Trojan Using Sony DRM Rootkit Spotted 597
Analise writes "The Register reports on the first trojan using Sony's DRM rootkit. A newly discovered variant of the Breplibot trojan makes use of the way Sony's rootkit masks files whose filenames begin with '$sys$'. This means that any files renamed this way by the trojan are effectively invisible to the average user. The malware is distributed via an email supposedly from a reputable business magazing requesting that the businessperson verify his/her attached 'picture' to be used for an upcoming issue. Once the payload is executed, the trojan then installs an IRC backdoor on affected Windows systems."
Rant Time... (Score:2, Interesting)
Re:Rant Time... (Score:5, Funny)
Seriously i wish some Sony officials got what Worldcomm's Ebbers got: 25 years for entering into another property without permission, vandalism, etc. The less privileged have got far worse sentences for lesser crimes all along
And more so, Sony should replace EVERY affected computer with a brand new Vaio.
Re:Rant Time... (Score:5, Funny)
That would be a crime in itself...
Re:Rant Time... (Score:3, Insightful)
I'd prefer the cash alternative.
Re:Rant Time... (Score:4, Funny)
Re:Rant Time... (Score:2)
Only with the condition that there not be a single bit of Sony software on it. I have a Vaio Notebook. It's a good solid computer but the Sony crap that comes installed on it and entwined into Widows sucks.
Their customer supports blows big chunks too.
Re:Rant Time... (Score:4, Informative)
Re:Rant Time... (Score:4, Informative)
Revoke their import/export licenses.
Stop the trading of their securities.
Lots of other ways. You need all kinds of permissions to do big business. Those permissions can be withdrawn.
Jobseekers rejoice! (Score:5, Funny)
Re:Jobseekers rejoice! (Score:5, Insightful)
Re:Jobseekers rejoice! (Score:5, Interesting)
If I'm working for a homicidal maniac and I build a gun for him, I'm not innocent when he goes on a rampage.
Werner Heisenberg claims that he sabotaged the Nazi atomic bomb effort. If that's true, this would have been a very different world if he had just decided to be a "good engineer." (Yes, Godwin, blah blah. I don't think it applies.)
Re:Jobseekers rejoice! (Score:4, Insightful)
Re:Jobseekers rejoice! (Score:4, Insightful)
First 4 Internet made the XCP DRM system, rootkit and all. Their business model is to develop and sell DRM products to the music industry. So the programmers at F4I must have been deaf and blind in order not to know that the rootkit would be distributed on 'audio' CDs.
Re:Jobseekers rejoice! (Score:3, Interesting)
Re: (Score:3, Insightful)
Re:Jobseekers rejoice! (Score:5, Insightful)
Re:Jobseekers rejoice! (Score:3, Interesting)
Re:Jobseekers rejoice! (Score:3, Insightful)
"that damn engineer, he said he had the technology to fool the hackers out there so they couldn't detect our DRM. . .
Or, another phrase comes to mind; ". . . you have failed me for the last time. . . "
Re:Jobseekers rejoice! (Score:3, Interesting)
I was recently called up by a pimp (consultancy agent) and he asked if there was any company I wouldn't want to work for. I said anyone connected directly with the defence industry and he told me that I'd be surprised how many people also said that.
As far as I'm concerned, if I write software for a guided missile for example, and that missile happens to kill innocent civilians (even if by mistake) then I feel like there
Re:Jobseekers rejoice! (Score:3, Insightful)
As far as I'm concerned, if I write software for a guided missile for example, and that missile happens to kill innocent civilians (even if by mistake) then I feel like there'd be at least some blood on my hands too - which I don't want.
i'm not questioning your
Re: (Score:3, Insightful)
Re:Jobseekers rejoice! (Score:5, Insightful)
Now, the question is, what department thought it was a good idea? Sales and Marketing? Legal? Somebody had to think it was worth the money...
