Posted on 11/10/2005 10:38:37 AM PST by ShadowAce
Sony BMG is facing a class action suit from Californian consumers who claim the music giant's rootkit DRM technology damaged their computers and breaks three separate Californian laws.
The suit asks the court to stop Sony selling any more CDs containing the rootkit and seeks compensation for damage already done. Some Sony audio CDs include software which will secretly load itself if the CD is played on a computer. The suit was filed 1 November in the Los Angeles Superior Court by attorney Alan Himmelfarb, according to Reuters.
A second case has been started in New York on behalf of anyone who's bought one of the CDs.
Sony is also facing possible action from the Electronic Frontier Foundation in Italy - the lobby group has filed papers with the Italian authorities alleging Sony is guilty of "illicit acts".
The Electronic Frontier Foundation has also examined Sony's End User License Agreement which consumers now agree to when buying Sony CDs. Aside from letting Sony install any software they like on your computer it also covers what you can do with stored copies of the CD.
Any copies of the CD kept on a laptop or other device must be deleted if the original CD is stolen or lost. They cannot be stored on your work computer only a "personal home computer system owned by you". If you move countries you must delete all songs covered by the license. If you file for bankrupcy you must delete all relevant files.
Any consumer who fails to keep up-to-date with the hidden software is in breach of the agreement.
In exchange for all this the license also limits Sony BMG's liability for any damages this might cause to just $5 per CD - or slightly less than you paid for it in the first place.
Read the whole critique here.
A spokesman for Sony BMG in the UK guided us in the direction of New York HQ because CDs sold in the UK do not contain the rootkit. Sony BMG New York were unable to provide comment by press time. ®
Gotta check that out, I haven't noticed anything from my various ad/spy/virus/trojan detectors.
This was so badly written and dangerous that it would seriously compromise the security of any computer it was installed on.
The rootkit hid all files and registry entries that began with $sys$, meaning that a hacker could hide a trojan or virus -- any file -- on your computer by renaming it from "trojan.exe" to "$sys$trojan.exe" It would be invisible to the user while it ran as well.
Sony's actions have left many people with seriously compromised computer systems that are open to hackers. ...and many people will never know that the rootkit is on their system since they aren't tech savvy.
Your guess is as good as mine. I haven't purchased any music for several years now. All mine have no protection on them at all.
Details?
According to Sony, that makes everything A-OK:
In an interview with NPR reporter Neda Ulaby, the President of Sony BMG's Global Digital Business, Thomas Hesse, defends Sony's installation of a rootkit by declaring, "Most people, I think, don't even know what a Rootkit is, so why should they care about it?"
Have you ever used chkrootkit?
I have cron run it daily just for grins.
Seriously, though, I'll check it out.
I got it off my drive, finally. It was an email connection to Wal Mart and a format to make copies which would be picked up at Wal Mart stores.
So, buy a cheap CD player, plunk it down next to the computer, wire the output to the "line" input of your sound card, and play music till your hearts content.
You can also record wave files and burn them to blank CDs w/o the rootkit file. Radio Shack sells a turntable w/ an equalized pre-amp for around $80 that lets you do the same thing w/ your old LPs.
I had been using the computer's CD drive to listen to music since I got the machine. A few years ago I noticed that newer CDs had a "crackling" static like noise when played. The lower numbered tracks were only slightly affected but as the track number increased, so did the noise until it drowned out the music altogether. Older CDs played fine, just newer ones had the noise. The new CDs played fine in a CD player however. It occurred to me that wiring the player to the sound card line input would let me hear clean digital files again.
Thought you might like to know.
Regards,
GtG
Well considering, DVD and VCR players are technically computers, I guess they just don't want movies and music to viewed and listened too. (I am NOT being sarcastic.)
A buyer is allowed by law to makes copies of the CD he purchases for personal use. SOny seems to have gone bonkers and decided that the law is not applicable to their products. Damn them and their big brother is watching you CD's!
Such irony, considering the suit brought against them by Universal and Disney in the Betamax days. And I was once a Beat man too.
Another line has been blurred between the "legit" businesses and the hackers and spammers.
and they wonder why people would rather file share than shell out $15 for a crappy CD with 1 good song on it.
The way it works is by installing software that can be exploited by viruses. It's like I decided to enable my monitoring of your use of my stuff by (without your permission) installing a button on the side of your house which, when pushed, unlocks your front door and disables your security system. Besides me, any burgler that wants to can now enter your house
From The Register
Sony-BMG's rootkit DRM technology masks files whose filenames start with "$sys$". A newly-discovered variant of of the Breplibot Trojan takes advantage of this to drop the file "$sys$drv.exe" in the Windows system directory."This means, that for systems infected by the Sony DRM rootkit technology, the dropped file is entirely invisible to the user. It will not be found in any process and file listing. Only rootkit scanners, such as the free utility RootkitRevealer, can unmask the culprit," warns Ivan Macalintal, a senior threat analyst at security firm Trend Micro
The malware arrives attached in an email, which pretends to come from a reputable business magazine, asking the businessman to verify his/her "picture" to be used for the December issue. If the malicious payload contained in this email is executed then the Trojan installs an IRC backdoor on affected Windows systems.
Is Sony/BMG the only one of the Big Four Quadropolists doing it? To all releases and reissues on all their countless labels?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.