Posted on 11/12/2005 3:43:10 PM PST by steve-b
The spyware that Sony installs on the computers of music fans does not even seem to be correct in terms of copyright law.
It turns out that the rootkit contains pieces of code that are identical to LAME, an open source mp3-encoder, and thereby breach the license....
(Excerpt) Read more at dewinter.com ...
Rut-roh. GE is going to be upset. Darn Pinko Commies did it again. We're doomed.
Yep. You can tell that the original author didn't speak English like us normal people do -- that clinches the case!
The hits just keep coming!!!!!
Just goes to show how dangerous that "viral" code can be. Ya gotta be careful out there. Fooling around with DRM just makes you dirty. It's best to just stay away from it.
"A hacker had mass-mailed e-mail with an attachment, which when clicked on installs malware. The malware hides by using Sony BMG software that is also hidden -- the software would have already been installed on a computer when consumers played Sony's copy-protected music CDs."
Oh, goodie, goodie. I smell a class action!!!!
Business plan:
1. Spread viral copyleft software everywhere.
2. Get Sony to use some.
3. Buy "free" software from Sony.
4. Sue!
5. Profit!
"Good idea, I need to go CD shopping tomorrow."
I'd love nothing more that to see that filthy corporation pay though the bloody nose for producing and promoting garbage like the cop-killer rap they've sold in the past!!!!
If the CD's are constructed in such a way that normal techniques for ripping won't work, with or without the existence of the malware rootkit, then the rootkit would seem unnecessary "protection". And if the CD's are not so constructed, i.e. they can be ripped via conventional methods if the rootkit is not installed, then the rootkit would seem insufficient protection.
So what purpose, other than the harassment of paying customers, is the rootkit supposed to serve?
Without the source code, this will never be answered, which is what makes this such an interesting case.
Sony buys this DRM software from another vendor and installs it on every Sony CD sold since March of this year.
The only way for the offended parties, the people who got hit with the rootkits, can be sure the rootkits are benign is to subpoena the DRM software in court, thus revealing how it works.
I'll tell ya one thing, Sony can take their "blueray" thing and shove it. It's obvious they using DRM software for data mining purposes.
So the software gets installed. But then the user sees what it really does and wants to un-install it. Remember, this crap shipped with no uninstaller. So eventually someone was going to have to come up with a "cookbook" method of un-installing it. This was the "problem" that the rootkit was trying to "solve". If you can't see the files or the registry keys, there ain't much you can do about it.
But why would Sony want to prevent uninstallation?
Sony BMG said it stands by content protection technology "as an important tool to protect our intellectual property rights and those of our artists."
But never mind the consumers' fair use rights. Remember, computers == piracy tools.
There are criminal penalties lurking in the shadows of any class action suit here.
Pssst... Yo, Eliot...
http://www.eff.org/news/archives/2005_11.php
Incomplete list of Sony CD's with secret rootkit software:
Trey Anastasio, Shine (Columbia)
Celine Dion, On ne Change Pas (Epic)
Neil Diamond, 12 Songs (Columbia)
Our Lady Peace, Healthy in Paranoid Times (Columbia)
Chris Botti, To Love Again (Columbia)
Van Zant, Get Right with the Man (Columbia)
Switchfoot, Nothing is Sound (Columbia)
The Coral, The Invisible Invasion (Columbia)
Acceptance, Phantoms (Columbia)
Susie Suh, Susie Suh (Epic)
Amerie, Touch (Columbia)
Life of Agony, Broken Valley (Epic)
Horace Silver Quintet, Silver's Blue (Epic Legacy)
Gerry Mulligan, Jeru (Columbia Legacy)
Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
The Bad Plus, Suspicious Activity (Columbia)
The Dead 60s, The Dead 60s (Epic)
Dion, The Essential Dion (Columbia Legacy)
Natasha Bedingfield, Unwritten (Epic)
This is not a complete list and Sony-BMG continues to refuse to make such a list available to consumers. Consumers can spot CDs with XCP by inspecting a CD closely, checking the left transparent spine on the front of the case for a label that says "CONTENT PROTECTED." The back of these CDs also mention XCP in fine print. You can find pictures of these and other telltale labeling at http://www.eff.org/IP/DRM/Sony-BMG/.
To find record labels owned by Sony, visit this site:
http://www.bl.uk/collections/sound-archive/record.html
Click on both of these links: 'Sony Music' and 'BMG'
For instance, both 'Columbia' and 'Epic' are Sony-owned.
It gets better. Part of what the malware appeared to do is to contact a sony web site EACH TIME the CD was put in the drive, "phoning home" with your IP address whenever you play the Sony music CD
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.