Re:Jobseekers rejoice! (Score:5, Funny)
Remember: your Friendly Neighborhood Crack Dealer didn't grow the coca. They bought it from someone else.
Re:Jobseekers rejoice! (Score:3, Insightful)
I sure (Insert Your Favorite Murderer Here) didn't manufacture the bullets he used to kill his victims either.
Re:Jobseekers rejoice! (Score:4, Insightful)
That sounds like you're letting Sony off the hook, but I don't think it works like that. I mean, suppose I were to sell you a poisoned soda and that as a result you nearly die. Would it matter if I bought the poison from someone else?
Not to mention trying to conceal its presence and lying about its function.
I think Sony stand to take a hiding over this one.
Re: (Score:3)
Re: (Score:3, Interesting)
Re:Jobseekers rejoice! (Score:5, Funny)
If a task is against your principles, ask for a different task. If none exist, ask for a transfer. If impossible, then quit.
Principles are greater than profits.
Or you can be spineless and sell out.
Re:Jobseekers rejoice! (Score:4, Insightful)
profits yes. floating just above the poverty line, no.
but maybe when you get a real job and have a real "im going to be out on the fucking street again if i dont suck up my ego" moment, then you will see.
but yeah, im sure crazy joe down on the corner who dances for nickles every day is sure happy that his spine is in good health.
Re:wake up, this is Bush's Amerifka! (Score:3, Insightful)
But seriously, I aggree with you 100%, but I also agree that you could get into some bad luck, get stuck with big bills because you couldn't find good work no matter how hard you tried, and up to this point you've tried to live your life in a fairly moral manner.
Even as a 26 year old with a pretty good paying job in IT, I wouldn't exactly just up and quit my job because of something like this. I would, however, raise serious objections th
Suprise suprise (Score:2)
-Rick
Re:Suprise suprise (Score:5, Funny)
Boycott Sony (Score:5, Interesting)
Also here [first4internet.com] is the company that created the DRM technology.
Notice (Score:2)
They probably thought they could save some money, and are now facing class-action lawsuits. A classic example of penny-wise pound-foolish, as the Brits used to say.
Nice Job Sony (Score:5, Funny)
Re:Nice Job Sony (Score:3, Funny)
to $000,100,000,000.00?
A Natural Rights perspective (Score:5, Insightful)
One great force behind this right is that past acts bear no allowances for future acts. If I let you into my house yesterday, you have no right to be here today. I may contractually allow you to come and go as you please, but I have to willfully sign the contract with witnesses noting the act.
Sony's DRM uses government force (through copyright provisions) to settle its legality. They say that by using their property, you have to permanently give up your natural right to private property (free speech Statists wrongfully call it Right to Privacy). Sony is wrong.
By violating numerous natural rights, Sony has opened itself to a demand for restitution. I wholeheartedly believe that corporate protections are wrong, as is copyright. My solution? Go after Sony through the shareholders directly (they own the business and allowed the breach of a basic human right). Demand restitution for the trojan if you receive it.
Imagine if you buy a Saab and Saab has an agreement stating "If you turn the car on, you allow two Saab employees to ride in your trunk and search your house for proof you might install a non-Saab oil filter." You've signed nothing. The two Saab employees open your house door, take up residence and leave the door wide open. Two typical pro-copyright arguments: You're not allowed to install non-Saab oil filters or how else would Saab make money? Why would they design cars?
This is the problem with copyright. Instead of individuals protecting proprietary information of value (books, music, etc) and producing it in the best way over anyone else (live shows, subscriptions to new music, etc), they say "copy us and government will use force against you."
It's all wrong. Don't publicly say anything valuable to you. Don't think you can come in my home because you did once before. Don't think you can rape me because a note in your pocket says you're allowed to, and I let you in without checking your pockets.
Re:A Natural Rights perspective (Score:2, Insightful)
Re:A Natural Rights perspective (Score:3, Interesting)
Google [google.com] for some great links.
