for the general consumer in the past it has been quite legal and possible to make as many copies of the CD to her personal use as she likes. The copy-protection scheme targets this use and tries to change the price level of what (un)limited copying for personal use costs. So if the price of an unprotected CD is $15 and you need to make one copy for your portable-CD-player, one copy that you listen to in the car, one for the summer house, one copy for your Sony-HiMD player, one for iPod and one copy for your son cos he is probably gonna scratch the original – then all this makes with the old system still only $ 15 that you have to pay – but in the new “only 3 copies allowed system” it makes $ 30. And just think of how many times you have to make a copy to your computer in say 10 years time when you update your operating system or otherwise make changes to your configurations. It is all about money.

But what I find is the oddest is that RIAA or MPAA companies do not listen to the consumers and what they want. In the end consumer is always right. If your favourite artist’s record were available on the market as a copy-protected version and as a not-copy-protected version which one would you buy? The industry seems have forgotten the basic rules of demand and supply. Now the former Soviet Union did that mistake. Now I am not accusing the giant media conglomerates of communism, but I would advice them to listen to the consumer. It maybe that the major labels who almost entirely control the market – and have - if not monopoly – then an oligopoly of the market – may think that they can control the demand by controlling the supply – and plan putting out only copy-protected CDs, but they are wrong - the behaviour of consumer can not be controlled. The demand for unprotected disk are there and sooner or later if the companies themselves don’t realizes their drm-strategy is bad for the business – then the artist will see that and bail out – and move to smaller companies that protect their interests better. Consumer is always right. Consumer is always right. And everyone knows this. Even the artists. Even the big companies know this. They just have forgotten it.

Can’t help of thinking about the “may contain explicit lyrics” -sticker that was taken into use buy record industry few years back. Now wouldn’t it be interesting if some interest group would soon introduce some sort of sticker that the companies that don’t put software on their CDs could glue to their albums. You know like “FREE TRADE – FAIR USE – this cd doesn’t contain any copy-protection”. Heck I’d glue that to my CD if I were a content producer. Wait a minute. I am a content producer. That’s what I am gonna do. I know it is not much. But it is a start.

11/18/2005 1:53:00 AM by navybluebird
# re: Victory!

I think that the most important result to come out of this incident is not the removal of this rootkit.

What is more important is that a very clear message was sent to Sony and the rest of the industry: "You can not rely on the ignorance of the customer to push your shady schemes. There will always be someone competent enough to find out and the customers will not accept this kind of behaviour."

A couple more incidents like this and the coffin will be firmly nailed shut on this kind of customer abuse.

Well done!

11/18/2005 2:30:00 AM by Troberg
# re: Victory!

Sony-BMG's Velvet Revolver "Contraband" CD sold in the EU is copy-protected by Macrovision. It played fine in my home and car stereo's, but without popping up a EULA or media player, it has completely disabled the CD-RW in my Windows XP machine. A request for a fix from Sony-BMG met with a sidestep: send the original CD back to us and we'll post you an unprotected version in return. But no fix for my disabled CD-RW.

11/18/2005 2:31:00 AM by Greg
# re: Victory!

Actually we (and SonyBMG) should stop using the word CD. Or more importantly the CD logo on the actual packaging. The CD logo is bound to patent and standards. SonyBMG by introducing this piece of malware on the "Media Disk" is not adhering to patent and standards of the CD. The patents and standards are held by Phillips

http://www.licensing.philips.com/licensees/patent/cd/

True: they did develop this standard in cooperation with Sony.

Lets start calling these disks as "Media disks" rather than CD's.....

11/18/2005 4:01:00 AM by _Edwin_
# re: Victory!

So, as I read it, what Sony have done is:
a. damaged the equipment of LEGITIMATE Sony customers who have legitimately bought a Sony product (media disk) and opened the door to further and greater damage;
b. actually sold to their legitimate customers a product which they had no right to sell, since it contains open source software and therefore must be itself open source and as a result, FREE; (Inot to mention losing the right to calling it a CD);
c. encouraged millions of legitimate Sony customers to now download Sony music any way they can, since it's safer than buying a Sony media disk;
d. not prevented anybody from downloading music the way they normally do anyway;
e. pissed off governments and corporations (both public and private), as well as their own customers, their own artists (see Santana)and their own retailers (Amazon.).

All in less than a month. Phew.

11/18/2005 5:13:00 AM by Ozwitch
# re: Victory!

Well done, Navybluebird!

Just a thought: You say "Now wouldn’t it be interesting if some interest group would soon introduce some sort of sticker that the companies that don’t put software on their CDs could glue to their albums. You know like “FREE TRADE – FAIR USE – this cd doesn’t contain any copy-protection”."

Well, I was always taught that darkness is naught but an absence of light. Do you really want to define your product by an absence of malware?

Better, let's force a sticker on the malware copy protectors, something on the order of "this will definitly HORK your computer if you are lame enough to buy it". Then on your product, let's use a positive statement, something like "100% authentic Compact Disc Digital Audio designed to respect your fair use rights". What do you think?

11/18/2005 7:00:00 AM by Donosaur
# re: Victory!

BBC has another report today

"Amazon offer for Sony CD buyers

Sony BMG has released details of its CD swap offer
Amazon is offering refunds to customers who bought Sony BMG CDs that use the controversial XCP anti-copy system. "

Link to full article:
http://news.bbc.co.uk/1/hi/technology/4448788.stm

11/18/2005 9:02:00 AM by CindyRilla
# re: Victory!

I am proud to say that I support your efforts to bring a measure of fairness into this ongoing debate. To me this is becoming a lopsided fight, pitting the individual against the mega corporation. Unfortunately, with the Bush administration in power, the corporations will always get the benefit of the doubt, while the individual is viewed with suspicion and contempt. I do not really believe that an investigation by the FBI, or any other federal level investigative body, is coming. If there is an investigation, it will more than likely be a whitewash and a show trial, designed to quiet the public outcry, but not to actually change the way the corporate world works. All that I can do is continue to hold on to my beliefs, think independantly and spend the little money that I have, in a way that aligns with my beliefs (boycotting Sony is my first step). Keep up the good work. I really appreciate it and I look to you as an example of how to handle living in a world where people are all too willing to quietly follow the crowd.

11/18/2005 3:28:00 PM by vargusvictor
# re: Victory!

This post has been removed by the author.

11/18/2005 4:25:00 PM by andypurshottam
# re: Victory!

I have been a fan of you and the other "undocumented" DOS/Win?NT
people over the last 15 years. But had not suspected that this work would have public policy significance as has your exposure of unethical blackhat programming technicaues in CD DRM. In restrospect its not too suprising, as we have seen that other kinds of techincal professionals get involved in public policy.
I respect you for not be intimidated by anti-RE language in the MS and SONY EULAs into silence. Thanks very much for figuring out the rootkit and telling everyone about it. -Andy

11/18/2005 4:25:00 PM by andypurshottam
# re: Victory!

This post has been removed by the author.

11/18/2005 5:34:00 PM by srynas
# re: Victory!

Mark,

Do you still have a copy of the infamous "aries.sys" that was doing the cloaking for the XCP software?

I see you mentioned it failed NTCrash, and that makes me curious as to whether remnants of the rootkit could be exploited for privilege gain on a vulnerable system.

Now that the rootkit-infected CDs are being recalled, the risk of a security hole in the rootkit code itself (and not just a stealthing effect) would only further pressure Sony to step up efforts to get the uninstaller out there.

I'd like to have a look at this scumware to see if indeed that is possible.

Total victory on the recall front... congratulations on a fantastic piece of research.

11/18/2005 5:52:00 PM by Matthew Murphy
# re: Victory!

