Pink Poogle Toy Forum

The official community of Pink Poogle Toy
Main Site
NeoDex
It is currently Sat Nov 30, 2024 12:05 am

All times are UTC




Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 9 posts ] 
Author Message
 Post subject: Sony Messing up PCs
PostPosted: Fri Nov 11, 2005 1:26 am 
PPT Trainee
PPT Trainee
User avatar

Posts: 597
Joined: Sat Oct 16, 2004 9:38 am
Location: Yakima, WA, USA
http://www.nbr.co.nz/home/column_articl ... Technology

Quote:
Sony plants secret controls on PCs
Francis Till: Buy Sony, become the enemy
After being caught out by a researcher, Sony has admitted to planting a secret, invisible digital rights management tool on PCs when they play Sony CDs, a bit of malware that can't be removed without damaging host computers.

The code prevents the music from being loaded into iTunes and limits copying, according to Good Morning Silicon Valley.

Discovered by Sysinternal's Mark Russinovich, the code comes in the form of a "rootkit," something Mr Russinovich describes as cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software," noting "they are usually employed by malware attempting to keep their implementation hidden."

He found the Sony bug while testing the latest version of RootkitRevealer.

The folks at Rootkit.com say Sony licensed the malware (XCP® copy protection) from a UK-based firm called First 4 Internet.

Not many apparently noticed at the time, but vnunet.com story hosted on the First 4 Internet website, dated 5 May 2005, advises that the company was then "working with Sony to develop next-generation copyright protection technology that allows CDs to be copied a specific number of times before locking them down."

It says that at that point, Sony had shipped nearly two million CDs using the code, but only on discs released in the US and only for "a limited number of artists" -- although the company said it was working on releases aimed at other countries.

The CD on which Mr Russinovich discovered the rootkit was apparently purchased through Amazon, a near-universal shipper.

Sony has not said how many CDs it has infected with the rootkit or what artists are involved.

While other companies make clear that disks are protected in various ways by digital protection systems, Sony apparently provided no warnings that playing an infected CD would plant code on the user's computer, that the code was designed to escape detection and that attempts to remove it could seriously damage a user's computer.

In another story hosted on the website, this one from Softpedia and dated later in May, the company says that it is in collaboration with Sony BMG to introduce code that will limit the number of copies that can be made of any CD and render those copies incabable of being themselves copied.

This story makes the claim that personal use copying of CDs is the heart and soul of international piracy.

The story says that, as at 31 May, about a million disks had been implanted and that the company was working with distributors other than Sony. It also notes that an earlier DRM "solution" provided by MediaMax had been defeated.

In August, the company featured in another story, this one from BusinessWire, claiming that American indie labels under Universal Music Group control were using the tool.

And this Reuters article, which ran on CNet in June, says the technology is in use by not only Sony and UMG, but Warner Music Group and EMI.

Apparently, privacy issues never came into prominence during this ramp up period, but they have exploded into very contentious view since the nature of the DRM tactic was revealed by Mr Russinovich.

Especially since the software, once planted, vigorously resists uninstall.

As Mr Russinovich noted:


Not happy having underhanded and sloppily written software on my system I looked for a way to uninstall it. However, I didn’t find any reference to it in the Control Panel’s Add or Remove Programs list, nor did I find any uninstall utility or directions on the CD or on First 4 Internet’s site. I checked the EULA and saw no mention of the fact that I was agreeing to have software put on my system that I couldn't uninstall.


He found out quickly that a manual uninstall wiped out access to his CD player.

Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files.

Sony has refused to stop using the malware -- but it appears that Sony is far from alone in using it, so that decision may be based at least in part on commercial disadvantage.

But security experts have noted that the masking technigue could be piggybacked by malware developers with far more sinister agendas than DRM -- and so Sony, and First 4 Internet, say they are developing a patch, to be distributed by anti-virus systems, that will uncloak, but not remove, the code.

The patch will also be hosted for direct download on Sony BMG's website.

According to a Computerworld interview, Sony believes not only that it has done nothing wrong, but that it gives adequate notice of the software through the accompanying end user license agreement (EULA), which specifies that playing the CD on a computer will install software that will remain in residence until removed.

Sony spokesman John McKay told Computerworld: “I think the EULA’s pretty clear about what it is. The reason why consumers have really high acceptance levels of these content-protected disks is because they have the functionality that people want.”