Re:A Natural Rights perspective (Score:2, Informative)
Re:A Natural Rights perspective (Score:5, Insightful)
One such right is the right to private property, closed to others' prying eyes or presence.
To me, this doesn't seem as "self-evident" as the other rights (Life, Liberty, freedom to pursue happiness, etc.) in the D of C. But it does seem to make sense as a possible necessary qualification to achieve the other three: I could live, be free, and try to be happy without owning anything, but it might be exceedingly difficult.
Just sayin'.
(Also, "irregardless" is not a word)
Re:A Natural Rights perspective (Score:2)
Re:A Natural Rights perspective (Score:3, Interesting)
For example, I own the world. So I can go anywhere I please, including into 'your' home which is really mine.
You might suggest that the state decides who owns what, and the state says you own your home. But if so, then they also have the power to decide what the limits on that ownership are, including the powers of copyright.
If you rely on the force of the state to create property rights, then you pretty much have to go along with the whole legal system in determin
Re:A Natural Rights perspective (Score:4, Insightful)
This drives me insane. What are they teaching kids in school these days anyway? Natural rights are not granted. They are naturally yours because you are human being. They can neither be granted nor taken away. That's why you cannot sign a contract (at least, you can't in the U.S.) that says "I agree to sell myself into slavery in exchange for $100." It's not enforceable, because you cannot sign away a natural right.
Small rant: This complete lack of understanding of natural rights leads to a lot of rotten decision-making. As soon as you start thinking the state "grants rights" (it doesn't), you start thinking it's OK for the state to take them away (it's not). In fact, it's exactly the reverse. You grant powers to the state, and you can take them away. The government has powers only at your whim.
Definition of "Natrual Rights" (Score:3, Interesting)
natural right(n): A political condition required for the life of a morally autonomous being.
A natural right, in this view, is to political or social life what the requrirement for food, water or air is to physical life. I cannot say, "I relenquish my need for food" in any meaningful sense, because it is my nature to need food to live.
Likewise, for a being whose mode of life
Re:A Natural Rights perspective (Score:5, Funny)
While you may be correct WRT US property laws, it seems to me that vampire rules call [imdb.com] for a vampire to have free reign over your house in perpetuity if they are ever invited in. Perhaps Sony is operating using Vapire law rather than US law?
BTW - irregardless [reference.com]
I take issue with this (Score:2, Insightful)
Irregardless of the existence of government, the natural rights of an individual cannot be given away (you can't sell yourself into slavery, you can't tell a higher power that it's ok to kill you). One such right is the right to private property, closed to others' prying eyes or presence.
This is crap. If I want to end my life, I should most certianly be allowed to give someone the right to kill me. I tis *my* life, no one should have any say what I do with it but me. Same goes with the slavery question. M
Re:A Natural Rights perspective (Score:3, Insightful)
One nit, Sony is almost certainly structured as a limited liability corp. specifically so that you can't go after the shareholders. Do you think that LLCs are wrong?
In my opinion LLCs are very valuable because they allow ordinary people to invest in corporations without becoming personally, legally and financially responsible for that companies actions. While this certainly can have the effect of diffusing fault, I feel that this is out weight by the positive economic impact of facilitati
This assumes your interpretation of Natural Rights (Score:4, Insightful)
Furthermore, in most (if not all) countries, "land ownership" does NOT include mineral rights (which are arguably a significant part of the land) and can often be overruled or dismissed by the Government should they decide they can make better use of the land (5th Amenndment in the USA includes this provision, I believe). As such, it is not really ownership and can - at best - be called borrowing from the State.
There are countries in which private ownership of any kind simply isn't recognized at all. Everything is communal. Such societies don't seem to be any less rights-respecting than any other. Indeed, the USA - which has more codified rights than almost any other country - has one of the worst records of any country for actually honoring what is codified. Indeed, not only is it not honored, even when the courts rule against it, the US Government doesn't always respect those decisions. (The Sioux won in the Supreme Court to have the Black Hills revert to them - that was something like 40 or 50 years ago and the US Government is still refusing to honor the ruling.) Even when it does respect them, it has the power to replace any judge that rules against them (as threatened by DeLay over the Terri Schaivo case) which does damage any semblance of independence or impartiality.
