Page 2 of 3
Posted: Fri Nov 11, 2005 12:30 am
by Image
hmmm...Sony was always so stuck-up to begin with; I'm surprized they didn't think of something so petty earlier
All Sony is accomplishing by this is prooving themselves to be horrible sports. What they are doing is immature; pure idiocy.
Although I do admit their frustrative tantrum annoying, I find this quite hilarious.
Good thing I never liked Sony to begin with; I might have already become a victem of their childish scheme...However I doubt I ever will be, seeing as I don't buy CDs anyway
Posted: Fri Nov 11, 2005 1:16 am
by roid
yeah Image, i labeled them as bad news ever since they introduced their compeltely unnessesary proprietary memory sticks.
Posted: Fri Nov 11, 2005 1:19 am
by DCrazy
Those memory sticks were the reason I avoided the Digital Camera department. People would come in claiming they needed a new Memory Stick for their camera. "Well, is it an original, a Duo, or one of the newfangled ones?" Cue complaint about how I should know what kind they need even though they can't remember what model camera they have.
Posted: Fri Nov 11, 2005 8:38 am
by Pugwash
Virus writers are exploiting Sony's controversial anti-piracy software to hide their malicious creations.
http://news.bbc.co.uk/2/hi/technology/4427606.stm
Posted: Fri Nov 11, 2005 2:27 pm
by Sarge
Sony to Stop Controversial CD Software
By Ted Bridis
The Associated Press
Friday, November 11, 2005; 2:02 PM
Stung by continuing criticism, the world's second-largest music label, Sony BMG Music Entertainment, promised Friday to temporarily suspend making music CDs with antipiracy technology that can leave computers vulnerable to hackers.
Sony defended its right to prevent customers from illegally copying music but said it will halt manufacturing CDs with the "XCP" technology as a precautionary measure. "We also intend to re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use," the company said in a statement.
The antipiracy technology, which works only on Windows computers, prevents customers from making more than a few copies of the CD and prevents them from loading the CD's songs onto Apple Computer's popular iPod portable music players. Some other music players, which recognize Microsoft's proprietary music format, would work.
Sony's announcement came one day after leading security companies disclosed that hackers were distributing malicious programs over the Internet that exploited the antipiracy technology's ability to avoid detection. Hackers discovered they can effectively render their programs invisible by using names for computer files similar to ones cloaked by the Sony technology.
Sony's program is included on about 20 popular music titles, including releases by Van Zant and The Bad Plus.
"This is a step they should have taken immediately," said Mark Russinovich, chief software architect at Internals Software who discovered the hidden copy-protection technology Oct. 31 and posted his findings on his Web log. He said Sony did not admit any wrongdoing, nor did it promise not to use similar techniques in the future.
Security researchers have described Sony's technology as "spyware," saying it is difficult to remove, transmits without warning details about what music is playing, and that Sony's notice to consumers about the technology was inadequate. Sony executives have rejected the description of their technology as spyware.
Some leading antivirus companies updated their protective software this week to detect Sony's antipiracy program, disable it and prevent it from reinstalling.
After Russinovich criticized Sony, it made available a software patch that removed the technology's ability to avoid detection. It also made more broadly available its instructions on how to remove the software permanently. Customers who remove the software are unable to listen to the music CD on their computer.
http://www.washingtonpost.com/wp-dyn/co ... 00632.html
Posted: Fri Nov 11, 2005 5:03 pm
by roid
i've been trying to track down what artists/albums have this virus on it.
there's supposedly 20 albums
4 of the 20 artists are:
Van Zant
The Bad Plus
Vivian Green
My Morning Jacket
if anyone else finds any more to add to the list that'd be great if we can build up a complete list.
edit, thx SARGE:
Trey Anastasio - Shine
Celine Dion - On ne Change Pas
Neil Diamond - 12 Songs
Our Lady Peace - Healthy in Paranoid Times
Chris Botti - To Love Again
Van Zant - Get Right with the Man
Switchfoot - Nothing is Sound
The Coral - The Invisible Invasion
Acceptance - Phantoms
Susie Suh - Susie Suh
Amerie - Touch
Life of Agony - Broken Valley
Horace Silver Quintet - Silver's Blue
Gerry Mulligan - Jeru
Dexter Gordon - Manhattan Symphonie
The Bad Plus - Suspicious Activity
The Dead 60s - The Dead 60s
Dion - The Essential Dion
Natasha Bedingfield - Unwritten
Ricky Martin - Life
Posted: Fri Nov 11, 2005 5:08 pm
by Sarge
There's a list here, although there are other labels that have it as well (subsidiaries of Sony)
http://news.bbc.co.uk/2/hi/technology/4424254.stm
Posted: Fri Nov 11, 2005 6:43 pm
by Nosferatu
I read the latest statement from Sony posted by Sarge and somehow I could almost hear:
OMGWTFBBQ
being mumbled in the background.