I guess Canada is not owned by Sony :).
Look at nice report, no BS, just to the point, starting from the headline.
When will the a**holes from CNN learn the skills of real reporting ...

http://www.cbc.ca/story/arts/national/2005/11/18/Arts/sonycd_051118.html

CDs that can damage computers sold in Canada
Last Updated Fri, 18 Nov 2005 19:52:00 EST
CBC Arts


About 120,000 Canadians may have bought Sony BMG CDs that can damage their computers.

Sony announced Friday that 120,000 of the CDs were sold in Canada, but did not say which artists' albums were affected.

The company is to announce an exchange program next week, according to John McKay, a Sony BMG spokesman.

McKay said the company will list for Canadians all the affected titles by Monday on its website, cp.sonybmg.com/xcp.

In the U.S., releases by Van Zant, The Bad Plus, Neil Diamond and Celine Dion were among those affected.

The problem stems from a software program Sony put on the CDs to prevent illegal copying. The XCP software was designed to let Sony know when songs on the discs were being copied.

But it also leaves behind spyware when customers play the music on their PCs. Spyware leaves PCs susceptible to hackers and viruses.

Consumers who tried to delete the programs manually ran into even more trouble, as the software can disable the computer's CD drive.

A patch created to address the issue also ended up worsening the security hole.

Consumers can identify if they have an affected CD by checking the packaging, according to Canadian Press. They should look on the back side for a box labelled "Compatible With." Discs with the XCP software will have the following URL at the bottom of that box: http://cp.sonybmg.com/xcp.

11/18/2005 9:44:00 PM by Enough
# re: Victory!

This post has been removed by the author.

11/19/2005 4:12:00 AM by Jim E.
# re: Victory!

I was amused to find there's now a Sony Rootkit T-shirt. Here's the sales pitch for it:

"We don’t know about you, but when we buy a music CD we consider it a friendly invitation for complete strangers to come in and make our computer their personal playground. Install hidden software that hijacks basic components of our system? Open us to attack from viruses and hackers? Sounds perfect!"

More Sony machinations:

Why do EMI, Sony BMG *cough*, et al want variable pricing at the iTMS? Joel Spolsky thinks he knows why:

http://www.joelonsoftware.com/items/2005/11/18.html

11/19/2005 4:13:00 AM by Damian
# re: Victory!

Are there any other copy protection schemes out there that may be causing similar problems? I have a Sony DualDisk (artist: Five For Fighting, The Battle For Everything (How apropo!)) that has a disclaimer on the back. It states that the audio portion of the disc does not conform to CD specifications and therefore the audio side may not work in all CD and DVD players....What a kick in the butt!! Aren't purchasers entitled to fair use rights? Why should I buy a CD that may not play in my player??? Am I missing the point of why I'm paying for a legitimate CD? I make compilations for my own use since there are few CDs out there worth listening to in their entirety. I did have problems ripping MP3s from this disc...It's the last Sony product I'll ever buy.

11/19/2005 4:17:00 AM by Jim E.
# re: Victory!

Meeeee-OWWW!!

http://img169.imageshack.us/img169/2540/hellokitty6na.jpg

11/19/2005 4:29:00 AM by Sharpy
# re: Victory!

To enough:
It's a well known fact that Microsoft service packs would, at times, make previously functioning (and competing software) break. Do you really know what else Microsoft is installing with a service pack? Have we ever gotten full disclosure from them? BTW, Vista was written to implement DRM big time...see why your nice new monitor may not work with your system unless it's High Definition Content Protection compliant....

11/19/2005 4:54:00 AM by Jim E.
# re: Victory!

Given what's transpired it's sorta kinda of grimly amusing to see some tech writers still whitewashing Sony's free ride or some such mangled metaphor...

http://seattletimes.nwsource.com/html/businesstechnology/2002633093_ptmrsh19.html

11/19/2005 7:48:00 AM by zapkitty
# re: Victory!

@ Jim E,
--------------------------------
BTW, Vista was written to implement DRM big time...see why your nice new monitor may not work with your system unless it's High Definition Content Protection compliant.
-------------------------------


How true. For the past 10 years or so, Microsoft is on the path to sell Windows of all sizes as media player for devices of all sizes.
Now combine that with hardware support for DRM, and corrupt Congress that will make it illegal to uninstall software or replace hardware, etc. I have no idea how they will make this into law, but I am sure they'll find a way. I "trust" Special Interest Groups in this matter :(.

Can legal regulations force open OS like Linux to implement common DRM? If so, can they also prohibit individuals from building their own Linux kernels at home without support for DRM?

The only way to deal with this, is boycotting,as financial failure sends very strong message. See the failed attempt of Divx, not the codec DivX;, but the video delivery system from 6-7 years ago where your special DVD player phones home to get permission to play special DVDs ...

11/19/2005 10:05:00 AM by Enough
# re: Victory!

This post has been removed by the author.

11/19/2005 12:28:00 PM by Stephen
# re: Victory!

US-CERT recommends the following ways to help prevent the installation of this type of rootkit:

* Do not run your system with administrative privileges. Without administrative privileges, the XCP DRM software will not install.
* Use caution when installing software. Do not install software from sources that you do not expect to contain software, such as an audio CD.
* Read the EULA (End User License Agreement) if you do decide to install software. This document can contain information about what the software may do.
* Disable automatically running CD-ROMs by editing the registry to change the Autorun value to 0 (zero) as described in Microsoft Article 155217.

http://www.us-cert.gov/current/current_activity.html

11/19/2005 2:13:00 PM by ruy_lopez
# re: Victory!

Sony has revamped the http://cp.sonybmg.com/xcp/ web site to include details of the following:

An overview of 'Actions to Date' on XCP Software
http://cp.sonybmg.com/xcp/index.html

Two slightly different formatted 'Customer letters'
http://cp.sonybmg.com/xcp/customerletter.html
http://cp.sonybmg.com/xcp/english/home.html

Voluntary 'Exchange Program' - Which is only valid if you have a US Postal Address
Bad luck for the 120,000 Canadians. I presume Amazon will contact any international customers.
http://www.upsrow.com/sonybmg/

A Full title list of affected 'Media Discs'
http://cp.sonybmg.com/xcp/english/titles.html

An Enhanced Contact US page including a Toll Free Telephone Number
We encourage you to use this site as a resource for your questions.
http://cp.sonybmg.com/xcp/english/contact.html

And an updated FAQ Page
http://cp.sonybmg.com/xcp/english/faq.html

Now if we could only get Sony to remove the titles from sale on their own 'Sony Music Online' website instead of just the album cover image. In the case of Neil Diamond title from here
This withdrawal program has been and is being widely communicated.
Maybe just not communicated very well within your own orginisation.


Barnes & Noble also still have it available here which came from a link on the 'Non-Flash' version of Neil Diamond's site.

The interesting part is that nowhere on the site is the word 'Recall' used. It is only a 'Consumers who wish to exchange' program. Sony would you advise the mainstream press that you have an exchange program for the affected titles.

Sony has been clever to avoid the 'Product Recall' wording from the information so that they would not need to make a media 'Press Release' regarding this issue. If they did make it a 'Product Recall' the mainstream media would need to be notified of such and a statement would need to be included similar to 'These 52 titles from the SonyBMG catalogue contain a security threat to personal computer users.'

This would give openness and transparency for all the 'Loyal Customers' of these great musicians who do not deserve such appalling treatment. So that the 'not so well' informed computer user would also know about this. And not to mention the people who are yet to even attempt to insert the 'Media Disc' into their computer. Not everyone reads weblogs Sony. The mainstream media have been alarmingly quiet on this subject thus far, they have no issue in publishing stories regarding other such 'Mass Malware and Security threats' that occur on a large scale on the internet or in the public.

Have you also notified all of your recording artists that this has affected so the publicists and representatives of these artists may also take appropriate action that they will need to do so they can inform there 'Loyal Fans'.

