Print this article  |  E-mail this article  |  Comment on this article

Antivirus Firms Take On Sony DRM

By Nate Mook, BetaNews

November 10, 2005, 12:45 PM

With the recent discovery of Sony's "rootkit" DRM shipping on over 20 CDs and the surrounding backlash from consumers online and off, antivirus vendors must now answer a delicate question: should Sony's software be considered malware and forcibly removed? Some say yes.

Technically, Sony's application, which was actually created by First 4 Internet, is not a virus and was not designed with malicious intent. However, the copy protection installs a low-level Windows driver that hides the DRM files and prevents their removal - a technique used by rookits.

This cloaking mechanism could easily be used by hackers and virus writers to hide programs that do real damage, and a trojan horse has already cropped up with such capabilities. Moreover, coding errors in the DRM software have been reported to leave systems vulnerable to crashes.

Some security firms have been quick to classify Sony's DRM as a threat and are releasing tools to remove it. Computer Associates and Sophos are among those proactively responding to customer complaints about the questionable technology and worry about potential vulnerabilities.

"Despite its good intentions in stopping music piracy, Sony's DRM copy protection has opened up a vulnerability which hackers and virus writers are now exploiting," says Sophos technology consultant Graham Cluley.

McAfee has also taken a stance against the DRM. "With the latest DATs, McAfee detects, removes, and prevents reinstallation of XCP," the company said in an advisory. However, McAfee also notes that "this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application."

Other companies are taking a more measured approach. Symantec said this week that its AntiVirus utilities would detect the presence of the Sony software, but not remove it. Instead, Symantec will direct customers to Sony BMG's Web site, which offers instructions for uninstalling along with a patch to disable the cloaking ability.

F-Secure independently identified Sony's DRM application as a "rootkit," but is not currently offering a removal tool. Like Symantec, F-Secure directs customers to Sony customer support for help.

Microsoft, which recently moved into the security space with the release of Windows AntiSpyware (now known as Windows Defender) and Windows Live OneCare, is still on the fence. "We are evaluating the current situation to determine if any action from Microsoft is necessary," a Microsoft spokesperson said in a statement.

The spokesperson added that Windows Defender and the Malicious Software Removal Tool have established criteria on which to base malware and spyware classifications, while acknowledging Microsoft is "concerned" about the situation.

But Jupiter Research senior analyst Joe Wilcox questioned Microsoft's apparent flaccid response.

"Since Sony's DRM affected Windows, I would refer to Microsoft's definition of rootkit. An October 6 TechNet article calls a rootkit 'a special kind of malware...nearly undetectable and they're nearly impossible to remove.' If Microsoft calls a rootkit malware, then I don't see how there can be any question how antivirus vendors should treat Sony's DRM software," Wilcox told BetaNews.

"More importantly, if antivirus software starts distinguishing between kinds of rootkits, hackers might be able produce even more nefarious types that mimic something like Sony's DRM mechanism and so go undetected and unremoved."

Consumers, however, aren't waiting around for security vendors to protect them. A class-action lawsuit has already been filed against Sony BMG in California, with another expected in New York. The suits claim Sony has violated consumer rights and anti-spyware laws with software that is damaging to PCs.

For its part, Sony says it has been responsive to the situation by posting removal instructions. But Mark Russinovich, who initially discovered the hidden DRM on his computer, disagrees. "The uninstall process Sony has put in place is on par with mainstream spyware and adware," he says.

"First you have to go to Sony's support site, guess that the uninstall information is in the FAQ, click on the uninstall link and then fill out a form with your email address and purchasing information, possibly adding yourself to Sony's marketing lists in the process," Russinovich explained.

"Without exaggeration I can say that I've analyzed virulent forms of spyware/adware that provide more straightforward means of uninstall."

Add a Comment (101 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By memobug

edited Nov 17, 2005 - 11:11 PM

I was surprised and disappointed by Sony's DRM program, its irresponsible behavior and lack of concern for user privacy and security.

