Posted on 11/15/2005 1:43:21 PM PST by dickmc
More than one-half million networks infected by Sony including U.S. military and various countries.
Dan Kaminsky, http://www.doxpara.com/ ,is the expert who broke this and did the work. His U.S. and Europe infection maps are shown below and are frightening. Dan did a hell of a good job.
Search Google News for "sony numbers trouble" for more in an excellent article today that is very worth reading.
save
I'd love to see some tool-of-the-RIAA hack US Attorney take someone to court for violating the DMCA over removing this rootkit from their PC. If I were defense counsel I'd make sure the case was heard by a jury composed entirely of Windows users who had spent hours upon hours removing viruses, trojans, worms, spyware and spam from their machines, had to wipe and restore their hard drives from scratch because their OSs had become hopelessly corrupted by all that crap, and had lost irreplaceable data as a result. I could prtobably find such a jry in say, about five minutes or so. By the time I had finished with them, not only would my client walk out a hero to the computing public, that jury would be ready to string up the attorney and his coked-out complainants.
Thanks, I am clean
ping a ling...
That's only an option for those using Win XP SP2, and even that wouldn't completely eliminate the threat (since the component is still on the machine and there are ways to make a COM component spawn in the browser process space if it is marked safe for scripting). Removing it would solve the problem, but I doubt if most people would go to that much effort.
Do we have 500,000 plus machines exposed to anyone with the technical skills to hack this rootkit?
No, no, no. Sony and Disney can't be liable for any of that stuff, cause they bought the legislation that made it illegal. If it were applied to them, it would be defective and have to be returned to Congress for a full cash refund (or legislative gift card, if they've lost the receipt). That legislation is only for NON-SANCTIONED, freelance hackers, not the corporate ones.
ping
I would too; but it doesn't change the fact that the DMCA does prohibit such actions. The DMCA is a stupid law, passed by an incompetently ignorant and corrupt Congress and a vile president who was in the pocket of the Hollywood crowd urging its passage. But it is still the law. Rather than just ignoring it in this case because its application is ridiculously harmful to the rights of the individual, a better solution would be to use this opportunity to press for the repeal of the more brain-dead aspects of the law (which is almost all of it).
Oh my. LOL!!
The Sony Company now runs the risk of being declared and charged as an international terrorist organization.
This is too rich! LOL!!
Not to toot my own horn, but I detected and posted a blurb on the web on how to remove it back in September, before one could google anything about it. In fact, I posted as much here too last September. I still haven't seen a discussion on the fact that the software bypasses software firewalls, such as ZoneAlarm. That's how I first discovered it, checking traffic. If, as SonyBMG claims, it isn't gathering info to send back, why is it sending a stream of packets to an IP in their domain?
If Sony's CDs included a player that read encrypted files, it would be a violation of the DMCA to alter such a player to copy the files in unencrypted form. I do not think that uninstalling a piece of software completely falls under the DMCA, especially since (as was noted) Sony owns the media content--not the computer.
I see no difference between someone who uninstalls Sony's malware using an uninstaller, and someone who uninstalls it by doing a reformat/reinstall of Windows. Or should the latter action be illegal too?
Nothing in Sony's EULA to this point has offered anything like informed consent as to what the software actually does; if it did, very few users would accept it (though it should be noted that SunComm's DRM package doesn't care if it's accepted or not--it installs anyway!) I think Sony's actions here are criminal, going after someone who is trying to clean up the criminal damage Sony has done would be akin to punishing someone for cleaning up some graffiti on their property because they're destroying the vandal's paint.
Actually, if you read the Colossus trilogy, I believe it's the Martians who win. :)
bump to the top. For later reading.
http://securityresponse.symantec.com/avcenter/venc/data/securityrisk.aries.html
on this page, symantec recommends downloading a SONY file to correct it!
I wouldn't be surprised if Sony went out of business in the US and Europe over this, the liability is of an immense scale that it could bankrupt even such a corporate behemoth.
Gen. Honore had a phrase for that.
I'm just a girl, and science makes my head hurt. Explain it in short words, and while you're at it, buy me something. ;)
Stuck on stupid he he
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.