I do believe there are Natural Rights. I believe there is a Natural Right for any individual to be seen for oneself, that there is a Natural Right for any individual to improve their quality of life, that there is a Natural Right for any individual to hold to any beliefs they so choose, that there is a Natural Right for any individual or group to privacy and that there is a Natural Right for any individual or group to maximise potential and minimise harm.
Most of these are what Republicans and Libertarians would consider obnoxiously socialist. The only way to maximise potential is to maximise the flow of information and to guarantee the practicalities of learning that information in a manner that is useful and usable. In other words, maximal quality education and minimal restraint on learning. In practice, if you're from a poor family in a poor area in the US, the only way to learn is to be good at sports or be in the military. Oh, and be male. Poor females in the US are left to rot, regardless. The only way to be good at sports in the US seems to be to take dangerous (and eventually lethal) drugs. Brain damage and other sporting injuries are pretty common. The US military is routinely accused of fraudulant claims in recruitment efforts, violent abuse (sometimes lethal) against recruits and persecution of non-Christians. Rape of females in the US military also appears to be a common complaint - and rarely investigated.
Rights - Natural or otherwise - are only meaningful if enforcable. This is one reason the original version of the Magna Carta stipulated the right to seize (by force, if necessary) judicially-awarded compensation or enforce judicially-awarded rulings against the Government (in that case, the king). In other words, nobody - absolutely nobody - was above the law, and nobody could use executive priviledges to abuse the law or anything else. Name me one country that has such a provision today. (No, the US impeachment procedure doesn't count. The current Congress wouldn't impeach Bush if he was caught red-handed in an act of treason, and the population at large has no impeachment rights. The UK's vote of no co
Re:A Natural Rights perspective (Score:2)
however mens rea dictates that only those who can be reasonably expected to know about this has any reason to feel guilty, or be guilty.
I have to partially agree, yet the problems attributed to big corporations are true about big government. I distrust both. In my preferred world, people are free to coalesce into groups of united beliefs (communists in Chicago, Christians in Milwaukee, Carb-lovers in Dayton). The same is true for investors -- taking the ti
That was fast (Score:2)
From the article, virus firms response (Score:3, Interesting)
Ooh fun to be had here. Sony are gonig to love this publicity.
Ha ha. I have little respect for these companies who I see to be the same as those who four hundred years ago sold "herbs" to protect you from the plague. These ppl still profit from ppl's lack of knowledge.
Re:From the article, virus firms response (Score:5, Insightful)
I'm loving this. I just can't wait to see what happens when antivirus/spyware vendors decide to consider the Sony rootkit as an attack vector and remove it accordingly... will it show up as "Sony.CDcopyprotection.malware"? "F4I.XCP.Aurora"? How about the information about it? Will we see legal battles between antivirus vendors and Sony? Class action lawsuits from consumers? I'm already preparing some popcorn for the event!
antivirus vendors violate DMCA? (Score:5, Interesting)
Re:antivirus vendors violate DMCA? (Score:3, Insightful)
Bob
Re:antivirus vendors violate DMCA? (Score:4, Interesting)
See below:
http://www.betanews.com/article/Antivirus_Firms_T
Oh noes! (Score:5, Funny)
Really easy test to see if you're vulnerable (Score:5, Interesting)
1) If you're not using windows, you're fine.
2) Create a file on your desktop ('test.txt' should be fine). Rename the file to '$sys$test.txt'.
If the file is gone, you're vulnerable.
Re:Really easy test to see if you're vulnerable (Score:3, Informative)
1) If you're not using windows, you're fine.
2) Create a file on your desktop ('test.txt' should be fine). Rename the file to '$sys$test.txt'.
If the file is gone, you're vulnerable.
How about a "read-only" way?