Because of this I removed my Internet Playstation Portable forum, http://www.pspfreaks.com and posted an open letter to Sony in its place. The doors stay shut until Sony owns up to its mistake.

I can't in good conscience support an organization that behaves this way. Join the boycott!

Regards,

Matt Chroust

Score: 0

By nightops

posted Nov 11, 2005 - 10:05 AM

Also, for those anti-McAfee folks that are now turning away from SAV/NAV, you might check out NOD32 (www.nod32.com). Check out the Administrator version for those of you that like to have FULL control over your A/V solutions.

Score: 0

By PC_Tool

posted Nov 11, 2005 - 10:07 AM

Mmm... NOD32. Fast, small, bulletproof.

I'm lovin' it.

Score: 0

By gawd21

posted Nov 11, 2005 - 10:10 AM

Yes, if you are going to pay for a virus scanner NOD32 and Bit Defender are the best out there.

Score: 0

By Crypton

edited Nov 11, 2005 - 3:33 PM

Matter of opinion, personally I find Trend and Kaspersky to be also of the top AV's, as far as others such as Norton, would not trust it even on a system not connected to the net..

Score: 0

By gawd21

posted Nov 11, 2005 - 4:05 PM

No, Bit Defender is rated # 1. So that is a fact not an opinion, but It was an opinion when I listed NOD32.

Here is one link, if you need more just search for them.

http://anti-virus-software-review.toptenreviews.com/

Score: 0

By PC_Tool

posted Nov 11, 2005 - 5:28 PM

NOD32 has been ranked 100% more times than anyone else for catching ITW viruses by VB magazine....

Just FYI. (Haven't checked recently, but unless they really screwed the pooch in the last 6 months, they should still be up there)

Score: 0

By JacenSolo

posted Nov 12, 2005 - 9:56 PM

McAfee, Bullguard or Zonealarm security suites all the way.

Score: 0

By PC_Tool

posted Nov 14, 2005 - 9:30 AM

Bah. I'd never install a suite when 1 app will do the trick.

Score: 0

By JacenSolo

posted Nov 15, 2005 - 6:27 PM

I prefer an all-in-one solution. Which is why I use Opera instead of FF, Zonealarm instead of NOD32, etc :P

Score: 0

By nightops

posted Nov 11, 2005 - 10:02 AM

Just a thought:
When you are forcible made to install software that violates any law, it automatically constitutes breach of contract between you and the vendor you purchased it from. Any acts committed in the undoing of those acts (as long as they do not violate the rights of any other parties) cannot be considered in violation of the same law that was originally broken by the venodor.

Score: 0

By cousinkix1953

posted Nov 11, 2005 - 4:48 AM

http://www.eff.org/

SONG BMG releases with DRM rootkit

Trey Anastasio, Shine (Columbia)
Celine Dion, On ne Change Pas (Epic)
Neil Diamond, 12 Songs (Columbia)
Our Lady Peace, Healthy in Paranoid Times (Columbia)
Chris Botti, To Love Again (Columbia)
Van Zant, Get Right with the Man (Columbia)
Switchfoot, Nothing is Sound (Columbia)
The Coral, The Invisible Invasion (Columbia)
Acceptance, Phantoms (Columbia)
Susie Suh, Susie Suh (Epic)
Amerie, Touch (Columbia)
Life of Agony, Broken Valley (Epic)
Horace Silver Quintet, Silver's Blue (Epic Legacy)
Gerry Mulligan, Jeru (Columbia Legacy)
Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
The Bad Plus, Suspicious Activity (Columbia)
The Dead 60s, The Dead 60s (Epic)
Dion, The Essential Dion (Columbia Legacy)
Natasha Bedingfield, Unwritten (Epic)
Ricky Martin, Life (Columbia) (labeled as XCP, but, oddly, our disc had no protection)

Several other Sony-BMG CDs are protected with a different copy-protection technology, sourced from SunnComm, including:

My Morning Jacket, Z
Santana, All That I Am
Sarah McLachlan, Bloom Remix Album

Score: 0

By crashoverride

posted Nov 11, 2005 - 2:25 AM

hmm, i can see the headlines now, "Developers of Sony DRM get 5yrs in prison for mass distributing the DRM Virus".....that would be funny, highly unlikely, but it's a funny thought.

