|
Blogs, Customers & Sony's Rootkit |
|
Saturday, November 12 2005 @ 04:19 AM EST
|
So Sony has decided to stop planting rootkits on its customers' computers. For the time being. That's a start. . . . Might that be because they are being sued? You think? They don't promise never to do it again: "As a precautionary measure, Sony BMG is temporarily suspending the manufacture of CDs containing XCP technology," it said in a statement. . . . "We also intend to re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use," Sony BMG added. . . .
Sony BMG said it stands by content protection technology "as an important tool to protect our intellectual property rights and those of our artists." Ah, corporateese. Where do they find people willing to express themselves like that? And where do you go to learn how to do it? Words crafted to hide your true meaning. They thought we'd never notice or even know what a rootkit is, I gather. Sony's president of Global Digital Business, Thomas Hesse, said that "most people, I think, don't even know what a rootkit is, so why should they care about it?" But one blogger did notice and he told the rest of us, and we do care. You see, Sony and the entire Entertainment Industry Gang have been calling their customers pirates and criminals and making pious declarations about their IP rights for so long that those same customers are not inclined to cut Sony any breaks when they do something allegedly criminal which violates their customers' rights. [UPDATE: There is now an allegation of possible copyright violation, in that LGPL code may have been used in the rootkit, without Sony abiding by the terms of that license. ]
Huh? Customers have rights too? You can fairly smell that question in the Sony air. They so don't get it. "Ease of customer use" isn't the problem, guys. The problem is ethics. The lack thereof, not to put too fine a point on it. If you wish to sell us rootkits, you need to spell it out honestly. Sony, under pressure, now provides uninstall directions, but states that if you follow them, you can no longer play the CD you bought. Oh. Say. Do you at least get your money back? But let's not get sidetracked into thinking this is only about Sony. Sony is just a symptom. The problem is old-think companies totally wigged out by what technology suddenly lets people do, companies unwilling to morph their business model to take advantage of opportunities the new tech presents. Instead, they snuff it out the second it raises its head above the surface of the ground. They are clinging to their old ways with white knuckles. Not even iTunes' success penetrates their noggins. They just can't get it that most people will pay for music, as long as they can get it in the form factor they want and can share at least on a small scale with friends and family and as long as the terms and price are half-way fair. We'd settle for that, but what we'd really like is if you'd get into the 21st century, let technology bloom, and figure out how to make money from P2P. Could you get on that? But no. They prefer to criminalize normal human behavior -- wasn't it your Mommy who taught you to share? -- and prevent any use of the new technology if it conflicts with their old business model. We all have to stay frozen in the '90s, so they can continue to make money in the manner to which they are accustomed. They intuit that customers are getting the shaft, so they have suspicious ideas about their customers and plan all their business strategies to outwit the worst person on the planet. As a Christian Science Monitor headline succinctly put it, "Sony aims at pirates - and hits users
". But you see, they think we are all pirates. Sony is absolutely not unique in that attitude, nor is the problem only in the music industry. Apple has just applied for a patent for "tamper resistant code" -- the very title is wildly offensive -- and if you put that thought together with Sony's system for what they call "sterile burning," well, you have seen the future these paranoid loons would like to arrange for us. The real problem is corporations that have lost touch with their customers. They seem to have no concept of user rights, no understanding that messing with a customer's computer is wrong. If they want to damage our computers and hobble our CDs, it's in a righteous cause, in their lopsided thinking. Remember Orrin Hatch suggesting destroying computers owned by copyright infringers? Well, Sony preemptively did it, in their subtle way, but to everyone. They are wigged out, I'm telling you. And like all wigged out people, they are stuck in their own version of "reality", thinking emotionally, and only of themselves. But the ironic part is this: this DRM won't stop infringement. All it does is annoy customers that wouldn't infringe in the first place. It won't in any way interfere with determined infringers, as the Christian Science Monitor article points out: As it turns out, the way the antipiracy software is designed makes it easy to defeat. Just hold down the "shift" key when you insert a CD to play it.
"The reality is that this isn't going to stop any kind of so-called piracy," says [EFF's Jason] Schultz. "All this technology does is inhibit you from making the same kind of personal, fair-use music you've always made. The real pirates are going to easily circumvent this technology. The bootleggers won't even blink."
Now, the mainstream media didn't discover and tell us about this rootkit. It was a solitary blogger. Just go to Google and search News for "Sony DRM rootkit" and then choose to view the results by date, and you'll see what I mean. Of course, everyone is all over this story now. But had we relied just on the mainstream media, we might never have found out about the rootkit. It was a blogger who first noticed the rootkit. His site doesn't even show up on the Google results list, intriguingly enough, except that everyone refers to it. Presumably he'll be showing up now. BoingBoing gave the story legs when Cory Doctorow wrote about it, and then Slashdot and Charlie Demerjian at The Inquirer. But it was one man who blogged about his experience that got the ball rolling. And he changed the world. Those pesky bloggers. There are now 20 million bloggers. Why can't they mind their own business? I'll tell you why. Because we buy those trapdoor CDs, if our consciousness is not sufficiently raised, as they used to say, and so we are Sony's customers. Well. Not me personally. I gave up on the music industry some time ago. I'll buy from them again when they figure out that they are cutting off their nose to spite their face. I don't like to be treated like a criminal when I'm not one. Call me quirky. Customers of Sony have a stake in what Sony does. And they blog. It's that simple. Now do you understand why people read blogs instead of just the mainstream media? If we relied on them, no one would have told us about the rootkit. At least, no one did. So we rely on each other. Dana Blankenhorn captures the issue: The assumption is a lack of ethics by all. Sony is treating all its customers like criminals, and acting in a criminal manner in response. . . . It's one thing for large institutions to be on guard against consumers or employees, to take precautions against theft. It's quite another for them to take the law into their own hands, or to take on the characters of a police state in response, to assume by their actions that everyone is a thief. Can you imagine what Sony would say if they caught an individual doing exactly, exactly, what they did? They'd be citing computer abuse laws like scripture. "Off with their heads," would be their song. I know. Sony'd say that they did it to their *own* property, so it's different than if a hacker did it. Um. No. Our computers are *our* property. So are the CDs after we buy them. Get it? Ever hear of fair use? That is part of the law too, you know. Or did you forget that part? I have an idea: let's all abide by the law. So several class action lawsuits are in the works. The first, to my knowledge, is the one in California [PDF]. A patent lawyer started collecting all the details on his blog and now he has set up a dedicated blog just for Sony and the DRM story. A company is in real trouble when a lawyer sets up a website dedicated to its misbehavior. Solutions began to appear to help victims detect the rootkit and remove it. Sony finally did the same, grudgingly offering a "service pack": "This component is not malicious and does not compromise security. However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers.'" I have news for Sony. Any time the computer owner loses control of his or her computer, their security has been compromised. Sony's clumsy damage control only made the situation worse. Then the class action lawyers showed up in force, leaving comments on blogs, looking for Sony victims willing to sign on. EFF put up a list of affected CDs and are interested in hearing about members who were victims of the rootkit, for a possible class action lawsuit. In addition to the California class action litigation, other firms are investigating a possible consumer class action against Sony Music Entertainment Corp. for selling CDs encoded with the XCP2, without disclosing XCP2's nature or effects on its users' computers. The firms are trying to locate people who 1) bought a compact disc released after March 2005 and 2) played or attempted to play it on a Windows computer. In Italy, ALCEI (Association for Freedom in Electronic Interactive Communications -- the Italian equivalent of EFF) filed a complaint on November 4th with the
Commander in Chief of the Fraud Contrast Group of the Financial Police
in Italy (Guarda di Finanza), which they describe in a press release: On November 4th 2005 ALCEI asked the Financial Police to identify the
authors of the software, and those who made the willful decision of
distributing it in a hidden form, and also to detect if other
organizations commited similar abuses.
