Jump to content


Mark's Sysinternals Blog


  • Please log in to reply
67 replies to this topic

#1 OFFLINE   Eric Legge

Eric Legge

    Post Master

  • Members
  • PipPipPipPip
  • 180 posts

Posted 02 November 2005 - 11:37 AM

This article is worth reading:Mark's Sysinternals BlogSony, Rootkits and Digital Rights Management Gone Too Far - http://www.sysintern...tal-rights.html

#2 OFFLINE   epp_b

epp_b

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,735 posts

Posted 03 November 2005 - 02:39 AM

I first saw this on engadget - took a brief look at this one at SysInternals, and it's definately worth anyone's time.I knew DRM was trash from the start, but this is dispicable! B)

#3 OFFLINE   ross549

ross549

    I live here.

  • Forum MVP
  • 9,185 posts

Posted 03 November 2005 - 05:42 AM

Sony now is offering a "Service Pack" to un-hide the hidden files. The downside? You must use Internet Explorer, because it is an ActiveX control!Sounds safe to me...... B)
I don't suffer from insanity, I enjoy it.
Posted Image Posted Image Posted Image Posted Image

#4 OFFLINE   RD1

RD1

    Post Master

  • Members
  • PipPipPipPip
  • 187 posts

Posted 03 November 2005 - 01:50 PM

Since this only affects Windows PCs, why doesn't someone start a class action discrimination suit. Obviously, DRM (and Sony) discriminates against Windows users by preventing the playing of CD content on their PCs while allowing unrestricted use of the same content on Apple or Linux PCs.  :download:

#5 OFFLINE   epp_b

epp_b

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,735 posts

Posted 04 November 2005 - 07:42 PM

Eh, stick them anyway.  I don't even buy CDs anymore.

#6 OFFLINE   patio

patio

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 715 posts

Posted 07 November 2005 - 12:37 PM

They will NEVER see any more of my money. :hysterical: patio.  :D

#7 OFFLINE   epp_b

epp_b

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,735 posts

Posted 07 November 2005 - 01:02 PM

Ditto!

#8 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 07 November 2005 - 01:05 PM

Mine either. I have been boycotting the RIAA/Big 5 since Napster was taken down and things haven't gotten better with age.I have put several topics about this on my blog this past week too.Also at EFF.org they have a PDF about the RIAA v. The People - Two Years Later. Certainly worth a read. Puts the last two years into perspective. I think it came out before the Sony/BMG fiasco because I am sure they would have included it if it hadn't. ;)Here's the direct link to the piece at EFF.org:http://www.eff.org/n...5_11.php#004116And here's a direct link to the PDF file on EFF.org:http://www.eff.org/I...atTWO_FINAL.pdfThere's also a link at my blog for that too.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#9 OFFLINE   patio

patio

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 715 posts

Posted 07 November 2005 - 05:05 PM

According to the latest the fix isn't anything to write home about either...Herepatio. B)

#10 OFFLINE   Eric Legge

Eric Legge

    Post Master

  • Members
  • PipPipPipPip
  • 180 posts

Posted 08 November 2005 - 11:57 AM

The company that created the DRM software for Sony has issued an update:"SonyBMG and First4Internet, the companies caught installing rootkit-like software on the computers of people who bought certain CDs, have taken their first baby steps toward addressing the problem. But they still have a long way to go; and they might even have made the situation worse."Yesterday, the companies released a software update that they say “removes the cloaking technology component that has been recently discussed in a number of articles”. Reading that statement, and the press statements by company representitives, you might think that that’s all the update does. It’s not."The update is more than 3.5 megabytes in size, and it appears to contain new versions of almost all the files included in the initial installation of the entire DRM system, as well as creating some new files. In short, they’re not just taking away the rootkit-like function — they’re almost certainly adding things to the system as well. And once again, they’re not disclosing what they’re doing." - http://www.freedom-t...nker.com/?p=921

#11 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 08 November 2005 - 01:20 PM

