The "rootkit" story continues. First we had the fact that the rookit on Sony DRM CDs could kill your Windows system, then we had the story of World of Warcraft hackers using it to cheat and now apparently people have discovered that the rootkit phones home (http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html).

Not 100% gaming news, but it certainly is an interesting story with some gaming implications (the cheating possibilities and pirating issues).

My question: Has this poorly thought-out excuse for copy protection actually protected any of Sony's content?

Oh that's just fucking super that is.

very interesting article, I like how they exploit sony's lies very clearly.
that makes me warm in the tummy.
I wonder if this will effect their shares! Sell sell sell!

The thing that got me was reading that Sony have bundled this rootkit DRM stuff with all copy-protected releases since April 1st 2004.

How do you even know if you're infected anyway?

the fun thing about the rootkit is that you can actually use it to defeat the copy protection by just adding %sys% to the name of your favorite cd rip program.

Awesome job, guys!

Sigh.

Listen (http://media.grc.com/sn/SN-012-lq.mp3).

Out of 80 machines we ended up having 5 more with this. Brings our total to 9.

Sony can burn in hell. Especially, the exec that said that it doesn't bother people who don't know about root kits. Um...it CHANGES THE FREAKIN' OS CODE!

I love how the sysinternals guy shows how many hoops one has to jump through and and what marketing lists you have to subscribe to to get this...uh...."fix." Now that the major media has picked up on his site, maybe they'll follow up with this article as well.

I've said it before, and I'll say it again: Fuck Sony :p

DRM is a fucking horrible infringement on freedom of property, and as above posters have noted, it ain't doing much to protect anything. If it can be played, it can be recorded. If it can be written onto a disc, it can be rewritten. I'm sick of this garbage infringing on our rights as a means to futilely try and protect someone else's. I've refused to buy DRM'd CDs for a while now, and I'm extremely glad I have. The solution is not to fuck over the customer, ever. Especially under the predicate of 'they don't even know about it, so why worry?'

More bothersome than the rootkit itself, is that you end up clicking on a EULA which turns your purchase into a license. I know we've been trending down this path for some time now: where ownership goes the way of the dodo. But this is something slightly more bothersome than even the EULA on ink cartridges. The implication here is mind-boggling.

If I only play my Sony CD in my car or home stereo CD players, I have purchased a copy of the music, which I can use however I like, under the protections of the law.

If I put the Sony CD in my computer, and click 'I Agree' - I have no longer purchased a copy of the music. I have now agreed that I have purchased a revokable license to use the music on Sony's terms. Legal Fair Use no longer applies.

One of their terms? If you don't update the copy protection software, your license is revoked. That copy of the music? Not legally yours anymore. At all.

Ponder that shit.

>One of their terms? If you don't update the copy protection software, your license is revoked. That copy of the music? Not legally yours anymore. At all.

Wow... shocking

DRM is a fucking horrible infringement on freedom of property, and as above posters have noted, it ain't doing much to protect anything. If it can be played, it can be recorded. If it can be written onto a disc, it can be rewritten. I'm sick of this garbage infringing on our rights as a means to futilely try and protect someone else's. I've refused to buy DRM'd CDs for a while now, and I'm extremely glad I have. The solution is not to fuck over the customer, ever. Especially under the predicate of 'they don't even know about it, so why worry?'
DRM in theory isn't bad at all. it's a way of companies to protect their property. as a consumer, when you buy a CD you are actualy buying a license to listen to contents of the CD, so you only have as many rights in terms of ownership that sony (or whoever the copyright holder of that CD is) gives you.

what sony is doing, however, is wrong. DRM should be disclosed to the end user, and slaping "copy protected" on the disk doesn't count.

sony are the biggest hypocrites in the technology sector. the're pulling an senator palpatine by playing both sides of the fence. on one hand, they've got aggressive copy protection on their CD's (has anyone looked at their DVD's yet?), and on the other hand they sell digital music players capable of playing pirated music, and they recently launched a software suite that's main purpose is converting and copying different forms of media for play on their PSP (http://www.sonymediasoftware.com/products/showproduct.asp?PID=995&keycode=6134-3000). they're advocating with one hand what their discouraging with the other.

