Posted on 11/15/2005 1:43:21 PM PST by dickmc
This is why so many people could care less about downloading music for free off the internet.
The music companies have been historically know as thieves and criminals themselves.
This latest episode shows the leopard has not changed his spots.
.
What it means in laymen's terms is this: Sony does not trust their paying customers. They think their customers are thieves. SO this put this little program on their CDs that installs onto the hard drive of your computer when you insert the CD that allows Sony to track data about you and limit how you can use the CD you paid for. If you try to manually remove this software from your computer, it will likely crash your computer.
So if you are a paying customer of Sony, you are being played for a sucker. You would have been better off downloading your Sony music over LimeWire or going to this Russian site to download any album you want for about a dollar. And yes, that Russian site is 100% legal.
Major important bump here. This spyware breeches Software Fallwalls.
BUMP
On later versions of the software, people have not reported this. It could be that a limited run of cd's had this functionality before someone got cold feet.
Hole? My impression was it cloaked some files and phoned home. That's not a hole like starting a server.
A rootkit is some software installed on your machine. It doesn't allow new software to be installed and does not necessarily allow any hackers in. I suppose someone could spoof the DNS, pretend they are sony and collect some personal info that way.
I can see how it might bypass the FW itself, but does it disable any FW's?
Sony's Plan To Fix Infected Copy Protection Only Makes Matters Worse
November 15, 2005
Sony's suggested method for removing the program actually widens the security hole the original software created, researchers say.
By Brian Bergstein, The Associated Press
[excerpt]
Stung by the controversy, Sony BMG and the company that developed the antipiracy software, First 4 Internet Ltd. of Oxfordshire, United Kingdom, released a program that uninstalls XCP.
But the uninstaller has created a new set of problems.
To get the uninstall program, users have to request it by filling out online forms. Once submitted, the forms themselves download and install a program designed to ready the PC for the fix. Essentially, it makes the PC open to downloading and installing code from the Internet.
According to the Princeton analysis, the program fails to make the computer confirm that such code should come only from Sony or First 4 Internet.
"The consequences of the flaw are severe," Felten and Halderman wrote in a blog posting Tuesday. "It allows any Web page you visit to download, install, and run any code it likes on your computer. Any Web page can seize control of your computer; then it can do anything it likes. That's about as serious as a security flaw can get."
Sony BMG spokesman John McKay did not return calls seeking comment. First 4 Internet was not making any comment, according to Lynette Riley, the office manager who answered the company's phone Tuesday evening in England.
"Is this is big as it seems at first glance?
Do we have 500,000 plus machines exposed to anyone with the technical skills to hack this rootkit?"
Keep an eye on slashdot.org, they are having several discussions about this and additional issues involved with this (They incorporated GPL (open source) code without providing the necessary documentation), and they seem to be taking it very seriously.
Tested clean... thanks for the tip. No Sony CDs for me! And to think we have been loyal Sony buyers since 1983... darn!
It doesn't matter. It is still one more law Sony has broken.
Any virus or trojan can be renamed %sys%trojanname.exe and every ant-virus program on the market will NOT be able to detect the virus or trojan.
that is the biggest hole possible, and a serious flaw in Windows system code.
I also see that they have a tool of their own:
"
Removal Tool
Symantec Security Response has developed a removal tool for SecurityRisk.First4DRM. Use this removal tool first, as it is the easiest way to remove this risk.
The tool can be found here: http://securityresponse.symantec.com/avcenter/FixRyknos.exe
"
I realize that, but how does the trojan exe get into your system? The rootkit is not a server or some other mechanism to transfer files in.
I am sure the senate is busy looking at passing some retroactive laws for them to escape liability.
Sony needs to be run out of business. They are beyond a doubt, THE most Arrogant, incompetant collection of jackasses I have ever run across.
This may be the effect of people rising to their level of incompetence in technical professions. I've seen it over and over again in IT departments and software companies, have thrown up my hands more times than I can remember, and have seen talented people walk out the door over these things. Loudmouth, brownnosing idiots often with idiot certificates (i.e. MBA degrees) are put in positions to make decisions about things they know nothing about. As the technology gets more complex, fewer and fewer people understand it, and virtually none outside of the corporate technology departments. Heads will roll at Sony before this is over, or so we can hope...
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.