Posted: Fri Nov 11, 2005 6:55 pm
by Sarge
Nosferatu wrote:I read the latest statement from Sony posted by Sarge and somehow I could almost hear:
OMGWTFBBQ
being mumbled in the background.
OMG! WTF! BBQ!
My daughter says that too. Too funny!
Posted: Mon Nov 14, 2005 1:09 pm
by JMEaT
Posted: Mon Nov 14, 2005 1:27 pm
by Vander
NOOOO! My Ricky Martin and Celine Dion albums are infected!
Posted: Mon Nov 14, 2005 1:31 pm
by Lothar
As long as they didn't get my John Denver records, I'm OK...
Posted: Mon Nov 14, 2005 3:00 pm
by Richard Cranium
Does this sound like it would work???
Ok, it looks like the Sony rootkit requires you to have administrator access to your computer so don't log in as admin.
If you must login with administrator access don't do it with the 'administrator' account. Create another account to login with and give it administrator rights. (this is only one part of the protection)
For the Sony rootkit issue it will try and create a folder called C:\Windows\System32\$sys$filesystem (or where ever your system directory is) so before you put that new disk in your computer go and create that folder first and make it read-only, remove ALL ACL entries for this folder, and only add back the local admin ID to the list. Since you don't long in with that ID nothing, including the Sony rootkit, should be able to add any files to that directory.
And always disable AutoRun
Posted: Mon Nov 14, 2005 3:01 pm
by Richard Cranium
Vander wrote:NOOOO! My Ricky Martin and Celine Dion albums are infected!
I'm going to go and purchase one of these just to see what happens. Darn, looks like I'm giving money to the other evil empire.
Posted: Mon Nov 14, 2005 4:10 pm
by Darkside Heartless
pwned
By M$ too, that's gotta hurt.
Posted: Mon Nov 14, 2005 4:11 pm
by DCrazy
I bought the Foo Fighters' latest album (which is copy-protected) just before this whole thing broke. I don't run Windows so I wasn't affected by any of this copy-protection stuff, but I hope that it has the offending program on it so I can join a class-action lawsuit.
Posted: Mon Nov 14, 2005 4:28 pm
by Richard Cranium
DCrazy wrote:I bought the Foo Fighters' latest album (which is copy-protected) just before this whole thing broke. I don't run Windows so I wasn't affected by any of this copy-protection stuff, but I hope that it has the offending program on it so I can join a class-action lawsuit.
Don't count on getting much back even if you do join up in the class-action. Most of the money will end up in the lawyers pockets.
Posted: Tue Nov 15, 2005 2:07 am
by Top Gun
Darkside Heartless wrote:
pwned
By M$ too, that's gotta hurt.
Damn straight. When Microsoft Update kicks your ass, you know you're screwed.
Posted: Tue Nov 15, 2005 3:04 am
by []V[]essenjah
Sony does still produce CDs that use a different copy protection scheme.
Ugh. :\ But what is this other scheme?
Posted: Tue Nov 15, 2005 9:49 am
by Sarge
A new twist that even Microsoft can't (or won't) tackle...
http://www.dslreports.com/forum/remark,14802823
While most vendors have determined that the "aries.sys" rootkit is a threat because of exploitations, it is SOLELY this aries.sys file that is being removed, in order to "uncloak" any file which takes advantage of the rootkit's ability to hide ANY file which contains "$sys$" in its filename or its registry entries. However, any other files that are part of this "Digital Rights Management" collection have been placed "off limits" by ALL vendors, including Microsoft. NO vendor has stepped up to the plate and offered to completely eliminate these contents. And it is incredibly difficult to do so without system damage.
And as you read farther along in this forum, you see that once you 'Agree' (sic) to install Sony's DRM (there's no 'I Disagree' button it appears), you are captive to it FOREVER! There's appears to be no (legal) way out, even if you wanted to uninstall and give the CD back to Sony.
Sony has totally facked itself on this one, but it all started with the RIAA and the DMCA.
They can all KMA, as far as I'm concerned....
Posted: Tue Nov 15, 2005 10:40 am
by Top Gun
I think that
this captures my feelings pretty well
Posted: Thu Nov 17, 2005 10:04 am
by Sarge
This is getting juicy now.... I thought this part particularly interesting.
And Sony's rootkit -- designed to stop copyright infringement -- itself may have infringed on copyright. As amazing as it might seem, the code seems to include an open-source MP3 encoder in violation of that library's license agreement.
http://www.wired.com/news/privacy/0,184 ... _tophead_2
Posted: Thu Nov 17, 2005 11:23 am
by HaAGen DaZS
Sarge wrote:This is getting juicy now.... I thought this part particularly interesting.
And Sony's rootkit -- designed to stop copyright infringement -- itself may have infringed on copyright. As amazing as it might seem, the code seems to include an open-source MP3 encoder in violation of that library's license agreement.
http://www.wired.com/news/privacy/0,184 ... _tophead_2
h0h0!