In the meantime, Sony must contend with the adverse publicity that stems from having declared its customers the enemy -- and users who object to having the code running on their computers are advised to follow the step-by-step instructions provided by Mr Russinovich, until an enterprising engineer automates the process.

3-Nov-2005


http://www.boycottriaa.com/article/18660

Quote:
This leaves Sony in a real tangle
Posted by Billy Lawrence on November 10, 2005 at 3:00 PM (printer friendly)

Under a subject line containing the words "Photo approval," a hacker has mass-mailed the so-called Stinx-E Trojan virus to British e-mail addresses, said British anti-virus firm Sophos.

When recipients click on an attachment, they install malware, which may tear down the firewall and gives hackers access to a PC.

The malware hides by using software that is also hidden — software which is installed on Windows-based PCs when consumers play Sony BMG's copy-protected music CDs.

"This leaves Sony in a real tangle. It was already getting bad press about its copy-protection software, and this new hack exploit will make it even worse," said Sophos's Graham Cluley.

Sony BMG's spokesman, John McKay in New York, was not immediately available to comment.

Sony BMG, a joint venture between Tokyo-based Sony Corp. (SNE) and Gutersloh, Germany-based Bertelsmann AG, is distributing the copy-protection software on a range of recent music CDs by artists such as Celine Dion and Sarah McLachlan.

When the CD is played on a Windows personal computer, the software first installs itself and then limits the usage rights of a consumer. It only allows playback with Sony software.

The software sparked a class-action lawsuit against Sony BMG in California last week, claiming that Sony BMG had not informed consumers that it installs software directly into the "root" of their computer systems with rootkit software, which cloaks all associated files and is dangerous to remove.

Sophos said it would have a tool to disable the software later on Thursday.

The Sony BMG copy-protection software does not install itself on Macintosh computers or ordinary CD and DVD players.


http://reviews.cnet.com/4531-10921_7-63 ... netfd.blog

Quote:
Lawyers in Italy have filed a lawsuit against Sony over its root-kit-installation shenanigans, and some San Francisco lawyers are working on their own versions, citing California antispyware laws. Meanwhile, if you try to uninstall Sony's sneaky DRM software, you may need a lawyer--for violating the DMCA. Awesome.


Not sure of the source for this one:

Quote:
There appears to be more fallout coming in regarding Sony Music's recent copy-protection system. According to the Washington Post, a class-action lawsuit has been filed in California alledging that the copy-protection software falls under the scope of the Consumer Legal Remedies Act and violates the Consumer Protection Against Spyware Act.

Mark Russinovich, who uncovered the original "rootkit," also demonstrated that even the new version software contacts Sony music with identifiable information as well as causing crashes and potential data loss.

Some others have claimed that the software also prevents the "ripping" of even non-copy protected CDs.

One Sony executive attributed all the complaints to ignorance, saying:

Quote:
Most people, I think, don't even know what a rootkit is, so why should they care about it? The software is designed to protect our CDs from unauthorized copying, ripping.


Security experts have responded that the software creates a new vunerability that could be easily exploited by malicious individuals. That argument was given some credence today when a new "trojan" was discovered that takes advantage of the software.

The EFF, an digital rights organization, compiled a list of "rootkit" copy-protected albums. Among those are recent releases from The Dead 60s and Acceptance's Phantoms.

The protection placed on the CDs is in reponse to RIAA claims of $4.2 billion in losses per year attributed to file sharing.


Just a heads up to you all. There might be other articles, but I'm not sure where. You are free to post extras if you like.


Image
Saiyajins, Sandcastles, and Wingless Eyries... oh my!


Top
 Profile  
 
 Post subject:
PostPosted: Fri Nov 11, 2005 1:31 am 
PPT Warrior
PPT Warrior
User avatar

Posts: 765
Joined: Thu Jun 17, 2004 1:28 pm
Location: Among the crayons on my desk..
I heard of this before (besides right now in PPT chat :P ) in Wired Magazine I believe.

They said something about making it so that CDs cannot be ripped more than 3 times, in an attempt to limit piracy. (It also loses it's iD3 tag) The flaw with that is that once you rip the the CD, you can use the mp3s to burn new CDs.

I am sorta mad at the malware thing. I'll go nuts if that stuff hurt my laptop.