More bothersome than the rootkit itself, is that you end up clicking on a EULA which turns your purchase into a license.
it's always been this way. you don't own the music, you own the physical materials that contain the music and have a license to lisen to the music. if you owned the music, you could use it in films, sample it for making new music, or make copies of it and sell them on the street. it's always been this way.

As far as I'm concerned, Sony products are no longer an option for me. I will not buy the PS3, I will not subscribe to any of their MMO's, and I will never buy any of their first party titles. I don't care if they stopped doing this and got down and sucked my cock for forgivness, they crossed a line that no company should be aloud to cross.

If you value your personal freedom, and your rights as a consumer at all, then you'll join me in this boycott against Sony.

I know some people seem to be equating the Blizzard Warden and the Sony DRM rootkit in the same lump but I disagree with that correlation.

The Blizzard Warden would most likely be considered spyware in most scenarios outside of its use in WoW. But consider that 1) It's ELUA outlines that such behavior is possible 2) If you don't like it, uninstall WoW and the 'spyware' is gone. So while people may not like the concept of the Warden, at least it is 'ethical spyware/adware' so to speak.

The Sony DRM on the other hand is covert and almost impossible to detect via 'normal' methods. Also it is impossible to 'easilly' remove the application. Of course uninstalling the app should as designed not give you access to the CD in question as well but that's Sony's right to allow that. But the spyware here acts in a way that only the most subversive adware/spyware distributors work.

To me the difference is in the 'behavior' of the respective spywares and not in the spyware itself. They are both by definition spyware, but one is designed in an ethical way while the other is subversive by nature.

Some blame Sony and they are to blame. Though I've heard that there are lots of conflicts between the electronics division of Sony and its entertainment division. I think once Sony really got into the whole entertainment market, the entertainment division started to dictate to the electronics division what they wanted. I think this has really stifled the innovation that Sony was famous for in the 80s. In the 80s and 90s I bought mostly sony portable products cuz they were well designed and looked a hell of alot better than the crap you could get in America.

They definitely fell behind with mp3s, again which I think was due to pressure from the entertainment division not to allow this. I'm sure the electronics division spends way too much time on this stuff, than on just making cool shit like they used to unforunately.

I think we are right to hate Sony/BMG, but I definitlely still support Sony's electronics division. I consider them 'separate' entities.

As far as I'm concerned, Sony products are no longer an option for me. I will not buy the PS3, I will not subscribe to any of their MMO's, and I will never buy any of their first party titles. I don't care if they stopped doing this and got down and sucked my cock for forgivness, they crossed a line that no company should be aloud to cross.

If you value your personal freedom, and your rights as a consumer at all, then you'll join me in this boycott against Sony.
*shakes fist in air*
boycotting sony is hard to do, because they own so much.
http://www.cjr.org/tools/owners/sony.asp
that list doesn't include a few things, like the fact that sony is part of a media conglomerate that now owns MGM. in fact, about a week after said media conglomerate purchased MGM they (mgm) announced that they would be supporting UMD movies.

also, i just want to point out that sony gets a cut of all games published for their platforms (ps1, ps2, psp, ect) so they'll still get your money if you aren't buying first party titles. many products with optical drives have sony drives, or drives that contain sony components (the dreamcast had an oak technologies drive that contained sony products, for example), sony owns the patants on the trinitron tube, which is used in CRT's manufactured by other companies as well. and they own michael jackson, so you're gonna have to burn your MJ t-shirts. checkdamoon.

DRM in theory isn't bad at all. it's a way of companies to protect their property.
Um, yeah... copyright law already does that. What DRM does, is removes any legal burden of proof from the publisher. They can now define a subset of consumer rights that favor them and removes any legal protection for the consumer.
It's bad for consumers. It's an erosion of their rights.

as a consumer, when you buy a CD you are actualy buying a license to listen to contents of the CD, so you only have as many rights in terms of ownership that sony (or whoever the copyright holder of that CD is) gives you.
Blatantly false. When I buy a CD, I've purchased a copy of the music on that CD. I can do anything I want with it, within the confines of the law. If the copyright holder believes I'm doing something naughty, they must legally prove misuse.
The idea of 'licensing' is publisher bullshit, to allow them to redefine the terms of copyright, and sidestep the burden of proof.
They never liked the betamax decision, and 'licensing' is how they're rolling it back.

it's always been this way. you don't own the music, you own the physical materials that contain the music and have a license to lisen to the music.
Who asserted the consumer owned the music? I said we used to own that copy of the music.
Yeah, there's a huge difference between owning a copy and owning the music.
But there's also a huge difference between owning a copy and licensing.