The security implications of this piece of negligent software need to be made public via traditional media. There are definitely far more unsuspecting users who have not inserted the 'Media Disc' into their 'Microsoft Windows Environment' which may include any computers that also run virtualised machines on top of Microsoft, Apple or Unix/Linux operating systems. As this software does have hardware issues that may affect the functionality of a computer owners CD-Rom device.

11/19/2005 2:48:00 PM by Stephen
# re: Victory!

Enough - reminded me about the proposed copy protection to be implemented on HDTV. Another nightmare. PCWorld wrote several good articles.

PCWorld wrote: "If you dropped a bundle on a high-end computer display or HDTV, you could be in for an unpleasant surprise when you slip your new high-definition DVD of Star Wars: Episode III into your Windows Vista PC. Vista, the next version of Windows that's slated to appear in about a year, will feature a new systemwide content protection scheme called PVP-OPM (see box below). If your monitor doesn't work with PVP-OPM, all you'll likely see is either a fuzzy rendition of your high-def flick or Hollywood's version of the Blue Screen of Death--a message warning you that the display has been 'revoked'."

http://www.pcworld.com/news/article/0,aid,122738,00.asp

http://www.pcworld.com/news/article/0,aid,122843,00.asp

http://www.pcworld.com/howto/article/0,aid,115057,00.asp

11/19/2005 10:19:00 PM by srynas
# re: Victory!

I appreciated the music of, but I never thought much of, the glyph, formerly known as Prince that is now known as Prince again. In his last tour, "Musicology", he included a "Musicology" CD as part of the ticket price. (At least that was the case in Northern California.) In hindsight, the purple dude is pretty forward thinking and other artists may wanna ponder that distribution strategy.

I am thankfully more technical than the casual user but staying one step ahead of virus producing vermin can be overwhelming. I can only imagine how Mr and Ms Joe Six-Pack are dealing with the smoke and mirror PR that Sony and their partners are dispensing.

I have some buddies, (and buddettes), that refuse to own PCs, cordless/cell phones or DVD players simply cause they don't trust technology companies. I always thought how silly they were. Who's guffawing now?

And a final thought to help you sleep better. Soon to be implemented MPEG-4 compression standards will make movies on phones and PDAs a reality! Isn't it soothing that Sony will have a major role in this as well??? Who better to know who you are calling or keeping appointments with? YIKES!!!!!!!!

11/20/2005 2:35:00 AM by JimOrs
# re: Victory!

NEWSWEEK Finally Weighs In

Column -- The Technologist: "Sony Gets Caught With Slipped Discs", by Steven Levy.

11/20/2005 6:33:00 AM by John M
# re: Victory!

Yahoo News
Copy Protection Still a Work in Progress

By BRIAN BERGSTEIN, AP Technology Writer Fri Nov 18, 9:27 PM ET

'The dangerous factor was a "rootkit," a feature cloaking the files on users' computers that reported back to Sony BMG about how music was played and transferred. Users who tried to remove XCP could find their CD drive crippled.

Sony BMG initially rejected the uproar against XCP as technobabble.'

http://news.yahoo.com/s/ap/20051119/ap_on_hi_te/music_copy_protection


Slashdot's comments on the above article:

http://yro.slashdot.org/yro/05/11/20/084233.shtml?tid=141&tid=187&tid=158

---
Groklaw:
What About Sony's Downloadable Music?
Saturday, November 19 2005 @ 07:03 PM EST

http://www.groklaw.net/article.php?story=20051119165036170


RIAA President on Sony's Rootkit: So What? Everybody Protects CDs
Sunday, November 20 2005 @ 11:31 AM EST

http://www.groklaw.net/article.php?story=2005112009311159

11/20/2005 11:07:00 AM by geek27
# re: Victory!

Yes, I'd seen the artcile that Groklaw references.

Cary Sherman is chillingly contemptuous of property rights, isn't he? As Stewart Baker, recently appointed by President Bush as the Department of Homeland Security's assistant secretary for policy, said in a clear warning to Sony "it's not your computer".

http://blogs.washingtonpost.com/securityfix/2005/11/the_bush_admini.html

But this arrogant and ignorant man still does not understand that.

He says:

"They have apologized for their mistake, ceased manufacture of CDs with that technology,and pulled CDs with that technology from store shelves. Seems very responsible to me. How many times that software applications created the same problem? Lots. I wonder whether they've taken as aggressive steps as SonyBMG has when those vulnerabilities were discovered, or did they just post a patch on the Internet?"

1. He avoids mentioning that they took a fortnight and a helluva lot of consumer pressure and a pretty stiff hint by Stewart Baker to apologize for what he is pleased to call their "mistake".

2. And so they darn well ought to have ceased selling CDs with rootkits on them. They shouldn't have been selling them in the first place. It's like a supermarket chain claiming credit for pulling contaminated food off shelves. Not "well done them" but "so I should think".

3. He then has the barefaced cheek to compare the malware to honest "software applications". This malware does not function merely at application level but at kernel level. It's got no business doing that.

4. As for Sony's "aggressive steps": the only aggression Sonmy has exhibited is aggression against the consumer.

What a revolting immoral man! Now we really know what the RIAA is about.

11/20/2005 11:33:00 AM by Damian
# re: Victory!

Revolting? I agree. Cary Sherman is just an RIAA wanker who speaks out with his careful words like everyone listening is a moron.

I'm glad this is 2005 and we have an honest online security and privacy 'blogosphere' to expose dangerous snake oil such as XCP.

Someone should have asked him who owns personal computers. Do they really think that they have the right to modify and corrupt the operating system? Do they feel it's just a privilege and not a right to play music on a personal computer or transfer it to an iPod? Why Sunncomm MediaMax is busy installing itself as a system service whether you accept the EULA or not?

11/20/2005 12:17:00 PM by geek27
# re: Victory!

So Sony VAIOs do come with Spyware preinstalled? More crazy stuff! What are the Sony execs thinking? We do not collect any information from this program. Nothing to see here. Move along..


'Mysteryware - TGCMD.EXE

TGCMD.EXE, sometimes considered spyware, was originally created by Tioga/Support.com.'

http://www.winpatrol.com/db/freesample/tgcmd.html



Can you see how Winpatrol avoids lawsuits? Answers on a postcard..

11/20/2005 1:03:00 PM by geek27
# re: Victory!

Some action :)

http://www.news-leader.com/apps/pbcs.dll/article?AID=/20051120/BUSINESS/511200341/1092

Firestorm builds over CD software

Digital rights management draws protest from consumers, some artists.

By Jefferson Graham
USA TODAY

New York University sophomores Inga Chernyak and Diana Rosenthal took part in a demonstration near campus the other day.

It had nothing to do with the Iraq war, a political election or any of the other hot-button issues students normally want to protest. Instead, the pair and about 20 other NYU students were out to rally consumers against what Chernyak calls a dark force that has invaded her tech life: digital rights management.

...
[snip]

11/20/2005 10:21:00 PM by Enough
# re: Victory!

It now seems that Sony may have violated copyright laws when it included the First4Internet's copy protection. Their music player was apparently a copy of the LAME player, which is an open source copyrighted software. See the link.
http://www.msnbc.msn.com/id/10101913/from/RSS/

I know that Sony will be calling the justice dept to promote the most vigorous enforcement possible. Their efforts to hide the stolen work, and any claims that they didn't know that it was copyrighted can be brought up from their cells.

Personally, having my CD drive removed from my use, tying up my system (I never leased them any resource time), and creating this virusware, should have Microsoft attacking them as vigorously as the other spammer, virus writers, and other companies that cause us all precious hours each week and make us buy costly virus and spyware programs that make us need more system resources. Just leave my computer alone.

11/21/2005 12:22:00 AM by Wasted-time
# re: Victory!

