Bigun wrote:lol... they found a way to use this malware to cheat in World of Warcraft:

http://www.theregister.co.uk/2005/11/04 ... s_wow_bot/

Yeah, I saw that on Slashdot. Kinda makes you wonder if maybe this was Sony's true intent since they compete with Blizzard in the MMORPG market. Wouldn't it be funny if Blizzard sued Sony for violating the DMCA by creating software to circumvent protection built into their software.

elasticwings wrote:Wouldn't it be funny if Blizzard sued Sony for violating the DMCA by creating software to circumvent protection built into their software.

as long as it didn't make ps3 prices go up, yes, it would be hilarious.

Should have known that the state of California would beat everybody to it. California has filed a class-action lawsuit against Sony

Also, they are keeping a list on Slashdot of the albums that are known to contain the rootkit. Good thing the latest Our Lady Peace album sucked.
http://slashdot.org/~xtracto/journal/121088

I hope they don't use lube..

How to tell if a CD has the rootkit:

http://www.eff.org/deeplinks/archives/004144.php

Wow, the turnaround on somebody exploiting that was quick.
From Slashdot:

"The Register reports on the first trojan using Sony's DRM rootkit. A newly discovered variant of the Breplibot trojan makes use of the way Sony's rootkit masks files whose filenames begin with '$sys$'. This means that any files renamed this way by the trojan are effectively invisible to the average user. The malware is distributed via an email supposedly from a reputable business magazing requesting that the businessperson verify his/her attached 'picture' to be used for an upcoming issue. Once the payload is executed, the trojan then installs an IRC backdoor on affected Windows systems."

elasticwings wrote:Wow, the turnaround on somebody exploiting that was quick.
From Slashdot:

"The Register reports on the first trojan using Sony's DRM rootkit. A newly discovered variant of the Breplibot trojan makes use of the way Sony's rootkit masks files whose filenames begin with '$sys$'. This means that any files renamed this way by the trojan are effectively invisible to the average user. The malware is distributed via an email supposedly from a reputable business magazing requesting that the businessperson verify his/her attached 'picture' to be used for an upcoming issue. Once the payload is executed, the trojan then installs an IRC backdoor on affected Windows systems."

In a few days there will be 5 more.

elasticwings wrote:Wow, the turnaround on somebody exploiting that was quick.
From Slashdot:

"The Register reports on the first trojan using Sony's DRM rootkit. A newly discovered variant of the Breplibot trojan makes use of the way Sony's rootkit masks files whose filenames begin with '$sys$'. This means that any files renamed this way by the trojan are effectively invisible to the average user. The malware is distributed via an email supposedly from a reputable business magazing requesting that the businessperson verify his/her attached 'picture' to be used for an upcoming issue. Once the payload is executed, the trojan then installs an IRC backdoor on affected Windows systems."

*waits for the lawsuits to quadruple*

Well, Mac users beware those dirty little EULAs. You never know what you are agreeing to.

From Slashdot of course:

"A MacInTouch poster has found that certain Sony CD's also contain a smaller extra partition for 'enhanced' content. Running one of the applications found within this partition installs kernel extensions containing DRM software by SunnComm. In Sony's defense you're told what is being installed within a EULA which pops up when the program is loaded. Thankfully we all read our EULAs completely."

elasticwings wrote:Well, Mac users beware those dirty little EULAs. You never know what you are agreeing to.

From Slashdot of course:

"A MacInTouch poster has found that certain Sony CD's also contain a smaller extra partition for 'enhanced' content. Running one of the applications found within this partition installs kernel extensions containing DRM software by SunnComm. In Sony's defense you're told what is being installed within a EULA which pops up when the program is loaded. Thankfully we all read our EULAs completely."

Beware if I ever get to write software.... My EULA is going to contain things like "you agree to be my unpaid personal servent for a period of 6 months for the privilage of using my software"

damnit, I think I might have just given Iblis some BAD ideas....

Bone wrote:

elasticwings wrote:Well, Mac users beware those dirty little EULAs. You never know what you are agreeing to.

From Slashdot of course:

"A MacInTouch poster has found that certain Sony CD's also contain a smaller extra partition for 'enhanced' content. Running one of the applications found within this partition installs kernel extensions containing DRM software by SunnComm. In Sony's defense you're told what is being installed within a EULA which pops up when the program is loaded. Thankfully we all read our EULAs completely."

Beware if I ever get to write software.... My EULA is going to contain things like "you agree to be my unpaid personal servent for a period of 6 months for the privilage of using my software"

damnit, I think I might have just given Iblis some BAD ideas....

nah, i've had those. currently i've only went as far as requiring anyone who logs into my system to "acknowledge that i am better than you, and that i am your lord and master."