Boot with Knoppix
At the command prompt:
$su bash
#mkdir cdrive
#mount
#find cdrive -name $sys$* -print
Any hits? You got da SonySyph.
That's not all (Score:5, Funny)
Re: (Score:2)
Re:That's not all (Score:2)
Oh sorry, I thought you said Bob Martin [bobmartin.co.uk]
$sys$porn (Score:2)
Well, I was debating buying a PS3 instead of a Nintendo Revolution. Not anymore!
Back again to Windows Security (Score:5, Interesting)
As an OS X user, I'd find it slightly odd that my music CD is prompting me for an administrative password.
But to stay on topic, I'm sure this is but one of the many exploits that will be based on this rootkit.
Does anyone have a comprehensive list of CDs that install it, and is it true that Sony has been using it since April?
Re:Back again to Windows Security (Score:3, Interesting)
On OS X, accounts marked as Administrators are really regular users who happen to have sudo powers, so you have to type in your password.
Re:Back again to Windows Security (Score:3, Informative)
Under Windows, when you're logged in as the administrator, you don't need any further password to proceed with, say, installing a rootkit. If you're a Home user, you can't give limited privileges, so you have no option, for the vast majority of crappily-written software, but to install it as an administrator (albeit with Spybot S&D and StartupMonitor running in the background to catch the seventee
Re:Back again to Windows Security (Score:3, Interesting)
Trey Anastasio, Shine (Columbia)
Celine Dion, On ne Change Pas (Epic)
Neil Diamond, 12 Songs (Columbia)
Our Lady Peace, Healthy in Paranoid Times (Columbia)
Chris Botti, To Love Again (Columbia)
Van Zant, Get Right with the Man (Columbia)
Switchfoot, Nothing is Sound (Columbia)
The Coral, The Invisible Invasion (Columbia)
Acceptance, Phantoms (Columbia)
Susie Suh, Susie Suh (Epic)
Amerie, Touch (Columbia)
Life of Ago
Re:Back again to Windows Security (Score:5, Funny)
That list of CDs can't be right (Score:3, Funny)
Re:Back again to Windows Security (Score:2)
That said, on operating systems like OS X or Linux where the user is prompted for their password to make routine configuration changes, password fatigue is a common issue. I'm sure many people would enter it regardless ("oh jeez, another damn password prompt? go away ....").
Also, for what it's worth OS X is hardly the pinnacle of security. There have been enough scary instant-code-execution problems in Safari (one within days of 10.4 being released) that I see no
Re:Back again to Windows Security (Score:5, Interesting)
Re:Back again to Windows Security (Score:5, Informative)
Short answer: No, it just assumes you're running as an administrator, which is generally true.
Much longer answer:
Windows XP comes from two roots: Windows as a DOS shell, and Windows NT. Both of these operating systems encouraged running as Administrator, for a variety of reasons.
Windows as a DOS shell is easy to explain, it was a single-user system, and therefore really had no security system in place at all. This single-user style persisted through to Windows ME, and is essentially "emulated" in Windows XP Home by having the users, by default, run as Administrators. (You can change them to regular users after creating new accounts, though.) By default, Windows XP Home doesn't require passwords on accounts - you just click on the user account you want to use, and you're logged in. So even making "less privileged" users isn't all that helpful. (I believe, by default, Windows XP Home DOES disable the built-in Administrator account, though.)
Anyway, Windows NT is another story. Technically, an "Administrator" account is just a normal user account that just happens to belong to the Administrators group. Because Windows NT's security model is much more complicated than the Unix security model (and I'd argue much more robust), essentially the Administrators group is a group with all permissions set to "allow." (There is a super-user under Windows NT. It's called "SYSTEM" and it's essentially identical to root under Unix.)
But anyway, Windows NT's security model is very complicated. Combined with no ability to "sudo" in Windows NT 4, most people who used NT just made themselves Administrators so that they didn't have to poke around the miriade of settings and ACLs to give them permissions to do whatever they needed to do.