Anyway, yea, it should be considered malware. It's installed without user consent and impedes a function of the machine. Sounds like malware to me.

Score: 0

By joeshmoe7

edited Nov 11, 2005 - 12:14 AM

LOL here it comes!
http://www.viruslist.com/en/weblog

UPDATE: i found a tool, from sophos anti-virus site that will detect and remove the sony rootkit, if you don't feel like jumping through sony's idiotic hoops (or like me and don't trust sony with anything on your PC).
http://www.sophos.com/su...disinfection/rkprf.html

EDIT: dam guess im a little late, with so many articles i didnt check the others. :) This story is taking on a life of it's own. Good though.

Score: 0

By joeshmoe7

edited Nov 10, 2005 - 11:15 PM

Well, good for McAfee for having some balls.
Now, can someone, anyone, please provide a handy free tool to truly remove this crap. I would make one if i was a programmer. I guess too many people are afraid of the DMCA to make a nice, handy, clean, full uninstaller for this. Something has to change here, because the way i see it, this Rootkit actually seems to probably have some protection from the DMCA (assuming i guess if removing the rootkit can be seen as an attempt to circumvent copy protection - if sony is really ballsy enough to make such a dumb claim but who knows at this point they showed how dumb and arrogant they are). This is a fine mess. I guess the courts will have to sort it out. And while their at it, please stick the DMCA into the dark abyss of oblivion where it belongs (and send SONY with it too--->with their EULA's stuck up their *** all the way down)

Score: 0

By drumcat

edited Nov 10, 2005 - 6:24 PM

It's legal for Sony to install a program - you must agree to it first by accepting EULA.
It's illegal for Sony to install malware or any program that cannot be plainly uninstalled, no matter what the premise.

Score: 0

By JacenSolo

posted Nov 10, 2005 - 7:04 PM

It's illegal for Sony to install a program. _I_ must give consent (aka double click setup.exe/setup.rpm/setup.bin) for it to be considered legally installed. if they force it on me, It's called a virus and is illegal.

Score: 0

By BklynKid

posted Nov 10, 2005 - 6:52 PM

I agree, the problem however is that nowhere in Sony's EULA is this "program" mentioned, therefore nobody even knew it existed until someone discovered it and traced it back to their purchased CD.

Score: 0

By googun

edited Nov 10, 2005 - 6:46 PM

Agreed. There is nothing for any user to gain in agreeing to install the software. Who installs software that makes your computer LESS useful?

As for anti-virus companies pushing customers toward Sony for help, that's a cheap cop-out. But then maybe they are smarter than we are given them credit for. Maybe they are just waiting for a virus to exploit the rootkit, in the hope that Sony will have to cave in and leave them in the clear to issue a fix.

Score: 0

By gawd21

edited Nov 10, 2005 - 10:17 PM

"Who installs software that makes your computer LESS useful?"

Anyone that installs AOL. LMAO

Had to say it.

EDIT: I know, "He laughed at his own joke."

Score: 0

By googun

posted Nov 11, 2005 - 7:36 AM

yeah yeah like it :-)

Score: 0

By fewt

posted Nov 11, 2005 - 7:29 AM

Well said.

HAHAHAHAHAHAHAHA

Score: 0

By mancub

posted Nov 10, 2005 - 6:09 PM

it has been forward to the eropean union derecterate

Score: 0

By googun

edited Nov 10, 2005 - 6:24 PM

That's good news. I am starting to like the European Directorate already :-)

Score: 0

By googun

edited Nov 10, 2005 - 6:21 PM

It may be illegal to defeat a copyright protection scheme, but surely uninstalling software does not in itself constitute a breach of the law. But I have another idea about this...