Excellent reading Eric, as his Freedom to Tinker's earlier entry on this subject.I have them both updated to my blog listing today when I found CNet's Declan's article posted on ZDNet today: Why they say spyware is good for you | Tech News on ZDNetI find all of this very upsetting. No country should create criminals out of folks who wish to remove something that was placed on their computer, with or without, the 'installer's' permission. It is after all your computer. And what does such demonizing of customers/potential customers do for a society already so sick of interference, legislation and restrictions on what they purchase (taking away citizens' fair use of what they buy and creating criminals of citizens) and backed by corporate lobbyists and our own government -- which is SUPPOSED to be run by "The People" not corporations? Who's government is this anyway, I ask myself for the umpteenth time these days. Sigh....This along with everything else that's going on out there with spyware, trojans, patents, copyright, DMCA, litigation, copy protection for software, hardware, etc. etc., is really is beginning to wear my patience thin. It seems to get worse by the day.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#12 OFFLINE   patio

patio

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 715 posts

Posted 08 November 2005 - 01:30 PM

They are now being sued and i managed to lose the link to the story. :icon8: patio.  :)

#13 OFFLINE   zlim

zlim

    It's me, plodr

  • Forum MVP
  • 7,179 posts

Posted 08 November 2005 - 03:05 PM

http://www.theinquir.../?article=27508that's one that was posted. I don't know if it is the only one.I've been following Mark's blog on Sysinternals. Because he has the expertise to look at the "programs" and then reports fairly on his findings.
Liz
Registered Linux User # 401459
Posted Image

#14 OFFLINE   epp_b

epp_b

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,735 posts

Posted 08 November 2005 - 03:14 PM

Sony sued over DRM "rootkit" @ Engadget.(Should be "Sony sued over DRM virus")

#15 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 09 November 2005 - 12:13 AM

:blink: Good one epp_b!I have added it to my latest entry on this on my blog, along with another quote by an article on the Christian Science Monitor:

Quote

In response to a flood of criticism, Sony and First 4 Internet reacted with information-age speed. The software patch was up and running on the Web by Nov. 2. But the patch serves only to locate the hidden software. Bloggers and computer experts are still steamed: The patch does nothing to help the user remove the rootkit, they say, and may in fact aggravate the problem.    For his part, Russinovich wonders why Sony wasn’t more careful in the first place. He cites a National Public Radio interview with Sony’s president of Global Digital Business, Thomas Hesse, in which he said that “most people, I think, don’t even know what a rootkit is, so why should they care about it?”    “That quote nicely summarizes the problem,” Russinovich says.
http://jim-fran.com/...sMusings/?p=284or direct at the CSMonitor.com - Sony aims at pirates - and hits users

View Postzlim, on Nov 8 2005, 02:05 PM, said:

http://www.theinquir.../?article=27508that's one that was posted. I don't know if it is the only one.I've been following Mark's blog on Sysinternals. Because he has the expertise to look at the "programs" and then reports fairly on his findings.
Good one zlim! Added this one too!
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#16 OFFLINE   epp_b

epp_b

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,735 posts

Posted 09 November 2005 - 01:55 AM

Quote

Good one epp_b!
And I was only half kidding!

#17 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 09 November 2005 - 11:13 AM

I've added another item to bottom of my blog entry:

Quote

In a BetaNews blurb entitled Sony President: Rootkit of No Concern BetaNews reports that NPR had an interview with Sony BMG’s Global Digital Business President Thomas Hesse. In this interview, Mr. Hesse downplayed the the DRM fiasco saying he objected to terms such as malware, spyware and rootkit. BetaNews quoted Mr. Hesse as stating that “Most people, I think, don’t even know what a rootkit is, so why should they care about it?”When I listened to the NPR Morning Edition “Sony Music CDs Under Fire from Privacy Advocates” presentation from November 4, 2005, I thought it was a rounded approach in presenting a capsulated audio report on the issues, including not only Mr. Hess’ comments, but those of several notable security experts including Mark from Syinternals who found the rootkit on his system and did the forensic investigation to determine where it came from, what it’s potential was, what it did, and how to remove it.It is certainly interesting to note that Sony of course as BetaNews reports totally played down the potentially devastating possibilities of such software, and their hiding of it, and did not address the lack of information in the EULA for the approximately 20 CDs he said make use of the hidden DRM enforcing technology.
http://jim-fran.com/...sMusings/?p=284I may have to start another post for this. I have been trying to keep them together, but there are just too many out there, and I only have a few of them on the posting!
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#18 OFFLINE   Cluttermagnet