Wow, this just keeps getting better and better. Apparently, the DRM uses the LGPL'd lame codec. If I read correctly, because it is compiled straight into a single executable file. They have to distribute the source code of the whole thing or they are in violation.

http://yro.slashdot.org/article.pl?sid=05/11/15/1250229&from=rss

Sony just keeps making Slashdot headlines:

http://yro.slashdot.org/article.pl?sid=05/11/15/1856213&from=rss
Not only is Sony no longer selling the RootKit CDs, Arend writes "According to a USAToday article, Sony is to pull their controversial rootkit CDs from store shelves." A nice gesture, but a little late. bos writes "Sony's DRM rootkit has been found by Dan Kaminsky to have infected at least half a million networks, according to an article by Quinn Norton for Wired News. Dan has even put together some pretty pictures of the breadth of the infection." With so many people infected, it's unfortunate that wiredog writes "From The Washington Post comes the news that serious security flaws have been found in the software that Sony is distributing to users who want to remove the Sony rootkit. The article says: 'Because of the way the tool is configured ... it allows any Web page that the user subsequently visits to download, install and run any code that it likes.'" Oops. Even the most fetid evil in the known universe is getting into the act. ares284 writes "the most fetid evil in the known universe said it would remove controversial copy-protection software that CDs from music publisher Sony BMG install on personal computers, deeming it a security risk to PCs running on Windows."

Sony wrote:*whisper* we'll install this to keep us from losing millions

Sony a mere month later wrote:Oh.... shit.... what the hell have we done...

If Mitnick can get prosecuted... how is Sony any different..... aside from an assload of money....

Bone wrote:

elasticwings wrote:Well, Mac users beware those dirty little EULAs. You never know what you are agreeing to.

From Slashdot of course:

"A MacInTouch poster has found that certain Sony CD's also contain a smaller extra partition for 'enhanced' content. Running one of the applications found within this partition installs kernel extensions containing DRM software by SunnComm. In Sony's defense you're told what is being installed within a EULA which pops up when the program is loaded. Thankfully we all read our EULAs completely."

Beware if I ever get to write software.... My EULA is going to contain things like "you agree to be my unpaid personal servent for a period of 6 months for the privilage of using my software"

damnit, I think I might have just given Iblis some BAD ideas....

there is shit like that
roxio used to have a clause that allowed them to use a gig on YOUR computer and socket its usage if your a broadband internet user.

read your EULA's sometime
youll be shocked.

Wow, talk about reverse standards and irony. So Sony use'd DVD John's GPL'd code that circumvents Apple's DRM in their DRM. That's just messed up.

http://yro.slashdot.org/article.pl?sid=05/11/17/1350209&from=rss
An anonymous reader writes "With some help from Sabre Security, Sebastian Porst and Matti Nikki have identified some stolen GPL'd code in Sony's rootkit. Ironically the code in question seems to be VLC's demux/mp4/drms.c -- the de-DRMS code which circumvents Apple's DRM, written by 'DVD' Jon Lech Johansen and Sam Hocevar."

See.. this is why I've bought one CD that wasn't on a independent label in the past 2 or 3 years..

Everything else has been jazz and classical stuff that weren't on major labels.

http://yro.slashdot.org/yro/05/11/21/2245207.shtml?tid=233&tid=123

"According to Yahoo!, Texas Attorney General Greg Abbott 'filed a civil lawsuit on Monday against Sony BMG Music Entertainment for including "spyware" software on its media player designed to thwart music copying. [...] Texas is seeking civil penalties of $100,000 per violation of the state's Consumer Protection Against Computer Spyware Act, which was enacted earlier this year. "Sony has engaged in a technological version of cloak and dagger deceit against consumers by hiding secret files on their computers," Abbott said in a statement.'"

Texas of course sued Sony for violating the state's Anti-Spyware law. I'm reading through USA today and they have a list of states that have Anti-Spyware laws.:

Alaska
Arizona
Arkansas
California
Georgia
Indiana
Iowa
New Hampshire
Texas
Utah
Virginia
Washington

If that be the case, they have a possible 10 other state lawsuits pending.

elasticwings wrote:http://yro.slashdot.org/yro/05/11/21/2245207.shtml?tid=233&tid=123

"According to Yahoo!, Texas Attorney General Greg Abbott 'filed a civil lawsuit on Monday against Sony BMG Music Entertainment for including "spyware" software on its media player designed to thwart music copying. [...] Texas is seeking civil penalties of $100,000 per violation of the state's Consumer Protection Against Computer Spyware Act, which was enacted earlier this year. "Sony has engaged in a technological version of cloak and dagger deceit against consumers by hiding secret files on their computers," Abbott said in a statement.'"

that makes me so happy, i could pee.