Windows 2000 added "Run As" which allows you to essentially "su" and switch to another account when starting a program. This meant that it would in theory be possible to administer a system from a non-privileged account, much like Mac OS X does.
But the damage was already done. Most of the Windows software had been written for Windows 9x or assumed that you'd be an administrator under Windows NT. So attempting to run as a non-privileged account required constantly using the Run As feature to run the programs you needed to use as an administrator. (For a while, Winamp wouldn't run under a non-privileged account.) Of course, this meant that since most programs were running as administrator ANYWAY, you really weren't gaining much security.
Now, with Windows XP Pro, this is starting to change. Microsoft now requires user programs to run on non-privileged accounts. It's much clearer where user-specific information goes. But the damage has been done. Windows XP Home defaults to an administrator account for all new accounts. Most people are used to not having to enter a password to change their system settings and don't understand the concept of a non-privileged account.
So almost everyone using Windows is running as an administrator, and therefore there's no need to require a password to install a rootkit. They already have the permissions they require.
Sony's actions recently mean they've lost my money (Score:3, Interesting)
Secondly, does this rootkit install even if you are logged in as a normal Windows user, not Administrator? That suggests a security hole in Windows. However I suspect the issue is Windows making users Administrator by default, which is a really dumb system, security wise.
Re:Sony's actions recently mean they've lost my mo (Score:4, Informative)
Ahhh, Sony (Score:5, Funny)
SONY, redefining DRM (Score:5, Funny)
Fun with $sys$ (Score:5, Funny)
Re:Fun with $sys$ (Score:3, Funny)
Re:Fun with $sys$ (Score:4, Interesting)
Probably. Since the Sony Rootkit is the big story at the moment, this thread will get read by a lot of people. That post went to +5, and it's got Slashdot memeicity all over it.
I wouldn't use it as a straight drop-in replacement for ^H^H^H, though; that merely implies 'I nearly wrote this - whoops!' $sys$ conveys malevolence. So, for instance, if someone were to write
We must invade Iraq to look for oil^H^H^HWMD
would suggest that oil is at least part of the purpose of the invasion, and that it's just not diplomatic to mention it. A careless typo that reveals too much of what you're thinking. On the other hand
We must invade Iraq to look for $sys$oil WMD
would suggest that oil is the real purpose of the invasion, and that this is being deliberately hidden by a lot of bullshit about WMD. A subtext deliberately trojaned in and kept dark.
Use the $sys$ prefix in place of ^H^H^H to lend a nastier, more malevolent tone to what it is you're editing out.
sony vs. microsoft (Score:3, Interesting)
Lawsuits if this thing DDoSes the net (Score:4, Interesting)
If someone creates a worm that exploits a negligent design flaw in Sony's DRM or Microsoft Windows, then couldn't the affected sue Sony or Microsoft? This would include non-users of these products whose internet usage was disrupted. And as someone who does NOT use DRMed Sony CDs or Microsoft Windows, I have NOT agreed to these company's EULAs with all their legalese of limited liability. Thus non-users may have more rights to sue than users of these products.
IANAL. Any thoughts?
Which IRC servers? (Score:2)
If the IRC servers are private, will the owners be investigated?
Can we be just a little proactive in containing this?
=Smidge=
Huh? (Score:2)
Infected with DRM (Score:5, Interesting)
"Infected with DRM"
Sony's rootkit has also been linked to Windows crashes, which isn't surprising to me. Most spyware causes instability in Windows because it is poorly written and designed to break parts of Windows to protect itself from removal. Sony writes, "This component is not malicious and does not compromise security. However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers."
The incongruence of their words, is not startling to me, as they are playing a PR game to hide the fact that they messed up people's computers, and made them vulnerable to an attack that hasn't gained popularity yet, but now surely will. Virus writers will be able to easily hide their virus files using programs like Sony's cloaking DRM. Sony is lying that their cloaking DRM does not compromise security of an infected computer.
http://www.informationweek.com/story/showArticle.