This is the preliminary phase of an action which means to penally
prosecute anybody who, in Sony BMG Entertainement, has committed such
illegal acts in Italy, those who helped in committing such crimes – and
anybody else who performed similar actions. No wonder companies are beside themselves, wondering what to do about blogs. It's such a drag for them that there aren't clueless customers anywhere any more. Presumably, Sony would like to be able to plant rootkits on our computers and get away with it. Corporations prefer clueless customers, I guess, but the Internet is wiping out cluelessness. Now, what's a corporate entity to do in the face of bloggers everywhere, telling the world all about every stupid, greedy, or even malicious thing the company does? Let's agree that retaliatory dirty tricks might tend to get you indicted and should be avoided. The bright light of the Internet makes that hazardous to your reputation anyway, and that's your problem to begin with. Instead, you might like to read
a chapter of a book called International Corporate Governance, available online, and there is one chapter [PDF] called "New technology issues for corporate governance: internet message boards," by Jonathan Carson and James Felton. It's chapter 13. It talks about how companies can handle online chatter, without breaking the law or adopting dirty tricks, specifically chatter on Yahoo! message boards, with specific examples of success and failure in handling criticism of a company. What I learned from the book is that companies need to engage with their customers, including bloggers. And I also learned that posters on Enron's Yahoo! message board blew the whistle on Enron two years before the famous memo from Sherron Watson to Ken Lay showed up in the mainstream media. The HealthSouth story surfaced there first too. Two years is a long time. Here's just one segment from the chapter: Enron investors were left in the dark by Enron's executives and middle-managers, their
law firm Vinson & Elkins, and their auditor Arthur Andersen. Also implicated were the sell-
side analysts at JP Morgan Chase, Salomon Brothers, Credit Suisse First Boston, Boston
USA, Bank of America, Merrill Lynch and Lehman Brothers who may have had access to
inside information (before Regulation Fair Disclosure took effect in October 2000).
Individuals in all of these key roles failed to blow the whistle. However, the one place that investors could have received indications about the mounting crisis was Enron's Yahoo!
stock board. Posters to that forum, some of them company insiders, began warning of Enron's
financial dealings at least two years before Ms Watkins' famous memo.
In June 1999 'Bearene' wrote:
Do not confuse the multitude of Enron 'entities' as companies in the sense that each is an actual
business. Many (or most) are utilized to 1) segregate discrete lines of businesses; 2) for manage-
ment reporting purposes; 3) tax planning vehicles. I am sure this is not very different than any other
large corporation. Enron's core businesses can still be counted on one (or two) hands.
While this post did not provide investors with a 'smoking gun' detailing Enron's usage of
special-purpose entities to hide debt, it at least gave investors a topic for further research. In March 2000 'arthur86plz' gave a more specific warning: 'Dig deep behind the Enron
financials and you'll see a growing mountain of off-balance sheet debt which will eventually swallow this company. There's a reason they layer so many subsidiaries and affiliates.
Be careful.'
In April 2001, four months before Sherron Watkins' internal memo, when Enron was still
selling in the high US$50s, 'Enron is a scam' wrote:
It will soon be revealed that Enron is nothing more than a house of cards that will implode before
anyone realizes what happened. Enron has been cooking the books with smoke and mirrors. The
Enron executives have been operating an elaborate con scheme that has fooled even the most
sophisticated analysts. When the truth is uncovered, those analysts and ENE investors will feel like
a raped school girl. The first sign of trouble will be an earnings shortfall followed by more warn-
ings. Criminal charges will be brought against ENE executives for their misdeeds. Class action
lawsuits will complete the demise of ENE. Get out now while you can.
I found the epilogue interesting because it mentions HealthSouth's then-CEO Richard Scrushy's attempt to sue a Yahoo! poster back in 1999, and how it backfired when she demanded that HealthSouth turn over its financial records she claimed would validate her comments on Yahoo!, truth being a defense to defamation allegations. HealthSouth's legal troubles first were publicly talked about on Yahoo!
Other allegations of financial fraud at HealthSouth poured forth in 2003, and amongst
these came the real silver bullet. A cover story in The Wall Street Journal broke the news of
a former HealthSouth junior-level accountant and his attempts at blowing the whistle on the
company. When complaints to his ex-supervisors and to HealthSouth's auditor Ernst & Young
led nowhere, Michael Vines took his information to Yahoo!'s HealthSouth board in February
2003: "What I know about the accounting at HRC will be the blow that will bring HRC to its
knees", he wrote: "if discovered by the right people [this] will bring change to the accounting
department at HRC if not the entire company".
The following month, the Securities and
Exchange Commission filed a civil lawsuit claiming that HealthSouth had overstated earn-
ings by US$1.4 billion since 1999. HealthSouth's stock crashed by 90 per cent. In April 2003,
HealthSouth fired Scrushy and began searching for a new auditor. Here's a 1999 Wall St. Journal article on Mr. Scrushy's legal efforts to shut his critics up, covering it most favorably. Bruce Fischman was Mr. Scrushy's attorney. The funny thing is, not only were all the watchdogs completely silent about HealthSouth, so was the mainstream media, according to this Forbes article from 2003, after the scandal broke:
For nearly all of Scrushy's tenure, press reports about the company were almost universally positive. In 1995, for instance, in the wake of one in a series of HealthSouth merger offers, Bloomberg News reported that then-U.S. House Speaker Newt Gingrich (R-Ga.) wanted Scrushy in Congress, and Alabama businessmen wanted him to run for governor. It quoted William Harnish, president of Forstmann Leff Associates, a money management firm with a large holding in Healthsouth, who said, "There may not be another person who has come so far and accomplished so much in corporate America." . . .
A rare, and odd, exception to the universal cheers came in 1999 when HealthSouth and Scrushy sued a rare critic for libel. Those critics were anonymous posters on Yahoo! Finance bulletin boards.
Scrushy was painted as the victim of irresponsible rumors. "Here I am, the CEO of a multibillion-dollar company, and I'm having to answer about what some weirdo has said on a message board," Scrushy lamented to The Wall Street Journal.