When I own a copy, I can do what I want with it, and until I break the law the copyright holder can't do shit.
When I hold a license, I can only do what the contract allows, regardless of the law.

'Phone home' is perhaps a bit of an exaggeration:I dug a little deeper and it appears the Player is automatically checking to see if there are updates for the album art and lyrics for the album it’s displaying. This behavior would be welcome under most circumstances, but is not mentioned in the EULA, is refuted by Sony, and is not configurable in any way. I doubt Sony is doing anything with the data, but with this type of connection their servers could record each time a copy-protected CD is played and the IP address of the computer playing it.Not, of course, that I don't think this is a nasty abuse of power.

Blatantly false. When I buy a CD, I've purchased a copy of the music on that CD. I can do anything I want with it, within the confines of the law.You've not done anything to prove that it is 'blatantly false' except say the opposite.

You've not done anything to prove that it is 'blatantly false' except say the opposite.
The burden of proof isn't on the person making the claim anymore?

I'll humor you:
When's the last time you signed (or clicked on) a license when you listened to an audio CD? Because if you haven't (and prior to 2004, no-one had), you weren't entering into a license. So how did it all work before we had private contracts?

That's right, without the license, the boundaries of use were limited by copyright law.

Well I just wrote up a decent rant about this but screw that, Ill withhold from looking way too deep into this like most of you.

Just tell me what the big freaking deal is. Not possibilities or bullshit speculation, total facts and an explanation.

Oh no there is a .00000000001% possibility of some stupid program I installed willingly will screw me over in the long run. /cry

The burden of proof isn't on the person making the claim anymore?

I'll humor you:
When's the last time you signed (or clicked on) a license when you listened to an audio CD? Because if you haven't (and prior to 2004, no-one had), you weren't entering into a license. So how did it all work before we had private contracts?

That's right, without the license, the boundaries of use were limited by copyright law.
if that were true, you could walkin into a store, legaly purchase a cd and play it in the waiting room of a doctors office, in a food service, or on a radio station. the fact is, CD's (and dvd's) availble in sores are licensed for personal use only. do proprieters do what i have just described? yes, it happens all of the time. but it's not legal.

if that were true, you could walkin into a store, legaly purchase a cd and play it in the waiting room of a doctors office, in a food service, or on a radio station.
Seriously, if you don't know anything about copyright law, it's ok. But please stop making yourself look silly.
Title 17 US Code section 114 clearly covers public performance.

Prior to private contracts, your rights as a consumer, as an owner of a lawful copy of a copyrighted work, were clearly spelled out by the law and further defined in case law. Prior to private contracts the rights of the copyright holder were clearly spelled out by the law and further defined in case law.

There is no 'license'. There is Title 17.

Well I just wrote up a decent rant about this but screw that, Ill withhold from looking way too deep into this like most of you.

Just tell me what the big freaking deal is. Not possibilities or bullshit speculation, total facts and an explanation.

Oh no there is a .00000000001% possibility of some stupid program I installed willingly will screw me over in the long run. /cry
Not anymore. It's in the wild. All it takes is for someone to piggyback this app on anything and "poof." Compromised.

...and yes, don't use their CDs and you've greatly lowered your chance. :D

You may not get it, but the average Joe will. I have over 10% infected at my office....dunno...maybe we're not in the norm. However, most of my IT buddies are reporting it.

Well I just wrote up a decent rant about this but screw that, Ill withhold from looking way too deep into this like most of you.

Just tell me what the big freaking deal is. Not possibilities or bullshit speculation, total facts and an explanation.