This post has been removed by the author.

11/21/2005 2:21:00 AM by Curious
# re: Victory!

With respect to this whole XCP-thing, I wonder how the Securom copy protection scheme relates to these issues. I bought Lego Star Wars for my son, and found that it silently installs a service called UAService7.exe on my W2K system. This is a service that runs continually, and no provisions are given to uninstall it either in the Add/Remove Programs section of the Control Panel or in the Start, Programs... menu.

The Properties dialog of the .EXE-file disclosed the following:
Comments: SecuROM User Access Service (V7)
Company Name: SONY DADC Austria AG

On http://www.securom.com/support_faq.asp it reads:

"How does SecuROM work?
SecuROM uses two components for copy control: 1) Software, in the form of strong encryption, and 2) hardware, in the form of a special signature applied to the disc during manufacturing. The protected executable of a CD-ROM title is tied to the signature on the CD by an authentication routine executed at program launch (this can be customized as described under item number 7 below). If the original CD is detected, the program launches properly. If an illegally copied disc is detected in the local CD drive, the program will not launch and the end -user will receive an error message. SecuROM technology suppresses CD-ROM to CD-R copying, DVD-ROM to DVD-R copying, Internet image distribution, and professional piracy."

and:

"What Macintosh operating systems are supported for end-users?
SecuROM supports Macintosh OS 8.6 to 9.x as well as OS 10.1 or higher

What Windows operating systems are supported for end-users?
The current SecuROM version supports Windows 98SE, Windows ME, Windows 2000, Windows XP. Please contact support@securom.com for support of Windows 95 and Windows NT."

and finally:

"Why does SecuROM install UAService7.exe?
This is a Windows Service which is a module of SecuROM. This module has been developed in order to enable users without Windows administrator rights to access all SecuROM v7 features.
Please be assured that this service is installed only for security and convenience purposes. UAServce7.exe does not connect to any server.
As it is a standard Windows Service, you can stop and delete this service like any other Windows Service in case you do not want to use the SecuROM protected application any longer."

I'm kind of worried about this "enable users without Windows administrator rights to access all SecuROM v7 features" thing. Could this be another rootkit 'feature' from our friends at SONY? I'd appreciate any clarifying comments on this.

11/21/2005 2:23:00 AM by Curious
# re: Victory!

Starforce protection uses hidden device drivers that mess with your IDE controllers and encryption that required admin rights to launch the game.

It appears this SecuROM v7 is taking the same approach but it sounds like UAService7.exe is a hack that allows limited user accounts to run the game after installation. I wonder if it could be used for privilege escalation to me.

I wonder what security vulnerabilities it introduces at the same time and what it consumes in terms of system resources.

Could you post the EULA?
It probably has a clause that it should not be installed on business computers..

How is the average user to keep their box stable with all this garbage playing cloak and dagger on their system?

11/21/2005 6:35:00 AM by geek27
# re: Victory!

If you really want to hit Sony in the pocketbook, don't boycott. Buy the CDs, open them, and return them because you don't accept the license agreement....

11/21/2005 8:03:00 AM by David Anderson
# re: Victory!

Sony
Source - The American Heritage Dictionary of the English Language, Fourth Edition

Incorrigble
Definition
adj
1. Incapable of being corrected or reformed: an incorrigible criminal.
2. Firmly rooted; ineradicable; incorrigible faults.
3 Difficult or impossible to control or manage; an incorrigible spoiled child.
noun
One that cannot be corrected or reformed.

******

Sony is on the front page of Google News with 266 Items here.

Is this the equivilant of being on the cover of Time Magizine?

Sony Talks to INQ about DRM
WE FINALLY GOT A CHANCE to talk to a Sony spokesperson about the DRM problem.
RIAA backs rootkits
Everyone does it, what is the problem?
I was sure I heard something from the Department of Homeland Security not taking the same view on this?

Piece of Tape Defeats Sony DRM
The user can simply apply a fingernail-sized piece of opaque tape to the outer edge of the disc, rendering session 2 - which contains the self-loading DRM software, unreadable.
Nice high tech security Sony

Yet Another Company With An Inability To Deal With Disruptive Technology
The irony is that Sony makes and sells the very same type of hardware technology that does the sort of copying it is trying to prevent. So is the company encouraging the duplication of everyone else’s content while attempting to prevent its own from being copied?

11/21/2005 8:59:00 AM by Stephen
# re: Victory!

Texas sueing Sony now!

http://www.kwtx.com/news/headlines/1996172.html

11/21/2005 11:52:00 AM by Adam Gates
# re: Victory!

This post has been removed by the author.

11/21/2005 1:17:00 PM by Adam Gates
# re: Victory!

And what about the new Playstation 3?

Sony will have complete control of the hardware and software.

MARK-> Could you even detect if they had hidden software on a PS3?

Sony has made it clear they will continue to use DRM. PS3 is a huge investment for them.

11/21/2005 1:19:00 PM by Adam Gates
# re: Victory!

@geek27:

Here's the EULA for Lego Star Wars (that silently also installs the UAService7.exe service as part of the SecuROM copy protection):

IMPORTANT NOTICE

LICENCE AGREEMENT AND LIMITED WARRANTY

IMPORTANT - Please read this Licence Agreement carefully.

This End-User Licence Agreement ("EULA") is a legal agreement between you and Eidos Interactive Limited ("Eidos" or "we") for the computer game software stated above, which includes computer software and associated media, materials and other documentation together with any updates to the original game software which is provided to you ("Software Product").
Copyright and other intellectual property laws and treaties protect this Software Product. The Software Product is licensed, not sold.

WE ARE ONLY PREPARED TO LICENCE YOU TO USE THE SOFTWARE PRODUCT ON THE TERMS OF THIS EULA. PLEASE READ THROUGH THE FOLLOWING LICENCE CONDITIONS. IF YOU AGREE TO BE BOUND BY THEM PLEASE CLICK [I ACCEPT] AT THE END OF THIS EULA AT WHICH POINT THE SOFTWARE PRODUCT WILL BE LOADED ONTO YOUR COMPUTER. IF YOU DO NOT AGREE TO BE BOUND BY THE TERMS OF THIS EULA CLICK [NOT ACCEPTED] AND THE SOFTWARE PRODUCT WILL NOT BE LOADED ONTO YOUR COMPUTER. .

1. Licence
You are permitted to:
(a) load the Software Product into and use it on a single computer which is under your custody and control and which meets the specifications referred to in the manual for your own private and domestic use;
(b) transfer the Software from one computer to another provided it is used on only one computer at any one time and any computer on which it is used is under your custody and control at the time of use;
(c) transfer the Software Product (complete with all documentation) and the benefit of this EULA to another person provided such person has agreed to accept the terms of this EULA and you contemporaneously transfer any permitted copies of the Software Product you may have made to that person or destroy all copies not transferred. If any transferee does not accept such terms then this EULA shall automatically terminate.
All rights not expressly granted hereunder are, to the extent permitted by law, reserved to Eidos and its licensors. Your rights of use under this EULA are strictly conditional upon your observance of the terms and conditions contained in this Agreement.

2. Restrictions
You are not permitted:
(a) to load the Software Product on to a network server for the purposes of distribution to
one or more other computer(s) on that network or to effect such distribution;
(b) except as expressly permitted by this EULA and save and to the extent in the circumstances expressly permitted by applicable law, to rent, lease, sub-licence, loan, exploit for profit or gain, copy, modify, adapt, merge, translate, reverse engineer, decompile, disassemble or create derivative works based on the whole or any part of the Software Product or use, reproduce or deal in the Software Product or any part thereof in any way.