But at the time, Scrushy rarely had to answer to anyone else. It may have been that Scrushy went to such lengths to track down the Internet chatters because he feared any investigation by more legitimate-sounding sources would expose that their charges contained some truth, as one former HealthSouth employee, Kimberly Landry, said at the time. Mr. Scrushy was ultimately found not guilty, after blaming the accounting fraud on the CFO. [UPDATE 2: Mr. Scrushy was indicted in October 2005 on racketeering charges and again on Dec. 12, 2005, charging him with paying off the Alabama Governor for a seat on the state health regulatory board and for wielding improper influence over the board. UPDATE 3: June 28, 2007 - Mr. Scrushy was sentenced to serve nearly 7 years in prison, was fined $150,000 and ordered to pay restitution of $267,000 to be paid to United Way of Central Alabama.] The jurors believed he was not personally involved: "This shows that when you go after a CEO, they can put forth the best possible presumption of innocence, and there are times that defense will work," said Joshua Newberg, an associate professor of law and business ethics at the Robert H. Smith School of Business at the University of Maryland. "You don't get to be a CEO without understanding the ability to charm.". . .
HealthSouth jurors seemed more willing to accept that there was reasonable doubt about Scrushy's involvement. Newsweek's article, "The Alpha Bloggers", lists some other stories that bloggers broke before the traditional media. What we have here is a new and unmediated link in the information food chain. . . . All you need to start your own Weblog is the software—which is low-cost, or free, and very easy to use—and something to say. Out of the inchoate chatter of the Web, the sharpest voices simply emerge. . . .
people, by a combination of writing skills, unyielding curiosity, canny instinct and lots of sweat equity, rise up from total obscurity to join the big dogs in the community. . . . Most are isolated, and there are about 100,000 that have 20 or more "inbound" links (that means that a blogger has identified an item on someone else's Weblog and set up a one-click pathway for a reader to move directly to that item on the other author's site). But about 10,000 people have more than 100 inbounds. Now we're getting into the realm of the alphas. On a good day, the article said, alphas would have 20,000 visitors. Not to boast, but Groklaw has that many visitors for each article, and we have more than 3,500 sites linking to us. So I guess Groklaw is Uber Alpha.
: )
My point is just this: a lot of people read blogs. Millions of people. Why? Because they trust the folks whose blogs they choose to read. And millions of people like to write blogs too. Corporations may not like blogs, but all they are is customers providing you vital feedback. Had Sony listened to a word their customers have been saying, they wouldn't be in this mess. And blogs are not going away. After tracing the Sony story, my question is, would you want them to?
|
|
Authored by: ankylosaurus on Saturday, November 12 2005 @ 04:28 AM EST |
EOM.
---
The Dinosaur with a Club at the End of its Tail[ Reply to This | # ]
|
|
Authored by: ankylosaurus on Saturday, November 12 2005 @ 04:30 AM EST |
Please remember to post clickable links using the example on the comments entry
page - and post in HTML mode.
---
The Dinosaur with a Club at the End of its Tail[ Reply to This | # ]
|
- I'll start the ball rolling - £1200 Sony didn't get. - Authored by: Anonymous on Saturday, November 12 2005 @ 05:06 AM EST
- Rumors on Sony PS3 - Authored by: justlinux on Saturday, November 12 2005 @ 08:11 AM EST
- PJ-"Ever hear of fair use"? Reminder- Library of Congress looking for DMCA exemtion comments NOW - Authored by: Anonymous on Saturday, November 12 2005 @ 10:19 AM EST
- A judge with an attitude - part 2 - Authored by: SpaceLifeForm on Saturday, November 12 2005 @ 10:43 AM EST
- Cause for appeal? - Authored by: Anonymous on Saturday, November 12 2005 @ 11:38 AM EST
- OT Here (Very OT) - USPO Grants patent on antigravity / lightspeed spacecraft - Authored by: Anonymous on Saturday, November 12 2005 @ 01:55 PM EST
- 3 copies - Authored by: Anonymous on Saturday, November 12 2005 @ 02:50 PM EST
- Selective enforcement question? - Authored by: Anonymous on Saturday, November 12 2005 @ 03:01 PM EST
- OT Here - Authored by: analyzer on Saturday, November 12 2005 @ 10:02 PM EST
- You'll love this MSFT has declared SONY's little goody Malicious - Authored by: oldgreybeard on Saturday, November 12 2005 @ 10:07 PM EST
- DHS Official Weighs In on Sony - you'll like this. - Authored by: Anonymous on Saturday, November 12 2005 @ 11:02 PM EST
- UberAlpha - Authored by: Anonymous on Sunday, November 13 2005 @ 12:51 PM EST
- Can Nullsoft (et al) sue? - Authored by: swengr on Sunday, November 13 2005 @ 03:34 PM EST
- OT Here - Hilarious - Authored by: Marc Nadeau on Wednesday, November 16 2005 @ 09:56 PM EST
|
Authored by: Anonymous on Saturday, November 12 2005 @ 05:00 AM EST |
Word has it that, ironically enough, the rootkit itself might violate IP-rights
by including LGPL'ed code from the LAME project.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 05:05 AM EST |
Can anyone tell me if
this is accurate? If true this puts a whole new spin on Sony's view of IP
protection. [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 05:14 AM EST |
It is true that sometimes you can find some really scoop-like material on the
message boards, blogs, mailing list, etc. However, what is not mentioned
here
is
that every single message board is full of this stuff, regardless of
whether it's true or not.
It is very easy to come back after the fact, dig
through the historical postings
and then find someone predicting what's going
to happen. It's like going back
and reading what some prophet said and applying
these things on that
happened later. There's so much material to choose from
that it's actually
surprising if one didn't find any matching
statements.
An example close to home, do you remember the SCO troll ont he
Yahoo
boards? The guy who constantly said that SCO was just about to reveal
some
evidence that would turn the case around? Did we do the right think when
we
didn't believe him? Definitely. Was he an insider? I doubt it.
The
message boards and blogs are obviously interesting sources of
information, but
they should be taken with a healthy dose of salt. I think
people are more
intelligent than I thought because they seem to be doing just
that.
[ Reply to This | # ]
|
|
Authored by: Chris Lingard on Saturday, November 12 2005 @ 05:42 AM EST |
You are being optimistic. The big companies have a dream, and that dream
is of a controlled and paying customer base. Everything will be a service, and
everything will cost money.
That is why they hate bloggs. The have
their paid journalists writing their bland news items. Superficial stuff that
gets us to buy the latest consumer fad; your family must have this, everyone
else has it. No need for skills, no need for education. You want to be a
professional reporter, can you cut and paste, and read the company handouts, no
need to check facts; it must be true if the company says so.
You
want to listen to music, then click on the button and listen; the selection
will be recorded at the download site; so that all your preferences are known.
It will be so simple that everybody can use it. There will be no need for CDs,
or local copies, or hard discs on your computer. Your electronic house will
become a grotesque prison, where the electronic warders record every fact about
you.
Football, (soccer), is already on the way; get 100 million
Chinese to pay a small fee to watch Manchester United. Television is well on
the way of being dumbed down by the sponsors. Have you read an interesting
article in a paper recently? And the technical stuff is worst; terrible
mistakes in the facts, showing that most paid reporters do not have a clue about
what they are writing about.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 05:42 AM EST |
From the article: "Sony, under pressure, now provides uninstall directions,
but states that if you follow them, you can no longer play the CD you
bought."