Oh no there is a .00000000001% possibility of some stupid program I installed willingly will screw me over in the long run. /cry


I don't understand what you're not seeing? Do you run anti virus/anti spyware programs on your PC? Do you realize that once you "play" your lovely new Sony CD that any malware/virus/spyware can now simply rename themselves and be invisible to anti virus/etc tools? It might not be a problem for you this very instant but it will be. It usually takes about a few weeks for malware writers to full incorporate this into their code. Seems like a big deal to me, considering they put a huge backdoor into your system without your permission or knowledge.

Seriously, if you don't know anything about copyright law, it's ok. But please stop making yourself look silly.
Title 17 US Code section 114 clearly covers public performance.

Prior to private contracts, your rights as a consumer, as an owner of a lawful copy of a copyrighted work, were clearly spelled out by the law and further defined in case law. Prior to private contracts the rights of the copyright holder were clearly spelled out by the law and further defined in case law.

There is no 'license'. There is Title 17.
http://www.loc.gov/copyright/title17/chapter01.pdf

§ 106 · Exclusive rights in copyrighted works³⁶ Subject to sections 107 through 122, the owner of copyright under this title has the exclusive rights to do and to authorize any of the following: (1) to reproduce the copyrighted work in copies or phonorecords; (2) to prepare derivative works based upon the copyrighted work; (3) to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending; (4) in the case of literary, musical, dramatic, and choreographic works, pantomimes, and motion pictures and other audiovisual works, to perform the copyrighted work publicly; (5) in the case of literary, musical, dramatic, and choreographic works, pantomimes, and pictorial, graphic, or sculptural works, including the individual images of a motion picture or other audiovisual work, to display the copyrighted work publicly; and (6) in the case of sound recordings, to perform the copyrighted work publicly by means of a digital audio transmission.
your "rights as a consumer" don't include public performance at all. the copyright holder has all of the rights to the copyrighted works, save the few allowed by fair use.

when you purchase a CD, you aren't purchasing the msuic, you're purchasing a physical object that contains a copy of the music, that you are licensed for private use. just because Title 17 doewsn't use the word license means nothing. the copyright holder has the rights and they license them to the consumer when they purchase a CD.

Back on a practical note...

Disable auto-run on your optical drives!

I don't understand what you're not seeing? Do you run anti virus/anti spyware programs on your PC? Do you realize that once you "play" your lovely new Sony CD that any malware/virus/spyware can now simply rename themselves and be invisible to anti virus/etc tools? It might not be a problem for you this very instant but it will be. It usually takes about a few weeks for malware writers to full incorporate this into their code. Seems like a big deal to me, considering they put a huge backdoor into your system without your permission or knowledge.

Don't forget that this enables cheaters to ruin your favorite games by employing the PROTECTION this software affords them. World of Warcraft is only the first game that we know of that's using it. I wouldn't be surprised to find out this is behind the recent undetectable BF2 cheats we've been seeing on our server. Someone can spoof the commander and send down artillery without waiting in between strikes.

Sony has fucked up royally.

your "rights as a consumer" don't include public performance at all. the copyright holder has all of the rights to the copyrighted works, save the few allowed by fair use.
Goddammit man!
I never said the owner of the copy had public performance rights. You suggested that some ephemeral 'license' existed because that with only the law to guide us, all consumers would be making public performances willy nilly all over the damn place.

You are the one who stated that a copyright holder can only protects their rights with a private contract.
I am the guy saying that their rights (such as their exclusive right to public performance) are well protected by the law. I brought up Section 114 because it specifically states that the copyright holder has the exclusive right to public performances.
It showed that the law adequately defined and defended the rights of the copyright holder, rendering your concerns about dentists offices moot.

Christ.

when you purchase a CD, you aren't purchasing the msuic, you're purchasing a physical object that contains a copy of the music
Yes.
that you are licensed for private use.
No. I am legally bound by copyright to use it privately. That is not a license.

Licenses are revokable. Ownership of a legally obtained copy of a copyrighted work is not.

Throughout Title 17 it is repeated and emphasized that the rights of an owner of a legally obtained copy are not dictated by the copyright holder.
Throughout Sony's EULA it is repeated and emphasized that the rights of the licensee are dictated by Sony.