3. Termination
Without prejudice to any other rights, Eidos may terminate this EULA immediately without notice if you fail to comply with the terms and conditions of this EULA. In the event of termination, you must destroy all copies of the Software Product and all of its component parts including any Software Product stored on the hard disk of any computer. All provisions of this EULA relating to disclaimers of warranties, limitations of liability, remedies, or damages, and Eidos’ proprietary rights shall survive termination.

4. Ownership
You only own the media on which the Software Product is recorded. Eidos and/or its licensors shall at all times retain ownership of the Software Product as recorded on the media and all subsequent copies regardless of form.

5. Exclusions

5.1 NO WARRANTIES ARE MADE WITH RESPECT TO SOFTWARE PROGRAMS THEMSELVES WHICH ARE PROVIDED "AS IS" AND WITHOUT WARRANTY OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EIDOS AND ITS LICENSORS DISCLAIMS ALL OTHER
REPRESENTATIONS, WARRANTIES, CONDITIONS OR OTHER TERMS, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO IMPLIED WARRANTIES AND/OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY, NON-INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS AND FITNESS FOR A PARTICULAR PURPOSE, WITH REGARD TO THE SOFTWARE PRODUCT AND EACH AND EVERY PART THEREOF. WITHOUT PREJUDICE TO THE GENERALITY OF THE FOREGOING, EIDOS DOES NOT WARRANT THAT THE SOFTWARE PRODUCT IS ERROR-FREE OR THAT IT WILL OPERATE WITHOUT INTERRUPTION, NOR THAT IT WILL REPAIR ANY ERRORS IN THE SOFTWARE PRODUCT.

5.2 IN ADDITION, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:
(A) IN NO EVENT SHALL EIDOS OR ITS LICENSORS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, BUT NOT LIMITED TO, DIRECT, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR PERSONAL INJURY, LOSS OF PROFITS, BUSINESS INTERRUPTION, LOSS OF INFORMATION, OR ANY PECUNIARY LOSS) ARISING OUT
OF THE USE OF OR INABILITY TO USE THIS SOFTWARE PRODUCT, EVEN IF EIDOS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
(B) IN ANY CASE, THE MAXIMUM AGGREGATE LIABILITY OF EIDOS AND ITS LICENSORS UNDER OR IN RELATION TO THIS EULA OR THE USE OR ATTEMPTED USE OF THIS SOFTWARE PRODUCT SHALL BE LIMITED TO THE AMOUNT ACTUALLY PAID BY YOU FOR THE SOFTWARE PRODUCT.

5.3 Nothing in this EULA shall limit or exclude Eidos' liability to you in negligence for death or personal injury, to the extent such exclusion or limitation is unlawful, unenforceable or void under any applicable law..

5.4 Some jurisdictions do not permit the warranty disclaimers or limitations on liability set forth in this paragraph 5. Nothing in this paragraph 5 shall affect your statutory rights which may vary from state/jurisdiction to state/jurisdiction.

6. Governing Law

6.1 Subject to paragraph 6.2 below, this EULA and any claim or dispute of whatever nature arising out of or relating to this EULA shall be governed by, and construed in accordance with, the laws of England and Wales, unless and to the extent that the laws relating to transactions with consumers in a particular jurisdiction require this EULA to be governed by and construed in accordance with the laws of such jurisdiction in order to be binding and enforceable, in which event the local laws of such jurisdiction shall apply, to the extent so required.

6.2 If you acquired this Software Product in the United States of America this EULA and any claim or dispute of whatever nature arising out of or relating to this EULA shall be governed by, and construed in accordance with, the laws of the State of California, USA.

6.3 The United Nations Convention on Contracts for the International Sale of Goods shall not apply to this EULA.

7. Miscellaneous

7.1 If you acquired this Software Product in the United States of America, you will not export or re-export it except as authorized and permitted by the laws and regulations of the United States of America.
7.2 This EULA constitutes the entire agreement between Eidos and you with respect to the license and use of the Software Product and supersedes all prior or contemporaneous understandings. No amendment or modification of this EULA will be binding unless made in writing and signed by a duly authorized representative of Eidos.

[End EULA]

As far as I can make out of this, there's no mentioning of the installation of any copy protection scheme, let alone installing a permanent service granting restricted rights users administrator rights.

11/21/2005 3:45:00 PM by Curious
# re: Victory!

Curious said:

"As far as I can make out of this, there's no mentioning of the installation of any copy protection scheme [...]"

Lego Star Wars, being software itself, means that any included DRM will, unlike with an Audio CD, be covered by the software license for the game. It's a difficult one to try and get around: you can hardly say I didn't know the software I was installing was going to install software on my machine.

Music presents itself as a special case given that there are audio standards and no additional software requirements to listen to the music.

I know there is much hunger to increase the scope of the Sony/XCP issue to include any and all DRM schemes. However, the Sony case was a unique one given the cloaking, and the insecurity of the uninstaller. Had it not been for the security concerns I doubt Sony would have climbed-down the way they did.

11/21/2005 4:38:00 PM by ruy_lopez
# re: Victory!

Electronic Frontier Foundation to File Lawsuit
http://www.eff.org/IP/DRM/Sony-BMG/#docs

Also see Washington Post:
http://blogs.washingtonpost.com/securityfix/2005/11/texas_attorney_.html

11/21/2005 4:41:00 PM by srynas
# re: Victory!

Lego Star Wars, being software itself, means that any included DRM will, unlike with an Audio CD, be covered by the software license for the game. It's a difficult one to try and get around: you can hardly say I didn't know the software I was installing was going to install software on my machine.

Even there, I would argue that--absent an explicit statement otherwise--the implication would be that the software to be installed would only be operative when the user was deliberately running it, and that the software could be removed at any time if the user disliked it for any reason.

Although some software uninstall routines are pretty lousy, there are very few legitimate programs that deliberately make uninstallation difficult (sometimes because of technical necessity). I know of no such programs (that I would consider legitimate) that do not explicitly inform the user, prior to installation, that uninstallation is not possible.

Sony delinda est.

11/21/2005 5:23:00 PM by supercat
# re: Victory!

Great piece On DRM's from the BBC

snip.

ustice Ian Binnie of the Supreme Court of Canada raised this concern in a copyright case several years ago when he noted that "once an authorised copy of a work is sold to a member of the public, it is generally for the purchaser, not the author, to determine what happens to it".

snip

http://news.bbc.co.uk/2/hi/technology/4456970.stm

11/21/2005 6:16:00 PM by Sharpy
# re: Victory!

Curious wrote earlier:

"This module has been developed in order to enable users without Windows administrator rights to access all SecuROM v7 features."

"As it is a standard Windows Service, you can stop and delete this service like any other Windows Service in case you do not want to use the SecuROM protected application any longer."

I don't want to say to anyone with the SecuROM installed: go ahead an remove it; in case their CD drive vanishes a'la XCP.

The quotes do seem to suggest that removing the software manually shouldn't necessarily cause undue damage. The first part regaring Administrative rights is a little ambiguous. Do they mean the software runs in user mode and therefore doesn't interfere with any low-level drivers? I'm afraid until someone removes the software from their machine, we'll have no way of knowing for sure.

I agree with supercat that software like this shouldn't run indefinitely, hogging cpu cycles. And not including an uninstaller routine is rather unsportsmanlike.

However, to reiterate what I said before, until a security flaw is found, the fact that the program runs indefintely, or doesn't include an uninstaller, would probably be covered by section 52(a) of the EULA:

IN NO EVENT SHALL EIDOS OR ITS LICENSORS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, BUT NOT LIMITED TO, DIRECT, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR PERSONAL INJURY, LOSS OF PROFITS, BUSINESS INTERRUPTION, LOSS OF INFORMATION, OR ANY PECUNIARY LOSS) ARISING OUT
OF THE USE OF OR INABILITY TO USE THIS SOFTWARE PRODUCT, EVEN IF EIDOS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

If someone wants to mail me the .exe I'll gladly install/remove it and let you know what happens. However, I'm not sure even this is permitted by the EULA!