Cluttermagnet

    Nocturnal Radio Geek

  • Forum MVP
  • 3,869 posts

Posted 11 November 2005 - 10:23 AM

'When The Law becomes unlawful..."This is an overall social trend in this country and elsewhere, and does not augur well for civil behavior in the future. Rather, it channels us more towards chaos. When people have 'the law' used against them unfairly, and as a weapon, they lose respect for the law, and compliance goes to **** in a hurry. This is where we are today. I guess, in a strange way, this all makes me glad I'm not 'young'. Consequently, for me, the latest hot musical properties are not 'must haves'. I haven't paid for any new music in any form in probably well over a decade now. Oh, one exception- I bought a few Firesign Theatre CDs at Best Buy a few years back, to support that excellent and underappreciated comedy troupe. Best Buy no longer sells them and I no longer buy anything from their music department. OTOH I *have* paid serious money for older CDs and yes, even vinyl LPs on Ebay and such. Oldies and goodies you *can* own, folks. At least, it's ownership so far as I'm concerned. No, I don't share around such material. "Wouldn't be prudent- at this juncture". But I do liberally copy it onto CDRs and (gasp!) audio cassettes for my personal consumption. Napster was a hoot til RIAA killed it. Somebody please put a stake through their (RIAA) wicked hearts. Where are the mobs with torches and pitchforks outside of RIAA HQ? I guess they must be busy defending against frivilous lawsuits and trying to stay out of bankruptcy. Siiiighhhhh!

Edited by Cluttermagnet, 11 November 2005 - 02:23 PM.

Special Limited Edition Cluttermaster 2007 with direct air cooling system.
"ClutterLabs" --open hardware for open software" .......... Registered Linux User 446867


("It takes an entire village to raise a child...")
"It takes only one bulldozer to raze an entire village..."
"Hey, Fred- isn't that your kid driving that bulldozer?"

In loving memory of Bruno Knaapen of Amsterdam, who shared
his love of Linux, and thereby made the world a better place...

#19 OFFLINE   Cluttermagnet

Cluttermagnet

    Nocturnal Radio Geek

  • Forum MVP
  • 3,869 posts

Posted 11 November 2005 - 06:21 PM

First Trojan using Sony DRM spotted :D
Special Limited Edition Cluttermaster 2007 with direct air cooling system.
"ClutterLabs" --open hardware for open software" .......... Registered Linux User 446867


("It takes an entire village to raise a child...")
"It takes only one bulldozer to raze an entire village..."
"Hey, Fred- isn't that your kid driving that bulldozer?"

In loving memory of Bruno Knaapen of Amsterdam, who shared
his love of Linux, and thereby made the world a better place...

#20 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 11 November 2005 - 06:23 PM

Hey ClutterMagnet! Great to see you!Actually, within about 7 hours in one day, they reported TWO!And that's besides the Netcraft hack to hide cheats in the game that is making use of that rootkit as well.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#21 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 11 November 2005 - 06:33 PM

View PostCluttermagnet, on Nov 11 2005, 09:23 AM, said:

'When The Law becomes unlawful..."This is an overall social trend in this country and elsewhere, and does not augur well for civil behavior in the future. Rather, it channels us more towards chaos. When people have 'the law' used against them unfairly, and as a weapon, they lose respect for the law, and compliance goes to **** in a hurry. This is where we are today. I guess, in a strange way, this all makes me glad I'm not 'young'. Consequently, for me, the latest hot musical properties are not 'must haves'. I haven't paid for any new music in any form in probably well over a decade now. Oh, one exception- I bought a few Firesign Theatre CDs at Best Buy a few years back, to support that excellent and underappreciated comedy troupe. Best Buy no longer sells them and I no longer buy anything from their music department. OTOH I *have* paid serious money for older CDs and yes, even vinyl LPs on Ebay and such. Oldies and goodies you *can* own, folks. At least, it's ownership so far as I'm concerned. No, I don't share around such material. "Wouldn't be prudent- at this juncture". But I do liberally copy it onto CDRs and (gasp!) audio cassettes for my personal consumption. Napster was a hoot til RIAA killed it. Somebody please put a stake through their (RIAA) wicked hearts. Where are the mobs with torches and pitchforks outside of RIAA HQ? I guess they must be busy defending against frivilous lawsuits and trying to stay out of bankruptcy. Siiiighhhhh!
Boy, isn't that the truth. It's one of the things I tried to address, however, not as eloquently as you did, on my blog. It really worries me quite a bit. Even more than the music dilemma itself really.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#22 OFFLINE   Cluttermagnet

Cluttermagnet

    Nocturnal Radio Geek

  • Forum MVP
  • 3,869 posts

Posted 11 November 2005 - 06:46 PM

Sony to Suspend Making Antipiracy CDs
Special Limited Edition Cluttermaster 2007 with direct air cooling system.
"ClutterLabs" --open hardware for open software" .......... Registered Linux User 446867


("It takes an entire village to raise a child...")
"It takes only one bulldozer to raze an entire village..."
"Hey, Fred- isn't that your kid driving that bulldozer?"