See the difference?

No. I am legally bound by copyright to use it privately. That is not a license.

Licenses are revokable. Ownership of a legally obtained copy of a copyrighted work is not.

Throughout Title 17 it is repeated and emphasized that the rights of an owner of a legally obtained copy are not dictated by the copyright holder.
Throughout Sony's EULA it is repeated and emphasized that the rights of the licensee are dictated by Sony.

See the difference?
there is no difference. when you are purchase a CD, the copyright owner grants you the license to use the copyrighted material contained on the CD for private use. that's how it works. public use is a seperate license. if you use the copyrighted material in a manor that violates the license (ie, infriges on title 17 for the average joe), your license is revolked, and " As part of a final judgment or decree, the court may order the destruction or other reasonable disposition of all copies or phonorecords found to have been made or used in violation of the copyright owner's exclusive rights, and of all plates, molds, matrices, masters, tapes, film negatives, or other articles by means of which such copies or phonorecords may be reproduced."

so if you purchase a cd, then play it in a public place, you are technicaly violating copyright law and the terms of your private license. the copyright holder, by way of the court system, could revoke you private license and destroy the items (ie the CD) used in the violation.

you can call it whatever you want to, we're talking about the same thing, with the same restrictions.

there is no difference.
Yes, there is.

when you are purchase a CD, the copyright owner grants you the license to use the copyrighted material contained on the CD for private use.
No. When the copyright owner publishes his work, the United States Government extends unto him lawful protection of his intellectual property.
The government extends unto those who buy copyrighted works, limitations on the exclusive rights of the copyright owner. There is no direct agreement between the copyright holder and the consumer. zero. Sony does not decide when you've made too many copies of a Foo Fighter's CD. The government does.

There is a vast difference between that, and Sony playing legislator and judiciary.

Here's the important distinction spelled out:

Normally, the government decides what's fair and what's infringement, and Sony has no say in how you use your copy, until you break the law. The court system decides when you've violated Sony's copyright.

With Sony's EULA, Sony decides what's fair use and what isn't, and Sony has direct say in how you use your copy --regardless of what protections the law provides to you-- until you break the contract.

if you use the copyrighted material in a manor that violates the license (ie, infriges on title 17 for the average joe), your license is revolked
No. Source and counterfeit copies can be seized and destroyed, only after a court of law decides that infringement has occurred. With Sony's License, there is no court of law involved. Sony decides when your copy is forfeit.

These are two wildly different methods of operation.

the copyright holder, by way of the court system, could revoke you private license and destroy the items (ie the CD) used in the violation.
Under the EULA, the court system plays no role. Sony decides how many copies you get to make, which media you get to convert it to, and at what quality levels. Not the courts. Not the legislature. Sony.

you can call it whatever you want, but this is a substantive change in the way the system works.

we're talking about the same thing, with the same restrictions.
What I'm talking about is the difference between the government's restrictions, and a court of law's judgement as distinct from Sony's restrictions and Sony's judgement.

You seem to think they're the same thing when they're not.

Admit defeat, see colon.

Well, so much for buying a PS2. I'd already bought some damn games for it too. I'm not supporting this kind of garbage though.

One more company added to the list of conglomerates I don't support.

Maybe someday we'll get government officials who don't put corporate blowjobs over the rights of their citizens. Then all this DRM shit will be reversed and the companies who abused it will pay. Probably too Utopian though in this day and age...

Italy kicks off the lawsuits (note: in italian) (http://www.alcei.org/index.php/archives/106).

Story by Inquirer (http://www.theinquirer.net/?article=27508).

I'd like to see Microsoft file suit against Sony for compromising their operating system illegally. I'm not at all informed on copyright laws or American judgements, but it would be ammusing to see Microsoft own Sony in the courts, and then as a final blow "...oh, and your console sux too keke"

This recent move by Sony's music arm is enough to make me not buy any Sony CD's until I hear that this matter is resolved to my satisfaction.

A boycott of Sony music CD's seems to be the most direct action I can take in the matter to show my displeasure.

But I guess I'm just another drop in the bucket.

Anyone else?