Image
. Set by Medusa ♥


Top
 Profile  
 
 Post subject:
PostPosted: Fri Nov 11, 2005 10:30 am 
PPT Student
PPT Student
User avatar

Posts: 449
Joined: Wed Jun 02, 2004 6:49 pm
Location: Germany
Well now because of this I am not getting a Sony Laptop as my Gradutation Gift, It's ether I get an Alienware or maybe Dell...


Image


Top
 Profile  
 
 Post subject:
PostPosted: Sat Nov 12, 2005 2:36 am 
PPT Warrior
PPT Warrior
User avatar

Posts: 758
Joined: Sun Jun 13, 2004 12:51 pm
Location: Farther Away
I have a Compaq... and if you can't download songs anymore, then where will I get all my music? :o -begins saving up money-


Image


Top
 Profile  
 
 Post subject:
PostPosted: Sat Nov 12, 2005 3:22 am 
Honorary Member
Honorary Member
User avatar

Posts: 3805
Joined: Mon May 31, 2004 4:03 am
Location: Waterloo, Canada
EMI and Sony BMG are the only two distributors which include copy protection. EMI's is safe (tried and true with my Coldplay CD; just click "no" when it asks to install a program- it also doesn't allow more than three copies either, unless you rip directly to your computer first as mp3 files using a special program) ; Sony BMG's is not- well, specific CDs using XCP technology.

As far as I know, ripping mp3's from CDs that are copy protected is perfectly legal.

I just bought a CD from the Go! Team today; they're under Columbia/Sony BMG but thankfully not copy protection (I was totally freaking out in the store and looked closely for the copy protection sign, it wasn't there). I'd assume it affects CDs of late...this page has a list, perhaps check before buying any Sony BMG CDs.


Image Image


Top
 Profile  
 
 Post subject:
PostPosted: Sat Nov 12, 2005 8:27 am 
Honorary Member
Honorary Member
User avatar

Posts: 6288
Joined: Fri Jun 04, 2004 5:47 pm
Yoshi wrote:
I just bought a CD from the Go! Team today; they're under Columbia/Sony BMG but thankfully not copy protection (I was totally freaking out in the store and looked closely for the copy protection sign, it wasn't there). I'd assume it affects CDs of late...this page has a list, perhaps check before buying any Sony BMG CDs.


You're alright ripping off The Go!Team.

But the real reason I'm posting is to commend you on your choice of disc.


Image
Image


Top
 Profile  
 
 Post subject:
PostPosted: Sat Nov 12, 2005 4:17 pm 
Honorary Member
Honorary Member
User avatar

Posts: 8027
Joined: Mon May 31, 2004 5:00 am
Location: Thornhill, Ontario
Gender: Male
Yoshi wrote:
I just bought a CD from the Go! Team today; they're under Columbia/Sony BMG but thankfully not copy protection (I was totally freaking out in the store and looked closely for the copy protection sign, it wasn't there). I'd assume it affects CDs of late...this page has a list, perhaps check before buying any Sony BMG CDs.


Not Natasha Bedingfield! I want the CD a lot; I'm sure they'll be a copy without that label correct?


Image
Set by Medli


Top
 Profile  
 
 Post subject:
PostPosted: Sat Nov 12, 2005 6:47 pm 
Honorary Member
Honorary Member
User avatar

Posts: 3805
Joined: Mon May 31, 2004 4:03 am
Location: Waterloo, Canada
Ammer wrote:
Not Natasha Bedingfield! I want the CD a lot; I'm sure they'll be a copy without that label correct?

Well...it'll still work fine and all on your computer if you disable autorun (the linked page has some instructions on that, I think) then rip the files onto your computer using a program. If you really want a "clean" version of that CD though, either wait until Sony BMG comes out with a new version (they just promised to stop producing XCP CDs), or go import a copy from the UK. *shrug*

Igg wrote:
You're alright ripping off The Go!Team.

But the real reason I'm posting is to commend you on your choice of disc.

Am I glad I took this CD too (I overindulged yesterday and bought two, this was my second consideration), it's awesome. :)


Image Image


Last edited by Yoshi on Sat Nov 12, 2005 8:05 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: Sat Nov 12, 2005 7:32 pm 
Way Beyond Godly
Way Beyond Godly
User avatar

Posts: 8491
Joined: Mon May 31, 2004 6:44 am
Location: New Zealand Weapon: HaaH Sword Species: Human Alignment: Chaotic Neutral
Sony has already had a press release on the 11th stating it will stop making the computer screwing CDs.

However it refuses to say which CDs already have it.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 9 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 23 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group