Given that Sony's software ties itself to the CD drive so deeply that removing it renders the drive useless, surely CD drive maufacturers have a good reason to sue Sony for messing with the usability of their products. For example, if I buy a XYZ cd-drive, which Sony's software "takes possession of", overriding XYZ software's control over the drive, surely there is a case for XYZ to sue Sony (perhaps on behalf of its customers) for interfering with its product and preventing XYZ's customers from enjoying the full functionality of the product they paid good money for, or at least to recover the cost of all the support calls from angry customers.

And what about the legal liabilities of First 4 Internet? Surely they are not yet in the clear either, unless they can show that their software was NOT designed to interfere with other companies' products - especially as their software also leaves PCs vulnerable to exploits that Sophos and others are starting to see.

One last point - does Sony's creepy software behave differently if the cd-drive is a Sony? If it does then presumably there are grounds for an anti-competitive lawsuit too.

It seems to me that only a full-on money-no-object assault on Sony and its friends in the courts will defeat these morally bankrupt developments.

Score: 0

By limbeaux

edited Nov 10, 2005 - 4:36 PM

1} the question of whether or not it is legal for sony to install this has not been answered.
2) Under the The Digital Millenium Copyright Act, it is illegal to defeat copyright protection schemes.
So uninstalling the rootkit at this point is illegal.
If Antivirus software removes the rootkit, who has broken the law? antivirus developer or the consumer. quite a conundrum

Score: 0

By Tenoq

posted Nov 10, 2005 - 9:29 PM

Uninstalling the rootkit alone is not illegal, IMHO. It would not constitute 'defeating' a copyright protection unless you had the intention to copy the disc. You would be merely uninistalling unwanted software.

One must ask if Sony has acted legally, however. Installing software without permission (that may be illegal to remove, as you say) is surely a serious offence.

Score: 0

By mancub

edited Nov 10, 2005 - 6:13 PM

say what

Score: 0

By The MAZZTer

posted Nov 10, 2005 - 5:10 PM

This is MY computer. Not the governent's. Not Sony's.

I think I'll uninstall whatever I @#%$ing well please.

Score: 0

By jordenpro

posted Nov 10, 2005 - 4:47 PM

Dear limbeaux,

What you've just said is one of the most insanely idiotic things I have ever heard.

At no point in your rambling, incoherent response, were you even close to anything that could be considered a rational though. Everyone in this room is now dumber for having listened to it.

I award you no points, and may God have mercy on your soul.

Score: 0

By Maxwolf

posted Nov 11, 2005 - 9:33 AM

George Carlin quote, heh.

Score: 0

By Jose

posted Nov 10, 2005 - 6:37 PM

Not only is limbeaux legally and factually correct - he's on your side - the DMCA and DRM are broken.

Why don't you give your points to the law makers?

Score: 0

By jordenpro

edited Nov 10, 2005 - 9:41 PM

lol, so if I format my computer I have broken the law! Son of a bytch, brb calling GEEK SQUAD.

Please bail me out for fixing my cd rom!

You are a victim of being bullied. You do not have to leave that crap on your computer and they are not going to give you a wedgie if you do! However if you do, I hear they might give you a swirly, stay out of the bathroom.

Score: 0

By Metshrine

posted Nov 11, 2005 - 7:26 AM

I find it funny that you whined at him above for making idiotic posts, yours has no sort of professionalism and is very immature. Irony at its best

Score: 0

By nightops

posted Nov 11, 2005 - 10:00 AM

Easy bud, he was just joking :-) He was quoting Carlin (as well as a certain Adam Sandler movie :-) ) for a 'baseless' answer. Nobody likes this DRM rootkit crap, trust me ;-)

Score: 0

By wincement

posted Nov 10, 2005 - 4:46 PM

Neither. Removing the rootkit does not defeat copyright protection. And even if it did, no one is able to remove it yet without crippling their computer.

Sony has definitely crossed a legal line with this software, and I believe the lawsuits will show that.

Score: 0

By spiffyjeff

posted Nov 10, 2005 - 4:18 PM

Hey Sony, keep your Management off my Digital Rights!