Surely this can't be true. If I can play the CD before installing the DRM by
disabling autoplay, surely I must be able to play it after removing the DRM.
Most likely they mean you can't play the DRM'd tracks they supply on the data
part of the CD and are trying to imply that the whole CD becomes unavailable.
That means they still have not taken the hint and are still trying to mislead
their customers. Either that or they really mean it and the uninstaller leaves
something behind that still blocks access to the CD.
[ Reply to This | # ]
|
|
Authored by: Nick_UK on Saturday, November 12 2005 @ 05:45 AM EST |
As I posted on /. (and got marked down as a troll, for
some reason), I blame Microsoft a lot for this issue.
Microsoft have a design of an OS that is deliberately
engineered to be obscure for the users, with hidden files,
hidden system calls, and the most nebulous idea of all -
the registry (what DO all those entries do?).
Remember the hack someone found that by changing one
registry key you could 'switch' on a NT4 client to become
a full blown NT4 server? Administrator couldn't change
this key, as it was 'watched' by a system super user
thread that changed it back again unless you used the hack
some clever person knocked up. This is one instance -
what else goes on?
Now Sony (and who else I wonder?) are starting to use the
deliberately designed obscuration techniques MS engineered
to hide stuff from their users.
I am sure this is the tip of the iceberg.
Nick [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 05:50 AM EST |
Its might interesting how you change your tune PJ.
Last time Russinovichs name came up on Groklaw you were badmouthing him. Now he
is the hero of the blogging world?
http://www.groklaw.net/article.php?story=2004070213453564[ Reply to This | # ]
|
- Incredible - Authored by: Anonymous on Saturday, November 12 2005 @ 06:17 AM EST
- So _now_ Russinovich is a hero? - Authored by: blacklight on Saturday, November 12 2005 @ 06:33 AM EST
- So _now_ Russinovich is a hero? - Authored by: rsmith on Saturday, November 12 2005 @ 06:35 AM EST
- So _now_ Russinovich is a hero? - Authored by: Anonymous on Saturday, November 12 2005 @ 09:31 AM EST
- He did bad things and we slagged him. He does a good thing and we celebrate - Authored by: Anonymous on Saturday, November 12 2005 @ 10:46 AM EST
- Redemption? - Authored by: joef on Saturday, November 12 2005 @ 11:19 AM EST
- hero?? or setup.. - Authored by: Anonymous on Saturday, November 12 2005 @ 11:56 AM EST
- So _now_ Russinovich is a hero? - Authored by: Anonymous on Saturday, November 12 2005 @ 01:12 PM EST
- So _now_ Russinovich is a hero? - Authored by: PJ on Saturday, November 12 2005 @ 01:20 PM EST
- So _now_ Russinovich is a hero? - Authored by: LaurenceTux on Saturday, November 12 2005 @ 06:51 PM EST
|
Authored by: Steve Martin on Saturday, November 12 2005 @ 06:55 AM EST |
A company is in real trouble when a lawyer sets up a website
dedicated to its misbehavior.
Or a paralegal ...
;)
--- "When I say something, I put my name next to it." -- Isaac
Jaffee, "Sports Night" [ Reply to This | # ]
|
|
Authored by: ak on Saturday, November 12 2005 @ 07:08 AM EST |
Mark Russinovich correctly writes this on his Blog:
The uninstall process Sony
has put in place is on par with mainstream spyware and adware [ Reply to This | # ]
|
|
Authored by: rsmith on Saturday, November 12 2005 @ 07:13 AM EST |
See this
comic. --- Intellectual Property is an oxymoron. [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 07:25 AM EST |
...Enron's Yahoo! stock board. Posters to that forum, some of them company
insiders, began warning of Enron's financial dealings at least two years
before...
Yes, but you can find exactly the same kind of warning on
several hundred other Yahoo stock boards. In at least 95% of these cases, there
is nothing unethical about corporate management. It's easy to throw mud, but
often very hard to know whether the allegations are rubbish or
well-founded.
To paraphrase Herb Caen - Every clod has opinions; getting
the facts takes work. [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 07:28 AM EST |
I do not understand why Sony took the risk.
Just imagine that the mechanisms in Sony´s DRM protetection approach had really
gone unnoticed for a long time, and a significant number of CDs had been
circulated.
Now enter SP3 for WinXP, or Windows Vista.
It is difficult enough to write any non-trivial application that does not break
on an OS update.
How could Sony´s programmers be confident that their secret hack, probably
relying on some incompletly documented and unsupported mechanism inside Windows,
would not wreak major havoc on the next update of the OS 90% of their customers
use ?
Just imagine the legal cost and PR disaster if WinXP/SP[n], automatically
updated overnight on 50 million customers PCs, and in some parts not beta-tested
on a great scale because it is supposed to patch a major security hole MS does
not want to draw premature attention to, is messed up beyond repair as soon as a
Sony CD is inserted ?
I can only speculate that this scheme was never intended to be used on a large
scale, but was just a trial balloon with a couple of 100.000 copies to be sold
to "Alpha Testers", just to see how it works out and what the reaction
would be.
If this is true, then there must be more trials running out there (and according
to the INQUIRER, there already is a MAC variant, too, albeit not of the
"boot sector virus"-variety).
I do not play Audio CDs on my computer, so I just take a comfy seat on the sofa,
soda and Popcorn ready, to see what comes up next.
After all, these guys aren´t labeled the "entertainment industry" for
nothing ...
[ Reply to This | # ]
|
|
Authored by: laitcg on Saturday, November 12 2005 @ 07:53 AM EST |
"Because they trust the folks whose blogs they choose to
read."
I don't think you can say it much clearer than that.[ Reply to This | # ]
|
|
Authored by: rao on Saturday, November 12 2005 @ 08:14 AM EST |
Does installing a rootkit involve bypassing some security mechanism on a
Windows PC? If it did not then the inference would be that MS provides no
security against rootkits. Could that possibly be true?
[ Reply to This | # ]
|
|
Authored by: Steve Martin on Saturday, November 12 2005 @ 08:15 AM EST |
From the Sony Music Web site's Privacy
Policy:
"We try to keep the information we collect from you
as current as possible, and we take steps to maintain the security of your
personal information and to prevent unauthorized access to it by those who do
not have a legitimate need for it."
One thought sprang to
mind as I read this: just who in the entire world does Sony think has a
"legitimate need" for my personal information?? Isn't that my
decision?
I'm in the marked for a high-def TV this winter, and had
already eliminated Sony models due to my experience with their reliability. This
whole fracas just confirms my decision.
--- "When I say something, I
put my name next to it." -- Isaac Jaffee, "Sports Night" [ Reply to This | # ]
|
|
Authored by: Bas Burger on Saturday, November 12 2005 @ 08:40 AM EST |
to get the people digging out their rootkit on it's knees.
It would have been a perfect blatant example of corporations misusing common
laws and lawmakers helping them in their persuit.
Shame...
Bas.