Posted: Thu Nov 17, 2005 9:25 pm
by Richard Cranium
I heard on the news this AM that Sony is recalling the disks with this copy protection because hackers and virus authors are exploiting it. I think that deserves a 'Well Duh'.
Posted: Thu Nov 17, 2005 9:29 pm
by Richard Cranium
You know what, now I have to be worried about this rootkit installed on all the machines I manage at work because up to this point I have been letting people play their audio CDs in the computer. Sony is going to have to come up with an uninstaller that actually works very quickly and even if it came out tomorrow you can bet they are still going to get their a*#es sued off and most likely loose.
Posted: Thu Nov 17, 2005 10:33 pm
by Sarge
Posted: Thu Nov 17, 2005 10:35 pm
by Richard Cranium
Posted: Thu Nov 17, 2005 10:49 pm
by Sarge
The "DSL Reports" link I posted doesn't just detect it, it removes it. (although it requires some tricky Registry manipulation)
From the way he describes his job's managment attitude, that link probably won't make it through tomorrow.
Posted: Thu Nov 17, 2005 11:11 pm
by Richard Cranium
Would someone please let me know if this really works? I'm not sure if it really is detecting it or not so someone that really does have this 'virus' needs to let me know.
RC
Posted: Thu Nov 17, 2005 11:51 pm
by Sarge
The "rootkit" indeed hides the uber-secret "$sys$filesystem" folder, which is a subfolder of the WINNT (NT and 2000) or WINDOWS (XP) "SYSTEM32" folder. The rootkit sadly, is UNABLE to hide itself from being accessed directly from a COMMAND PROMPT (found in the start menu/programs/accessories list).
So for chuckles, I opened a COMMAND prompt. I then went (on an XP box, NT and Win2000 would be a WINNT rather than WINDOWS) ...
CD\WINDOWS (enter)
CD SYSTEM32 (enter)
CD $sys$filesystem (enter)
Low and behold, on a machine infected by this, I got a PROMPT with $sys$filesystem present! (on an UNinfected machine, you'd get an error of "not found." Surprisingly, it let me HAVE it!) If this directory doesn't show, then you're NOT infected! You're finished right here.
Posted: Thu Nov 17, 2005 11:54 pm
by roid
Code: Select all
C:\>cd winnt
C:\WINNT>cd system32
C:\WINNT\system32>cd $sys$filesystem
The system cannot find the path specified.
C:\WINNT\system32> :-D yaaay
Posted: Fri Nov 18, 2005 10:01 am
by Sarge
lol
Posted: Mon Nov 21, 2005 1:24 pm
by Lobber
Posted: Mon Nov 21, 2005 1:34 pm
by fyrephlie
the thing that makes me laugh is that SONY WROTE SOFTWARE THAT DID SOMETHING!!! i mean really. i hate sony. you can't seem to buy a sony product without being forced to use their lame a$$ software. i mean ATRAC??? they made their own POS encoding scheme? a friend of mine bought a handicam, and tried desperately to use the proprietery software that came with it, and found most of it didn't work right, and the whole lot was written VERY POORLY.
ok ok... well there is the playstation... but we won't get into that.
Posted: Mon Nov 21, 2005 3:46 pm
by Richard Cranium
I've so glad someone else 'necroposted' this tread back to life and not me. I've been looking at the entire XCP thing very closely because of the number of machines I manage at work. I had to come up with a way to test all of our workstation for this rootkit and so far the good news is we don't have a single machine here that has it except the two that I 'infected' to test with. (Yes I had to go and purchase one of the infected music disks, â??Celine Dion â?? on ne change pasâ?? if you must know)
Now my request...
Does anyone have a copy of the ActiveX control Sony was using called Codesuppot.ocx? They used it on their website as part of the 'uninstall' XCP request. I really want to get a copy of that OCX if anyone has it and since Sony has pulled it from their site my best bet is one of you.
RC
Posted: Tue Nov 22, 2005 3:09 am
by roid
can't help you there dick, but it may settle your mind some to know that i heard you need to be logged on with admin priviledges for the virus to be able to install.
so i doubt any user machines will be infected.
Posted: Tue Nov 22, 2005 4:11 am
by Lobber
Posted: Tue Nov 22, 2005 6:12 am
by roid
interesting, that shows 52 albums. not the originally claimed 20.
Posted: Tue Nov 22, 2005 4:04 pm
by Zantor
I thoroughly agree that it's total BUNK and it pisses me off that a company would do such a thing.
Last I heard Sony is being sued by 2 American states and a country.
Posted: Wed Nov 23, 2005 10:29 am
by Sarge
... and on and on and on!
How many corporate, government, military, and scientific organizations will ban the use of any Sony CD now on any machine connected to their networks?
http://www.theregister.com/2005/11/23/s ... questions/
I also liked this one..
# How would those corporate, government, and scientific organizations have reacted if a group hostile to American interests had engaged in the same security violations practiced by Sony?
I've already sent out an email to everyone where I werk forbidding Sony (and SunnCom) CDs from being played along with the list of the 53 titles listed by Sony as having this DRM.