In loving memory of Bruno Knaapen of Amsterdam, who shared
his love of Linux, and thereby made the world a better place...

#23 OFFLINE   epp_b

epp_b

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 4,735 posts

Posted 11 November 2005 - 07:15 PM

Das ist nein...uh, found?http://www.wpbfnews....349/detail.html

#24 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 11 November 2005 - 07:26 PM

Temporarily is the key statement there.This is not the end of this ... it is just the next move in the chess game, unfortunately.

Quote

Are You Infected with Sony-BMG's Rootkit?EFF Confirms Secret Software on 19 CDsSan Francisco - News that some Sony-BMG music CDs installsecret rootkit software on their owners' computers hasshocked and angered thousands of music fans in recent days.Among the cause for concern is Sony's refusal to publiclylist which CDs contain the infectious software and toprovide a way for music fans to remove it. Now, theElectronic Frontier Foundation (EFF) has confirmed that thestealth program is deployed on at least 19 CDs in a varietyof genres.The software, created by First 4 Internet and known asXCP2, ostensibly "protects" the music from illegal copying.But in fact, it blocks a number of legal uses--likelistening to songs on your iPod. The software alsoreportedly slows down your computer and makes it moresusceptible to crashes and third-party attacks. And sincethe program is designed to hide itself, users may havetrouble diagnosing the problem."Entertainment companies often complain that fans refuse torespect their intellectual property rights. Yet tools likethis refuse to respect our own personal property rights,"said EFF staff attorney Jason Schultz. "Sony's tactics hereare hypocritical, in addition to being a security threat."If you listened to a CD with the XCP software on yourWindows PC, your computer is likely already infected. AnEFF investigation confirmed XCP software on 19 titles, but it's far from a complete list. Sony-BMG continues to refuseto make such a list available to consumers.Consumers can spot CDs with XCP by inspecting a CD closely,checking the left transparent spine on the front of thecase for a label that says "CONTENT PROTECTED." The back ofthese CDs also mention XCP in fine print. You can findpictures of these and other telltale labeling at http://www.eff.org/IP/DRM/Sony-BMG/

Quote

"Music fans should protect themselves from this stealthattack on their computer system," said EFF Senior StaffAttorney Fred von Lohmann.
For EFF's list of CDs with XCP::http://www.eff.org/d...ives/004144.phpThe "legalese rootkit" - Sony-BMG's EULA:http://www.eff.org/d...ives/004145.phpEFF's press release:http://www.eff.org/n...5_11.php#004146--

Quote

Sony-BMG Rootkit: EFF Collecting Stories, Considering LitigationEFF is collecting stories from EFF members and supporters who have purchased Sony-BMG CDs that contained the rootkit copy protection software.  We're considering whether the effect on the public, or on EFF members, is sufficiently serious to merit EFF filing a lawsuit.If you satisfy the following criteria, we would like to hear from you:1. You have a Windows computer;2. First 4 Internet's XCP copy protection has been installed on your computer from a Sony CD (for more details, see our blog post referenced above or the SysInternals blog, http://www.sysintern...y-rootkits-and-digital-rights.html);3. You reside in either California or New York; and4. You are willing to participate in litigation.We have not made a final decision about filing any legal action, but we would like to hear from music fans who have been harmed by the Sony-BMG rootkit copy protection technology. Please contact allison@eff.org for more information.

Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#25 OFFLINE   Cluttermagnet

Cluttermagnet

    Nocturnal Radio Geek

  • Forum MVP
  • 3,869 posts

Posted 11 November 2005 - 07:29 PM

View Postepp_b, on Nov 11 2005, 06:15 PM, said:

Uh-It's a stupid Yahoo page. The url is impossibly long. I found two urls that point to exactly the same page. Try this: Sony to Suspend Making Antipiracy CDs It probably won't work either. Worked for me, however.

Edited by Cluttermagnet, 11 November 2005 - 07:34 PM.

Special Limited Edition Cluttermaster 2007 with direct air cooling system.
"ClutterLabs" --open hardware for open software" .......... Registered Linux User 446867


("It takes an entire village to raise a child...")
"It takes only one bulldozer to raze an entire village..."
"Hey, Fred- isn't that your kid driving that bulldozer?"

In loving memory of Bruno Knaapen of Amsterdam, who shared
his love of Linux, and thereby made the world a better place...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users