---
DIRECTUS ELATUS PERTINAX[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 09:15 AM EST |
The article says that fair use is part of the law. Can you expand on that?
What falls under fair use and what does not? I don't think I've ever heard
details about that.
BFMartin[ Reply to This | # ]
|
- Fair Use? - Authored by: blacklight on Saturday, November 12 2005 @ 09:43 AM EST
- Fair Use? - Authored by: Anonymous on Saturday, November 12 2005 @ 10:32 AM EST
- Fair Use - Authored by: bmcmahon on Saturday, November 12 2005 @ 11:28 AM EST
- Fair Use? - Authored by: TomWiles on Saturday, November 12 2005 @ 11:41 AM EST
|
Authored by: pfusco on Saturday, November 12 2005 @ 09:16 AM EST |
Personally, Im waiting for The LAME Project to file suit for copywrite
infringment over this.
paraphrase
"We will continue to protect our
Intellectual Property Rights".
Too bad Sony has no respect for the IP
rights of others given they way they hijacked LAME code. --- only the soul
matters in the end [ Reply to This | # ]
|
- Not Sony's Fault - Authored by: Anonymous on Saturday, November 12 2005 @ 12:01 PM EST
|
Authored by: Stumbles on Saturday, November 12 2005 @ 09:18 AM EST |
Among all the things that bothers me about the attitude of
corporations in media as pointed out by PJ. There is one thing I do
not think is right, even if "fair warning" is given.
I sense that some how, if the CD is identified with this nefarious
code that it is acceptable. I hope that I am wrong. Under no
conditions should any company be allowed to install rootkits on my
machine, no matter what kind of fair warning is issued.
---
You can tune a piano but you can't tune a fish.[ Reply to This | # ]
|
|
Authored by: BobDowling on Saturday, November 12 2005 @ 09:19 AM EST |
Why is there this emphasis on civil procedings? Surely Sony have
committed a criminal act.
In the UK the Computer Misuse Act (1990) would
seem to apply. Specifically the
Unaut
horised modification of computer material section would seem to apply. To
excise the relevant section from the act:
3.(1) A person is
guilty of an offence if—
(a) he does any act which causes an
unauthorised modification of the contents of any computer; and
(b) at
the time when he does the act he has the requisite intent and the requisite
knowledge.
The following two paragraphs define the
modification and requisite intent statements.
I can't see how Sony
doesn't fall foul of this Act. [ Reply to This | # ]
|
|
Authored by: Ben Hildred on Saturday, November 12 2005 @ 09:25 AM EST |
I recently applied to work for Adecco, a temp-agency. Included in the
application packet in addition to the usual (exploitive) background check
permession, were a couple of whompers: A nondisclosure agreement, and a
employment contract with a antideflemation clause.
It has become unfortuanatley common for employers (exspecialy temp agencys) to
include blanket imunity for third parties for purposes of background checks.
That is if you are denied employment or fired becouse a company doing a
bacground check falsley reports that you have undesirable events in your
background, you can not sue your (prospective) employer or the agency performing
the background check. I call foul!
Adecco sinks to new levels with it's anti deflemation clause. Critisism of a
company is something that is and should be protected by the first ammendment.
For a company to rotunely seek to limit cryticism of its self leads me to wonder
what real blunders they are trying to hide, and furthermore for a company to
rotunely attempt to restrict the constitutanal and legal fredoms of its employes
is most foul.
Unlike some I do not belive that nondiscloshure agrements are inherently evil,
this one comes fairly close on just a breif reading. It uses the phrase
"including but not limited to" to define confidential information, and
then procedes to list aproximatly twenty comon types of information which would
be included. This cryticisim does not pertain to HIPPA which is included
elsewhere in the contract. My question is what HIPPA or other confidential
information would a forklift opperator need? Three strikes and you are out!
There remains one way for these concerns to be swept aside: Negoation, however
Adecco has a policy requiring signing unaltered documents for employment. I
would reather do day labor.
---
It's not chicken soup for the soul; it's more like peanut butter for the mind.
-- The Famous Brett Watson[ Reply to This | # ]
|
|
Authored by: blacklight on Saturday, November 12 2005 @ 09:53 AM EST |
Sony is in trouble: Sony will have to argue in Federal Court that a vendor's
right to prevent his copyrighted property from being pirated trumps a buyer's
right not have his property, in this case his or her computer, vandalized.
---
Know your enemies well, because that's the only way you are going to defeat
them. And know your friends even better, just in case they become your enemies.[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 10:23 AM EST |
"Because they trust the folks whose blogs they choose to read."
I read your blog but I do not trust you. I have seen how you operate, but that
does not stop your blog being useful to me.
Maat[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 11:59 AM EST |
"Ah, corporateese. Where do they find people willing to express themselves
like that?"
PJ, here is where they get their staff, courtesy of
'Tank'
he
re
an
d here et sequens
Tufty
[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 12:09 PM EST |
The first rule is that you give the customer what they want. What the customer
wants in this case, is to be able to enjoy the content that they like, when they
have time, and on the platform of their choice.
The problem is that the publishing industries have excercised absolute control
over creative content for so long that they actually believe that what the
customer wants, is what they decide the customer wants.
The crux of the matter is that technology is enabling the customer to get what
they want. The publishers can; fight it, and die, accept it, and survive, or
embrace it and dominate the market. How long until Apple is the gatekeeper to
publisher's profits?
-- Alma[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 12:27 PM EST |
Apple has just applied for a patent for "tamper resistant code" -- the very
title is wildly offensive
I dont see why tamper resistant code is
wildly offensive. Software patents have their problems, but whats the problem
with tamper resistant code? I assume we are talking about object code and not
source code (doesn't make much sense to me to talk about tamper resistant source
code, although its a sad fact that all too many large projects are so poorly put
together that they'll resist most attempts to tamper with their source code by
blowing up at the slightest change with obscure race conditions and unexpected
logic flows that are totally opaque :). BTAIM, tamper resistant object code isnt
such a bad thing, stack smashers and buffer overflows would be hobbled if the
object code couldn't be tampered with, amongst other benefits. Obviously if the
point is to ensure your DRM code is difficult to break by making it harder to
put in break points, NOPs, etc by monitoring the integrity of your code as it
runs and to disable execution when debuggers are detected thats a less
beneficial use of tamper resistant code - but its hardly new and has been used
by security and banking software, virus writers and dongle driver writers for
many years. It just doesn't seem offensive to me.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 12:51 PM EST |
As of Thursday (link
goes to Yahoo article), Sopho
s (link goes to Sophos' article) has detected a trojan that utilizes the
hiding mechanism that Sony implemented in their rootkit. And, of course, this
is just the tip of the iceberg. I wouldn't be surprised if "better" virii /
trojans are released in the near future.
So, that has me wondering. If
someone's computer gets hosed up enough by a virus or trojan that uses Sony's
rootkit as an entry point, can Sony be held liable for damages at all? [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 12:55 PM EST |
Ah, corporateese. Where do they find people willing to express themselves
like that? And where do you go to learn how to do it? Words crafted to hide your
true meaning.