11/21/2005 6:35:00 PM by ruy_lopez
# re: Victory!

This post has been removed by the author.

11/21/2005 6:45:00 PM by geek27
# re: Victory!

[rant]

What do we have to do? Run PC games in a virtual machine sandbox? They shouldn't be making modifications to the operating system and adjusting security settings. When the OS gets modified- who takes the blame for opening up the inevitable vulnerabilities?

Windows was not designed to put up with hacking from any number of sleazy sources. PC games, music cds, oem preinstalled software, ISP bundles should not be spying on you or installing system services..

Everything wants to "pwnz" your box and run in the systray so XP hides the inactive ones by default. Average users for years have thought their PC is getting old and slowing down.

msconfig > startup > disable all > reboot

OMFG - It's like a new computer!

Copy protection is like the end justifying the means while causing millions of users to perform the twice yearly or worse format, reinstall.

[/rant]

11/21/2005 6:51:00 PM by geek27
# re: Victory!

Mark,

Have you looked at the latest CD by The Rolling Stones? It appears to have the same copy/content protection logo on the CD as the Sony CD's.

I have not done a rootkit analysis on this yet.

The Stones use EMI-Virgin Music as their label.

11/21/2005 9:10:00 PM by StonesFan
# re: Victory!

Hi Geek27,

May be you should tried on of Mark's magnificent creation - Autoruns

Much better than Msconfig.

Thanks. Mark.

11/22/2005 4:29:00 AM by InfoSeeker101
# re: Victory!

StonesFan: Note that only the European (and probably Asian) edition of "Bigger bang" was protected. That's why I paid twice as much to have it shipped from the US instead...

11/22/2005 4:55:00 AM by Rune
# re: Victory!

http://www.pcpro.co.uk/news/80457/us-rights-body-and-state-of-texas-file-against-sony-bmg.html

11/22/2005 6:24:00 AM by sl4ck
# re: Victory!

Geek27 said:

"PC games, music cds, oem preinstalled software, ISP bundles should not be spying on you or installing system services.."

Unfortunately, much of the inflated stock prices during the dot-com boom was predicated on the projected sale of advertising space. Marketing gurus were foaming at the mouth at the prospect of demographic tracking on a global scale. Spyware always was an implicit component part of the furoar surrounding the commercialisation of the Internet.

I can't number the amount of times I've agreed to EULA's with blithe indifference to what exactly I was agreeing to. We've all been there: you see a EULA and go "ya ya ya" and hit the accept button.

Its incredible really, when you realise that practically all of the statutes protecting our privacy, indemnity etc. can all be negated with the consent of the end-user. All you have to do is neglect to read the EULA!

11/22/2005 8:13:00 AM by ruy_lopez
# re: Victory!

May find this of interest... On Monday Nov 21, Mr. Kevin Clement, the Senior Director of New Technology at SonyBMG was appointed Chief Executive and CEO of MediaMax SunnComm, the other controversial DRM software Sony is using. No such thing as accountability in this industry.

See: http://biz.yahoo.com/iw/051121/0101954.html

11/22/2005 8:50:00 AM by el cpu
# re: Victory!

The penny drops...

I was seriously struggling to understand how (and why) a company such as Sony would risk alienating its omn consumers with such unwelcome software (especially at a time when analysis is starting to show that P2P and casual piracy are unrelated to falling music sales). Then I read the following from Ed Foster:

http://weblog.infoworld.com/foster/2005/11/22.html

and it finally began to make sense. We have been duped. DRM is (it now seems) just a smokescreen behind which the real villain of the piece can be introduced. Good old-fashione adware- envisage a glorious future where every piece of music that we listen to will phone home so that its publisher can provide us with a never-ending stream of personalised advertising that, thanks to the the stated aims of DRM cannot legally be turned off. Once this model is established, the piracy that is touted as the driving concern behind the implementation of the malware in the first place will probably be unofficially encouraged as it will increase advertising exposure.
By way of comparison, you do not pay to watch TV programmes, but instead you suffer endless hours of advertising by way of payment.
The goal is not to control the content, but the advertising opportunities attached to it...

11/22/2005 9:55:00 AM by Ben
# re: Victory!

The penny drops...

I was seriously struggling to understand how (and why) a company such as Sony would risk alienating its omn consumers with such unwelcome software (especially at a time when analysis is starting to show that P2P and casual piracy are unrelated to falling music sales). Then I read the following from Ed Foster:

http://weblog.infoworld.com/foster/2005/11/22.html

and it finally began to make sense. We have been duped. DRM is (it now seems) just a smokescreen behind which the real villain of the piece can be introduced. Good old-fashione adware- envisage a glorious future where every piece of music that we listen to will phone home so that its publisher can provide us with a never-ending stream of personalised advertising that, thanks to the the stated aims of DRM cannot legally be turned off. Once this model is established, the piracy that is touted as the driving concern behind the implementation of the malware in the first place will probably be unofficially encouraged as it will increase advertising exposure.
By way of comparison, you do not pay to watch TV programmes, but instead you suffer endless hours of advertising by way of payment.
The goal is not to control the content, but the advertising opportunities attached to it...

11/22/2005 9:55:00 AM by Ben
# re: Victory!

This blog is awesome!
Good post...

http://netWallpapers.com
http://tradealoan.com

11/22/2005 1:10:00 PM by Netpowersoft
# re: Victory!

I have tried to keep up with what is going on with the Sony DRM situation at: http://sonyrootkit.blogspot.com/

This includes the recent suits by the Texas AG and the EFF.

I have seen the Texas AG complaint, and plan on commenting on it from a legal point of view later today. But I haven't seen the EFF complaint. Anyone with a copy, please let me know (it wasn't up at the EFF yet).

11/22/2005 1:11:00 PM by Bruce Hayden
# re: Victory!

This blog is awesome!


http://netWallpapers.com
http://tradealoan.com

11/22/2005 1:11:00 PM by Netpowersoft
# re: Victory!

Good post...

http://netWallpapers.com
http://tradealoan.com

11/22/2005 1:12:00 PM by Netpowersoft
# re: Victory!

This blog is awesome!
Good post...

http://netWallpapers.com
http://tradealoan.com

11/22/2005 1:13:00 PM by Netpowersoft
# re: Victory!

Bruce:

EFF complaint:

http://www.eff.org/IP/DRM/Sony-BMG/sony_complaint.pdf

11/22/2005 1:59:00 PM by Damian
# re: Victory!

Thanks. The EFF complaint wasn't what I expected. The Texas AG complaint attempted to overcome the Sony EULA through fraud. The EFF complaint didn't bother. Rather, it was primarily based on CA consumer protection and computer intrusion statutes, and used the EULAs as evidence of wrongdoing.

11/22/2005 9:16:00 PM by Bruce Hayden
# re: Victory!

National Security Threat posed by SONYs rootkit:

http://stripes.com/article.asp?article=33184

Also, it looks like Sony SecurROM FAQ site has removed the FAQ #7 where they admit the service will allow normal users to bypass the Administrator rights. BAD!

Here is the original google cache link of the page:

http://72.14.207.104/search?q=cache:yArz3yeMNRIJ:www.securom.com/support_faq.asp+Why+does+SecuROM%E2%84%A2+install+UAService7.exe&hl=en

And here is the NEW page:

http://www.securom.com/support_faq.asp

Notice anything missing on the NEW one???


This is getting deeper and deeper. It is also now affecting Financial Institutions. How would you like your Banks systems to be rootkitted?

Sony is in it up to their necks.

11/23/2005 12:09:00 AM by NoMoDRM
# re: Victory!