This might be a good thing (Score:2)
Being ignorant == fair game? (Score:4, Informative)
The President of Sony BMG's Global Digital Business, Thomas Hesse, defends Sony's installation of a rootkit by declaring, "Most people, I think, don't even know what a Rootkit is, so why should they care about it?"
Source [about.com]
Re:Being ignorant == fair game? (Score:3, Insightful)
They do now.
Legality (Score:3, Insightful)
If some bored teenager devised and distributed such a rootkit, he or she would be accused of costing businesses millions and thrown in jail for 10 years. Can someone explain to me why Sony is not getting prosecuted for "hacking" here? What makes them exempt (aside from whatever civil lawsuits are being brought against them)?
A variant of that trojan ... (Score:5, Interesting)
So posing as the trojan I logged onto the IRC channel. I idled there for a while watching the channel op send commands to the connected bots, and decided to have a go myself. The channel was +m but I could PRIVMSG the bots, and a bit more work in IDA revealed the command set - which contained an unload command. So I scripted my irc client to send a msg to every non-op in the channel with the command
"OH SHIT" he typed. He was more shocked than anything, and then more curious than angry. We ended up having a rather long and interesting conversation about our respective jobs. He told about his bot network, what he uses them for (in the UK it's for harvesting email addresses, apparently), the ££ he gets for it - it's a full time job for him - and who writes most of the bot software (his partner.) He was no stereotypical teenage script kiddie either, more a computer professional turned to the 'dark side' of IT
All in all, it was fascinating. (Btw, our firewall blocked the trojan from connecting to IRC and it was fairly easily to remove from the sales manager's laptop)
Boycott isn't going to do squat (Score:3, Insightful)
Remember Intuit's TurboTax debacle? (Score:5, Interesting)
The following year, all traces of this were removed in the next version and, afaik, it has never returned. I, for one, however, haven't bought their product since and don't plan to ever buy from them again.
I guess Sony just wasn't paying attention.
Sony Rootkit News Absent From CNN (Score:5, Insightful)
$sys$ now Sony's fnord? (Score:3, Insightful)
Re:$sys$ now Sony's fnord? (Score:3, Insightful)
"Newer Sony CDs install a type of virus on your computer called a root kit."
The word virus is the key. If the president of Sony doesn't have a clue what a root kit is, then lets cut the BS and use the right word. It is a VIRUS in the since that the only term most normal people really "get" (I know, it isn't a virus as security people define it).
ALL GAMESITES SHOULD DROP SONY COVERAGE (Score:3, Insightful)
Re:Lawsuits all around (Score:2)
If I get this trojan, I will simply find Sony shareholders in my home town and sue them civilly. Or I might just verbally denounce them in public for violating my natural rights.
If you own Sony stock, you're liable in my opinion. Sell it.
Re:Lawsuits all around (Score:2)
This type of fictious person along with limited liability of the shareholders makes for some fun scenarios:
1) I pay Steve to break in to your computer, plant a virus/trojan/rootkit which opens your computer up to other virus/trojans/etc. I'm a co-conspirator in this action and will probably
Re:On what platforms does Sony DRM rootkit work? (Score:2)
What versions of Windows? Linux? Mac OS X? - Yet another reason to switch?
Why do you think sony has a rootkit for Windows - only because
it's the most dominant OS.
Do you think it's difficult to write a rootkit for Linux or Mac OSX?
Rootkits aren't exploits or security holes.
Re:On what platforms does Sony DRM rootkit work? (Score:4, Interesting)
I'm thinking that outside of users that habitually surf and/or listen to music as root, that Linux and OS X users should be just a wee bit safer than the casual Windows user.
Sure, Linux can be rooted. Now, your homework assignment is to go burn me a disk with music on it that will root my Linux box merely by being inserted, and won't let me listen to the music until my box has been rooted. I like classical.
Re:Sony can't deny this (Score:2)