I believe that there is an answer to this question but I
am as unable to give the answer as PJ herself. My question is: do such words
actually hide the truth? Is anyone actually taken in by them in the sense of
accepting them as being the true answer to the question? Or do they, like me,
look at the corporateese and think: what does this actually mean?
I ask
myself what would happen if I substituted a word with the opposite meaning -
does Constitutional Club mean that it is distinguishing itself from
other, unconstitutional, clubs? Or does a High Class Butcher want
to avoid confusion with those that advertise themselves as Low
Class?
When I see an advertisment showing a young lady with long flowing
blonde hair in the passenger seat of an open top sports car, I remind myself of
the purpose of the advertisement, which is, to make the car manufacturer think
that he is going to sell more cars by making his customers think that they are
going to attract a female of said description into the passenger seat - thereby
causing the advertising company to get more business (which is the real purpose
of the advertisment).
I ask myself: are the words euphemisms to avoid
actually having to use embarrassing words, for instance, I am sorry but your
dog ran out in front of me and I could not stop in time (Google for:
humourous insurance claim quotations). Alternatively, are the words just space
fillers; is it any less informative if I substitute blah blah blah? Hint:
the words actually used may be completely relevant to the topic but, if they do
not add information, they are blah blah blah.
So lets look at the
real thing:
"As a precautionary measure [could mean precaution against,
getting sued, losing business, or unwanted pregnancy; most likely to mean
precaution against all the nasty things people are saying about us] Sony BMG is
temporarily [could mean any length of time, but probably means until all the
this nasty business blows over] suspending the manufacture [but we will continue
to sell all those we have already made] of CDs containing XCP technology
[technology is used here as a euphemism for excrement]," it said in a statement.
. . .
"We also intend to re-examine [intend to desparately seek a way out of
this mess] all aspects of our content protection initiative [however you look at
it, this cess-pit is of our own digging and was done without reference to any
industry standards regarding good practise] to be sure that it continues [hoping
for better luck next time] to meet our goals of security and ease of consumer
use," Sony BMG added. . . .
Sony BMG said it stands by content protection
technology "as an important tool [a method of enabling us to invoke the DMCA] to
protect our intellectual property rights and those of our artists [those of our
artists means: those that they have signed away].
Easy to decipher but it
must take some sort of twisted mind to create the stuff initially. Why does
someone get paid for this while I remain (since Friday) an unemployed geek and
groklawian?
Alan(UK) [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 01:02 PM EST |
As far as I understand
"As a precautionary measure, Sony BMG is
temporarily suspending the manufacture of CDs containing XCP technology," it
said in a statement...
could mean that they do not manufacture the
discs, but as soon as nobody will be looking, they'll manufacture them again, as
before. In between I've not seen that they will manufacture CDs with the same
titles but without malware and they did not ask their distributors to stop
selling them.
If I'm right, I don't call that "stopping planting rootkits"
but "stopping temporarily manufacturing rootkits".
Just my
2¢
Loïc [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 01:15 PM EST |
I imagine that installing rootkits would be a criminal act in several countries.
And what happens if a government employee inserts a Sony CD into a computer
"at the office"? Who is responsible the compromise of the government
machine in that case?[ Reply to This | # ]
|
|
Authored by: J.F. on Saturday, November 12 2005 @ 01:57 PM EST |
"They prefer to criminalize normal human behavior -- wasn't it your Mommy
who taught you to share?"
I can see it now...
"TOMMY! Did you share your toys with Bobby?!"
"Yes."
"Well, we'll see how you feel about sharing after five years in the
juvenile detention center!"
Goons drag off Tommy.
"As for YOU, Bobby, we're going to take all your toys and allowance and
treats for the next TEN YEARS for playing with a toy that wasn't yours!"
[ Reply to This | # ]
|
|
Authored by: sward on Saturday, November 12 2005 @ 02:36 PM EST |
We owe Sony/BMG a vote of thanks for stepping so plainly over the line into
unethical (and probably illegal) behavior in this fiasco. The small firestorm
this stirred up will serve two useful purposes:
1) It will serve as an object lesson to discourage other record (and movie, and
software) companies from following the same path. Unfortunately, on past
behavior, most of them won't be able to take the hint.
2) It will ensure that new "content protection" measures (on all
media, but especially on Sony's) attract more scrutiny from customers, privacy
advocates, security researchers, and (hopefully) the mainstream press. Throwing
daylight upon the problem is the best response to these cockroaches.
If this case had been more in the grey areas, it would not be attracting nearly
as much attention and outrage.[ Reply to This | # ]
|
- Thanks, Sony - Authored by: Anonymous on Saturday, November 12 2005 @ 05:34 PM EST
- Thanks, Sony - Authored by: nuthead on Sunday, November 13 2005 @ 11:30 AM EST
|
Authored by: Anonymous on Saturday, November 12 2005 @ 03:06 PM EST |
Thomas Hesse, said that "most people, I think, don't even know what a
rootkit is, so why should they care about it?" But one blogger did notice
and he told the rest of us, and we do care.
Citizens of Nagasaki didn't know anything about Nuclear Kits either but believe
me they did care or would have cared.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 04:09 PM EST |
- Start off as a successful large company
- Do something dumb that
annoys a lot of customers
- When they complain, brazen it out and explain they
don't understand
- Fail to apologize, fail to learn
- Lose the dumb managers
when revenues vanish, taking bonuses with them
- Take a few years learning to
make customers happy
- Profit!
[ Reply to This | # ]
|
|
Authored by: AJWinterer on Saturday, November 12 2005 @ 04:36 PM EST |
After reading this article I took some minutes to think a
bit more about the effects of DRM. The "Sony rootkit
scandal" is only one short term aspect of DRM, the
proverbial peak of the iceberg. But on a longer time scale
there are other hazards for us consumers!
Everyone who is younger than about 25 years takes it for
granted that music is delivered on a CD. The ones among us
who are older know that music once came on black vinyl
discs (singles and later long play) or even on shellac
discs (the hard and brittle predecessors of the vinyl
discs). With the good old record player it is no problem
the play all the old discs that have been produced 30, 40,
50 or even more years in the past. Just put the the
"medium" on the turntable and start the player and you can
listen to the music, listen to history of art!
With the CD this kind of cultural heritage works just a
fine as long as the CD is no DRM crippled CD. You can take
any CD from 1980 and play them on any CD drive (your high
class stero in the living room, your desktop computer,
your car stereo, your notebook or whatever you have as a
CD player). All you need to do is put the CD into the
player and it plays. It does not mattern how old the CD is
and how new the player.
It does not matter what kind of OS (operating system, for
non-computer folks) and version of OS you use. You just
need to insert the CD to get the music played. This is the
way the media were designed to be in the first place.
Standards had been defined to guarantee this kind of
interoperability.
Therefore it made sense to invest into (audio) media. If
you bought your favourite music, it was there to last for
a lifetime, even for your heirs. You could play these
media even after decades, introduce your children to what
you liked.