I now think you can categorize this as a national security threat.

http://www.estripes.com/article.asp?section=104&article=33184

"What a tangled web we weave....."

May they swing slowly in the wind.

11/23/2005 1:16:00 AM by JimOrs
# re: Victory!

Sorry nomodrm, didnt mean to be redundant.....

11/23/2005 1:19:00 AM by JimOrs
# re: Victory!

Nothing new here, but this is a nice set of "questions" arising from the saga and is a good way of showing just how many ramifications there are :

http://www.securityfocus.com/columnists/370

This writer thinks we're not out of the woods yet:

http://www.theregister.co.uk/2005/11/22/analysis/

11/23/2005 4:34:00 AM by Damian
# re: Victory!

As one comment on Groklaw points out, s.104(k) of the EFF complaint might not be such a fine idea. Specifically, the complaint labels as unconscionable:

[Sony's] disclaimer of all warranties, including implied warranties of merchantability, satisfactory quality, noninfringement, and fitness for any particular purpose.

If this is upheld by law it would be entirely at the discretion of the courts which software would be liable when, say, a buffer overflow was found. Take your pick from the Bugtraq mailing lists, for every vulnerability that you receive into your inbox there could potentially be indemnification against the software developers.

Though not arguing against liability, Bill Thomson posited an unwelcome scenario, regarding this issue, in his BBC Blog:

"One argument against product liability for software is that it would destroy the industry by placing unacceptable costs on developers, and that it would wipe out the open source movement in its current form since there is no way an organisation like the Mozilla Foundation could distribute Firefox for free under those terms."

http://news.bbc.co.uk/1/hi/technology/4294388.stm

Much of the debate on Groklaw centers on the differences between GPL or open source software and proprietary software. My concern is that if the courts decide against Sony on this point of law, in the future if an end-user loses enough valuable data, subsequent courts might not care whether the software was distributed under the GPL or not.

11/23/2005 5:55:00 AM by ruy_lopez
# re: Victory!

"My concern is that if the courts decide against Sony on this point of law, in the future if an end-user loses enough valuable data, subsequent courts might not care whether the software was distributed under the GPL or not."

That's actually a very odd statement of yours, since it implies that if someone is criminally negligent the courts *should* care what licence he chose.

But the wider point that potential liability could make software development a minefield and close down someone like Mozilla is a good one.

11/23/2005 6:17:00 AM by Damian
# re: Victory!

That's actually a very odd statement of yours, since it implies that if someone is criminally negligent the courts *should* care what licence he chose.

GPL and open source software is distributed free of charge; without a paid for product there is no contract, only a license.

On the other hand when you buy proprietary software there are numerous statutes in place that enforce the contractual side of the exchange, notwithstanding the license.

Besides there's a big difference between criminal negligence and failing to ensure that software is of a satisfactory quality, or that it is fit for any particular purpose.

11/23/2005 7:28:00 AM by ruy_lopez
# re: Victory!

@ruy lopez

"GPL and open source software is distributed free of charge ..."

That is quite incorrect. Open source software is software whose source code known: it is not necessarily free of charge.

"... without a paid for product there is no contract, only a license."

Which, even if be true under US law, is a wholly objectionable retreat into legalism. If I encourage someone to use a product, I have responsibility towards him and I should understand that. Whether I charge him directly, or whether my business is based on Google payments (as with Mozilla), or whether it costs nothing - or, heck, whether I pay him to get him to use it - is morally irrelevant.

"Besides there's a big difference between criminal negligence and failing to ensure that software is of a satisfactory quality, or that it is fit for any particular purpose"

Where did I say there was not?

11/23/2005 9:57:00 AM by Damian
# re: Victory!

So why should anyone be concerned about s.104(k) of the EFF class action complaint?

S.104. states, Sony BMG has inserted several unconscionable provisions [in the] EULA [...]

One of these provisions is:

S.104(k). A disclaimer of all warranties, including implied warranties of merchantability, satisfactory quality, noninfringement, and fitness for any particular purpose.

Let's deal with unconscionable first:

Unconscionability is a term used in contract law to describe a defense against the enforcement of a contract based on the presence of terms unfair to one party. Typically, such a contract is held to be unenforceable because the consideration offered is lacking or is so obviously inadequate that to enforce the contract would be unfair to the party seeking to escape the contract. (http://en.wikipedia.org/wiki/Unconscionability)

Now lets look at the disclaimer of all warranties:

An implied warranty can be expressly disclaimed in a contract to purchase by the inclusion of the words, "as is" or "with all faults". Such language must appear distinctly in the contract, however, in a different kind of print or font that makes it stand out. [...] However, such a term can be found to be unconscionable. (http://en.wikipedia.org/wiki/Implied_warranty_of_merchantability)

Notice the emphasis on the words contract. Here's where it gets mirky. The Gnu Public License (GPL), it appears both is, and is not, a contract:

The GPL was designed as a license, rather than a contract. In some Common Law jurisdictions, the legal distinction between a license and a contract is an important one: contracts are enforceable by contract law, whereas the GPL, as a license, is enforced under the terms of copyright law. However, this distinction is not useful in the many jurisdictions where there are no differences between contracts and licences, such as Civil Law systems. (http://en.wikipedia.org/wiki/GNU_General_Public_License)

For the most part the GPL is a license, it is a waiver of the copyright by the owner of the intellectual property subject to certain conditions. However, at the end of the "license" is a disclaimer of all warranties:

NO WARRANTY

11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. (http://www.gnu.org/copyleft/gpl.html).

As to whether this disclaimer amounts to a contract in itself really hinges upon whether the inclusion of such a disclaimer of all warranties is, or is not, unconscionable. Ironically, if the disclaimer is unconscionable then it is not a contract and is not legally binding. On the other hand, if it isn't unconscionable, then it is a contract.

In the context of the EFF class action complaint, which clearly seeks to find an identical disclaimer unconscionable, and thereby find Sony BMG open to liability for damages, it's plain that should such an action find relief on this specific point of law, then there is nothing to stop others seeking, and possibly, being awarded damages for losses incurred as a result of vulnerable GPL software.

The past judgements of the courts on this matter isn't encouraging.

The enforceability of an EULA depends on several factors, one of them being the court that the case is heard in. Most courts that have addressed the validity of the shrinkwrap license have found them to be invalid, characterizing them as contracts of adhesion, unconscionable, and/or unacceptable pursuant to the U.C.C. Step-Saver (939 F.2d 91)—see, for instance, Vault Corp. v. Quaid Software Ltd. (at harvard.edu) and Rich, Mass Market Software and the Shrinkwrap License (23 Colo. Law 1321.17). (http://en.wikipedia.org/wiki/Software_license)

Everyone wants to see Sony BMG hurt badly over the XCP DRM fandango, but at what cost? And it doesn't end with GPL software. Just a cursory look through your hard drive will reveal disclaimers. What happens if someone hits Berkeley Interned Name Domain or Apache or Postfix for damages are we all prepared to start paying more for our ISP's?

There is enough meat on the bone even without s.104(k) in the EFF class action to squewer Sony BMG without ending up with us all roasting in the barbecue.

11/23/2005 10:08:00 AM by ruy_lopez
# re: Victory!

Sony have released the 34 Titles that wre shipped to Canada on the 120,000 CD's.
http://cp.sonybmg.com/xcp/canada/
****************
Celine Dion - On Ne Change Pas
Note: Over 95% of this title has the UPC 828767262420 and does not contain XCP software. It is not part of this exchange program.
****************
Jon Randall - Walking Among The Living
Note: This CD packaging does not contain the XCP Compatible With box.
****************
Life Of Agony - Broken Valley
Note: This CD packaging does not contain the XCP Compatible With box.
****************
Buddy Jewell - Times Like These
Note: This CD packaging does not contain the XCP Compatible With box.
****************
Note: Two titles, Ricky Martin’s "Life" and Neil Diamond’s “12 Songs”, were released with the Compatible With box on the back of the CD packaging but the discs inside do not contain XCP software
****************

It would appear that from the above statements in Canada they have shipped XCP on products that do not contain any information whatsoever regarding these titles. To bad if the consumer is wanting to 'Update' the software they have no IDEA how to do this.

It lists the same three titles on the US title page but makes no mention of this for those titles.

11/23/2005 8:29:00 PM by Stephen
# re: Victory!

Sony thinks we are all criminals and as soon as they can copyright the air you breath . . . .

Every breath you take
Every move you make
Every bond you break
Every step you take
Sony will make you pay and pay.

Oh can't you see
You belong to them?

Every single day
Every lyric you say
Every game you play
Every jam that’s made
Big Brother is watching you.

How they are wronged when you copy your tunes to your PC
Every step you take.
Every file you make
Every smile you fake
Every claim you stake
Sony will be suing you.

Since you've gone Sony is lost without a trace.
They dream at night of screwing you, I can see it in their face.
They look around – There’s a twelve year old! Sue them in your place.
They’ll get that monopolistic Microsoft involved , they know how to kill a marketplace
They keep crying baby, baby please.................. let me control . . .

Every breath you take
Every rip you make
Every step you take
Every copy for your sake
They say they own that too.

11/25/2005 4:15:00 PM by Natasha2
# re: Victory!

I bought Neil Diamond's 12 Songs as a DigiPak, was given a gift of 12 Songs and returned both because of XCP. Still wanted album, though, so I bought it at iTunes. From there, its easy to create a CD for archiving. Problem avoided, and it was cheaper, too. Sony didn't solve anything with their DRM and instead shot themselves in both feet and their artists in pocket book.

11/26/2005 10:56:00 AM by Richard
# re: Victory!

the zapkitty wrote:

"Given what's transpired it's sorta kinda of grimly amusing to see some tech writers still whitewashing Sony's free ride or some such mangled metaphor...

http://seattletimes.nwsource.com/html/businesstechnology/2002633093_ptmrsh19.html"

And the Seattle Times whitewash continues:

"Of course we don't blame the artists... we blame the customers!"

http://seattletimes.nwsource.com/html/businesstechnology/2002647290_ptmrsh26.html

I'd nominate this idiot as Official Poster Boy For Unclear On The Concept-... if Mr. RIAA "What's a rootkit?" hadn't already claimed the prize.

11/28/2005 2:02:00 PM by zapkitty
# re: Victory!

Spitzer Gets on Sony BMG's Case
New York's Attorney General has turned his attention to Sony BMG's copyright-protection fiasco


http://www.businessweek.com/technology/content/nov2005/tc20051128_573560.htm

11/29/2005 2:30:00 PM by mishka
# re: Victory!

Sales of Sony 'rootkit' CDs Continue

In spite of a warning from the U.S. Department of Homeland Security Computer Emergency Readiness Team (www.us-cert.gov), some national retailers continue to sell music CDs containing the Sony 'rootkit' software. . According to the DHS Computer Emergency Readiness Team (www.us-cert.gov), "This (rootkit) technique can pose a security threat, as malware can take advantage of the ability to hide files. We are aware of malware that is currently using this technique to hide."

Since Thanksgiving day I visited four national retailers of CDs in my vicinity. All of them had 'rootkit' CDs available for sale. Employees at KMart, Walmart, and Circuit City were unaware of any corporate policy concerning the recall of these CDs.

An employee at FYE stated that there was a voluntary recall, meaning that the customer had to initiate the return.

Considering that several lawsuits are being filed against Sony BMG, it seems surprising that these retailers would expose themselves to bad publicity and possible lawsuits.

.

11/29/2005 9:00:00 PM by Tover van Ooteldonk
# re: Victory!

Dont buy Sony. They has utter contempt for their customers..

11/30/2005 12:13:00 PM by Chris
# re: Victory!

I have been foloowing this issue for quite a while. I have also been reading Mark's stuff for a longggg time and have benefited from some of the great solutions he has provided over the years. But this issue is the first where Mark has been mentioned in Rolling Stone magazine! I have read Rolling Stone for over 20 years and love it. It is my get away from technology and always keeps me up to date. To see Mark's name in Rolling Stone is simply surreal. Way to go with this one Mark this kind of junk software is just completely unacceptable.

11/30/2005 2:45:00 PM by Kevin
# re: Victory!

ruy_lopez

Actually, you distinction there between a license and a contract is incorrect. A license is, by its very nature, a contract. And thus, contract law applies to licenses.

The way it works (at least here in the U.S. - I see you are from the UK) is that 17 USC 106 provides a number of exclusive rights of a copyright owner, including the right of reproduction (i.e. the right to make or authorize the making of "copies" or "phonorecords"). The "authorizing to make" is via a license, implicit or, in this case, explicit. Absent a license, there is no authorization, and thus, there is infringement.

But if you violate the license (or breach the contract), then those acts are not covered by the authorization in the license, and the reproduction, public sale, etc., are infringing.

So, to some extent, we get to the same place. However, legally, there is a big distinction here. Under U.S. law, copyright law is federal law (17 USC), whereas contract (and thus license) law is state law.

Interestingly though, litigation under the copyright law is exclusively federal. You can't sue for copyright infringement in state court. And, thus, since the base claim is that of copyright infringement, that is where suits would have to be filed - though the federal courts would have to look to the appropriate state law for interpreting the license. Contrast this with suing for, example, royalties under a copyright license, where you can typically sue in state court.

So, to some extent, you are right, and to some extent, your answer was simplistic.

12/5/2005 1:19:00 AM by Bruce Hayden
# re: Victory!

Maybe I need to further expand on my previous post.

If suit were brought against Sony for violating the license, it actually be for infringing the copyright. Then, it would be up to Sony to try to impose the subject license as a defense to the infringement claim. But, as with all defenses, it is up to the defendant to assert them.

This has a couple of legal ramifications. Notably, the burden of going forward is with the plaintiff in proving both the existance of a copyright (trivial these days), ownership thereof, and an act that would constitute infringement under 17 USC 106. Then, the burden would be on the defendant to prove his defenses, including that of license.

In other word, the plaintiff has to prove infringement of a valid copyright by a preponderance of the evidence. Then, the defendant has to prove the existance, validity, and applicability of a license by a preponderance of the evidence. The plaintiff's copyright claim would be tried under federal law, and the defendant's license defense would be tried under state law.

12/5/2005 1:27:00 AM by Bruce Hayden
# re: Victory!

grate solution for this problem,
sonys such a grate companny.

kabbala
AVNEI HA'CHOSHEN STORE

12/11/2005 1:41:00 AM by kabbala
# re: Victory!

THANK YOU, Mark! The world needs more Einsteins like you to bat for people who are far less brilliant than you! Put the greedy record companies in their place, please!

1/13/2006 2:06:00 PM by Anonymous
# re: Victory!

KAVICHS is not a virus
it is from kaspersky antivirus.

Kaspersky antivirus checks files
for viruses, and marks files
with :KAVICHS

FIRST TIME I RUN ROOTKITREVEALER 1.7
IT FOUNDS SO MUCH KAVICHS, THAT I CAN NOT FIND THE REALLY DANGEROUS OBJECTS IN SCAN.

SO PLEASE EXCLUDE KAVICHS FROM SCANNING, OR THE PROGRAM IS NOT USEFULL FOR KASPERSKY USERS.

2/3/2006 3:47:00 PM by Anonymous
# re: Victory!

Interesting read, I'm always looking forward to news on spyware. Another site I found with good information regarding this topic is: http://www.anti-spyware-101.com

8/1/2006 3:31:00 PM by Anonymous