All this changed with DRM media (DRM crippled audio CDs,
but also the new HD-DVDs, Blue Ray Discs, HDMI ...). As
long as you have the "key" to the medium, that is the
software or hardware player, you will be able to listen to
the music or watch the movies. But what happens if you do
no longer have this "key" (be it a special hardware or
software) after some years? Look at how fast the industry
changes the "standards" now!
You get a little taste of this if you have a brand new car
stereo which has a CD player that does not play some of
the DRM audio CDs. This happens because some manufacturers
of car stereos use computer (notebook) drives for price or
size advantages. These "CD-ROM" drives do not play all
types of crippled DRM CDs.
So, let us assume that you are a "good customer" as the
entertainment industry defines it and you buy a lot of DRM
audio/video media now. What will happen to you in a few
years after the hardware and software changed to new
versions/standards? The "key" to your DRM media no longer
fits the "lock" in the DRM media! You will not be able to
listen to your music or watch your movie because there are
no long term standards for DRM!
The consumers (your!) investments are destroyed by the
entertainment industry!
Or to put it into plain words: The entertainment industry
forcibly takes away the assets you bought with your money!
Have you ever heard the entertainment industry spelling
out a guarantee that you will be able to play your DRM
media in 30 or 50 years?!?! Our children will have the DRM
media with the cultural heritage of our days in their
hands but they will not be able to witness the music or
movies we liked in our days because the content is no
longer accessible then as it is locked into DRM methods
that no longer work for them.
The conclusion in my opinion is:
DRM is the "digital alzheimer", destroying all the
recordings by making them unuseable. Our time will be the
dark ages of the future, because no one will be able to
access the contents on the DRM media from our days.
To be fair I'd like to point out that I did not invent the
term "digital alzheimer". But I thought it to be
appropriate here.
---
Never trust a smiling cat.[ Reply to This | # ]
|
|
Authored by: Prototrm on Saturday, November 12 2005 @ 04:57 PM EST |
The music companies claim their lost sales are due to piracy. Well, yes and no,
but bottom-line is it's their fault, not ours.
Simply put, somewhere back in the 1980's, the music companies saw that their
demographics were getting older, and they wanted a younger audience, so they
started pushing both new and established pop acts aside in favor of Rap,
Hip-Hop, etc., largely abandoning the Baby Boomer generation. The goal seemed
reasonable: create a new generation of music that annoyed the Baby Boomers, and
thus would attract a younger crowd of rebels. Hey, it worked in the 50's with
Rock & Roll, didn't it?
Only one problem with that: kids don't buy music. When my friends and I were
kids, we taped it off the radio, and borrowed record albums from each other to
tape record, and so forth. Why? We didn't have the money to buy them. Then, when
we did have money, we didn't want to blow it all on music so we went to
second-hand record shops, or dug through the 99 cent bin at Sam Goody's or
Sears. The only people who bought lots of new records were older, and they often
had different taste in music than we did.
Today's kids are no different from ourselves at that age, it's just that their
source of music is different from ours. But *this* time, the record companies
have gone out of their way to severely reduce the number of music acts that
appeal to the *paying customers*
Oh, they also eliminated the cheap singles market when they eliminated the 45RPM
record. Nobody's going to buy a ton of singles casettes, or overpriced
mini-CD's, not like we did when we grabbed a dozen singles (with a second song
on side 2, I might add) of our favorite songs. We didn't do it often (and when
we did, we shared).
Having said that, I still have my collection of over 1200 vinyl record albums in
my garage, left over from my years as a dedicated music customer. When CD's came
out, I tried to replace each of those albums with the CD (I still can't find
them all), and now have a sizable collection of those as well.
It's been 6 years since I've bought a CD (and that was a Japanese import of an
old recording by the group America -- LOL), not because I can't afford it, but
because I don't like any of the music enough to do so. The companies don't want
me as a customer, it seems. Instead, they want the people who *don't buy
anything in the first place*! Don't get me wrong, there are exceptions. Lots of
kids buy music. But if you build your business depending on that age bracket,
you're going to go broke sooner or later.
1. Take gun
2. Aim at big toe
3. Pull trigger
4. Complain that your foot hurts
5. Sue the nearest 12-year-old for Pain and Suffering.
Give me a break, guys![ Reply to This | # ]
|
|
Authored by: LarryVance on Saturday, November 12 2005 @ 05:45 PM EST |
Ah, corporateese. Where do they find people willing to express
themselves like that? And where do you go to learn how to do it? Words crafted
to hide your true meaning.
A law firm and LAW
SCHOOL! --- http://allstateinsurancesucks.com/ [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 05:47 PM EST |
"We also intend to re-examine all aspects of our content protection
initiative to be sure that it continues to meet our goals of security and ease
of consumer use," Sony BMG added."
So it meets "OUR" goals, but no mention of "the law",
"ethical considerations" etc...
"Sony BMG said it stands by content protection technology "as an
important tool to protect our intellectual property rights and those of our
artists."
No mention of the rights of the consumer, and judging by some of the reponses
already out from artists, they weren't asked about it at all.[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 06:55 PM EST |
I seem to recall that there's some issues w/ a "shield"
law coverage of bloggers-- which means, in some ways,
that those who want to "manage the message" (because they
have the money for the presses, which means they have an
interest in maintaining their cashflow and "interests")
would like bloggers to go away.
The problem w/ the "freedom of the press" is that many
want that to only be for those with the money to *HAVE* a
press.
I suspect that one of the main problems the mainstream
media have is that they get dragged into stories a
publisher might not like to see exposed because it would
impact the publisher's friends or their own income
directly.
Sadly, there have been enough stories where a publisher
can't cope with their own "conflict of interest" and will
want a story to fade away.
(sighs) [ Reply to This | # ]
|
|
Authored by: Fogey on Saturday, November 12 2005 @ 07:26 PM EST |
I wasn't going to do this, but I just can't help myself. This whole kerfuffle
made me get a mental picture of a bunch of record company executives, dressed up
like the Village People, loudly singing:
*to the tune of YMCA*
Fat Cat, are your CD sales down?
I said, Fat Cat, that's no reason to frown.
I said, Fat Cat, turn your profits around!
There's no need to be unhappy.
Fat Cat, there's this thing you can get.
I said, Fat Cat, it is called a "root kit."
If you use it, then I'm sure you will find
A brand new business paradigm.
*THUMP*THUMP*THUMP*THUMP*THUMP*
Make 'em pay with the D-M-C-A!
Make 'em pay with the D-M-C-A!
It has every cool trick for you to employ.
You get total control of your customers' toys...
Make 'em pay with the D-M-C-A!
Make 'em pay with the D-M-C-A!
Once the Trojan is in, (and that's easy to do,)
You can do any-thing you want to...
This is NOT a pretty picture!
---
Old age and treachery ALWAYS
beats Youth and enthusiasm![ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 07:35 PM EST |
"most people, I think, don't even know what a rootkit is"
With all the coverage this story has received, I bet a lot more people now know
what a rootkit is. [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 07:38 PM EST |
If you read the link provided its blatantly obvious that Sony used the Lame
encoder without following its license restrictions.
I believe that in America you can sue for up to $150,000 for EACH copyright
violation.
How many infected CDs have Sony sold?
The copyright holder for Lame should CASH IN. IF I WAS HIM I WOULD TAKE THIS
OPPORTUNITY TO EXTRACT A COUPLE OF MILLION FROM SONY!
I'm sure he could find a lawyer willing to take on the case purely on taking a %
of the settlement / judgement. The evidence is undeniable.... Lame strings
within the executable.
If I went to the effort of writing the Lame encoder, I would NOT waste my
realistic chance to collect a million dollars.
It would teach Sony a lesson and in future they may think twice about proposing
draconian IP laws.
[ Reply to This | # ]
|
|
Authored by: DaveJakeman on Saturday, November 12 2005 @ 08:53 PM EST |
...for my prediction to come
true.
--- Should one hear an accusation, first look to see how it
might be levelled at the accuser. [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 08:55 PM EST |
I am not a lawyer and know little of law except what I
read on Groklaw.
I seem to recall it being mentioned here that if some was
suing someone else over an action and the person doing the
suing had unclean hands that the case became mote.
With soney installing root kit doesn't mean that Sony has
unclean hands on RIAA and MPAA issues so wouldn that mean
that some very interesting results should be expected from
suits these organizations have filed? [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 09:50 PM EST |
The DRM fiasco has been the subject of much tech discussion since the
beginning of November.
It feels like old hat.
The mainstream media only
began to pick up on it last week, but on Thursday, Friday and this weekend I
haven't seen the story count on Googles front page go below 500.
All the
regional newspapers have covered the story and the radio. I heard today a local
station asking their listeners to contact them if they'd had any problems with
their computer since playing a Sony DRMd CD.
It's already apparent from the
web that some individuals and some corporate networks have had problems they can
now attribute to Sony DRM.
Wait until the bulk of humanity checks out the
cause of their mysterious BSOD's over the next week. Brian S. [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, November 12 2005 @ 10:24 PM EST |
Microsoft has solemnly (if not unctiously) announced that THEIR antispyware
program will start removing the Sony Rootkit: See
http://www.eweek.com/article2/0,1895,1886122,00.asp .
I don't know how to
read this. Theory #:1 Microsoft has been looking to get even with Sony for not
licensing Microsoft DRM--and for fighting so hard for the anti-computer DRM in
the new "non-CD optical disk formats," and this is their chance to fire a
warning shot into the bridge of the good ship "Sony IP (International Pirate)
Queen". And this was their chance.
Theory #2: Monkey-boy has been hurling
chairs all over the Microsoft boardrooms constantly since this powder keg
exploded. "Curs'em for a scurvy dog, may davy jones have their liver and
giblets. And curs'ee for an impotent luzer if I don't blast their sails to
kingdom come and halfway back! Y'see, maties, jis' when we war gitting folks all
used to this DRM pirate-tax on every bottom on the seven sees, doin' it right
subtle-like, that incompentate bandit comes along and tries it right out in the
open! Now every navvy in his right mind is going to be gunnin' for ALL IPs, and
do you think, maties, do you think for a moment that they'll avast after the
Sony laddies dance the high dance on the dockyard scaffold? Curs'em for idjits,
I say, and curs'em for crossing Bigeye Gates, and curs'em for humiliatin' the
Bald Balmer, and curs'em for hijackin' cargoes that be ours by rights, and
curs'em for idjits again!"
I do not know that these two theories are mutually
exclusive. But Microsoft never produced a product I couldn't live better and
happier without, and I used to buy Sony products willingly. (And I'll miss them:
they had a world-class classical music catalog. But I'll do without.
Self-respect with freedom is worth something.)
So this isn't pot calling kettle
black. This is MS as Sauron: angry because someone else is offering his
wannabe-wraiths cheaper rings of power. [ Reply to This | # ]
|
|
Authored by: Jhimbo on Sunday, November 13 2005 @ 03:02 AM EST |
I am very disappointed by Sony's actions. I own some Sony
equipment, which
has worked well, and provided me with a
lot of pleasure. In the light of
this controversy, I
shall think very carefully before buying any more
of
their products.
My opinion is that their behaviour in this shows a lack
of respect for their customers that is highlighted by some
of the
language in the "End User Licence
Agreement" apparently distributed with
their CDs, language
that I
find distasteful and unneccessarily restrictive.
--
Jhimbo [ Reply to This | # ]
|
|
Authored by: Anonymous on Sunday, November 13 2005 @ 06:23 PM EST |
[UPDATE: There is now an allegation of possible copyright
violation, in that LGPL code may have been used in the rootkit, without Sony
abiding by the terms of that license. ]
Now wouldn't it be
grand if we used Sony to prove validity of (L)GPL in court? Two birds with one
stone: lots of money for the project in question and getting rid of lame (pun
inteded :-) arguments from DW ;-) [ Reply to This | # ]
|
|
Authored by: Anonymous on Sunday, November 13 2005 @ 07:04 PM EST |
It's an Administratorkit. There is no root in Windows. [ Reply to This | # ]
|
|
Authored by: lamare on Monday, November 14 2005 @ 08:29 AM EST |
Muzzy published some more details on de DRM stuff on his site:
http://hack.fi/~muzzy/sony-drm/
Amongst others, there's a link to a further analysis:
http://www.the-interweb.com/serendipity/index.php?/archives/51-Is-Sony-in-violat
ion-of-the-LGPL.html
It turns out a whole lotta data from LAME can be found in the DRM executable
"go.exe":
http://the-interweb.com/bdump/misc/tables.txt
I would say that proves that the lame library has indeed been linked with the
"go.exe" library.
What's really remarkable is that all these tables can be found in the
executable, but none of them seems to be used by any code and so far, also no
lame code has been found.
This can mean two things:
1. The code is there, but for one reason or another it has not been found. This
could happen for example if the binary code compared came from a compiler that
produced different code.
2. The code is really not there. That would mean they *accidently* linked with
the lame library, without ever using it!
That would also raise some interesting questions. Because, after all, the tables
*are* there and they originate from LGPLed sources. Would that be enough?
Could Sony be forced to open up their code because they used LGPLed tables in
their code?
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, November 14 2005 @ 08:31 AM EST |
I wonder how many music thieves Sony just created with this fiasco.
I hope they face an endless pile of lawsuits and go out of business.
they need to made an example of -
why isn't senator hatch speaking out on this? where is he?
is sony going to come up on capital hill. come on government where are you when
your citizens need you.
I guess you are just finally responding to new orleans.
But keep those baseball steroid hearings going. That's what we all need because
we all have kids that can play major league baseball.[ Reply to This | # ]
|
|
Authored by: Yossarian on Monday, November 14 2005 @ 04:30 PM EST |
> There is now an allegation of possible copyright
>violation, in that LGPL code may have been used in the
>rootkit, without Sony abiding by the terms of that license.
It seems like Sony had to burn the copyrights law
in order to save it...[ Reply to This | # ]
|
|
Authored by: GLJason on Monday, November 14 2005 @ 05:51 PM EST |
LOL, that is about the funniest thing I've seen in a while. I wouldn't think
"ease of consumer use" was even on their list...[ Reply to This | # ]
|
|
|
|
|