Score: 0

By PC_Tool

posted Nov 10, 2005 - 4:21 PM

lol

Score: 0

By roj

posted Nov 10, 2005 - 3:48 PM

Symantec, as expected, kissed the a** of big business and caved. big surprise.

Score: 0

By Maxwolf

posted Nov 11, 2005 - 9:34 AM

Their software sucks anyway. Bloated and doesn't even remove threats.

Score: 0

By nightops

posted Nov 11, 2005 - 11:18 AM

Norton AV, yes. Symantec AV, no. This is completely odd, and I understand their idea around maing Norton so ...um...user friendly. However, most users actually want AV solutions to run in the background, actively monitor files/emails/etc, and update themselves automatically...basically hands-off for the users. SAV does this reasonably well, but since they aren't going to remove the rootkit crap then I'm anti Symantec for now. However, NAV has NEVER really been good at this. Definitely bloated. Had it not been for the rootkit stuff, I would say my top 4 are:
NOD32
Symantec AV (NOT Norton AV)
Bit Defender
McAfee

Now it's:
NOD32
Bit Defender
McAfee
...AVG?
...maybe SAV

Score: 0

By drumcat

posted Nov 10, 2005 - 3:09 PM

Ya, give McAfee some serious manpoints.

So essentially this removes any element of safety for buying CD's in comparison to taking a chance on a P2P. At least on a P2P, something like an mp3 file can't install software. I'd have to execute it. In the case of these CD's, you might think you're getting bonus stuff, access to something extra, whatever. But now you have a security hole.

It's hard to want to pay $20 to get a security hole, software that only restricts my use, and potentially a destructive fileset for my OS.

Score: 0

By PC_Tool

edited Nov 10, 2005 - 3:14 PM

Of course, you risk the wrath of RIAA using P2P, as well as your own scruples.

I know what Sony did bites, but it is no excuse for a reasonably moral person to "take the law into their own hands" by downloading songs illegally.

There are still plenty of legit alternatives like iTunes, AllofMP3, and I'm sure the list goes on...

Those who want to flame me concerning the last sentance containing the words AllofMP3 and legit in the same "breath", please follow the below link to correct your misunderstandings.

Just cuz it ain't RIAA, don't mean it ain't licensed.

Interview with MediaServices(AllofMP3) CIO Vadim Mamotin:

http://www.technewsworld.com/story/34512.html

Note the question concerning artist royalties and ROMS.

Score: 0

By JacenSolo

posted Nov 10, 2005 - 4:05 PM

Your more likely to get a virus from Sony's DRM then you are to get the RIAA jumping on your back.

Score: 0

By roj

edited Nov 10, 2005 - 4:02 PM

"Of course, you risk the wrath of RIAA using P2P, as well as your own scruples."

Scruples? What scruples? Apart from the fact that Sony is perpetuating an invasion of privacy that is ILLEGAL in this country according to our Privacy Act (we take our privacy seriously in this country unlike others that like sheep sign it away to their guvvies, lock stock and barrel), downloading via P2P is quite legal here.

Screw 'em.

The first class-action suit has been filed in Cali. Others will follow. The long overdue DRM backlack may finally be beginning and it's about frickin' time.

Score: 0

By mancub

posted Nov 10, 2005 - 6:15 PM

i take it you live in the e u

Score: 0

By PC_Tool

posted Nov 10, 2005 - 4:05 PM

"downloading via P2P is quite legal here."

What country are you in where it's legal to download copyrighted material you did not pay for?

Score: 0

By Maxwolf

posted Nov 11, 2005 - 9:35 AM

P2P is not illegal, when you use it to move movies and music it is but not the transmission protocol.

Score: 0

By PC_Tool

posted Nov 11, 2005 - 10:30 AM

Yes, but when used in reference to the comment above, where he states, "instead of buying the CD", it would be illegal, eh?

We're not all idiots, here. No need to nit-pick the obvious.

Score: 0

By spamspanker123

posted Nov 11, 2005 - 4:36 AM

I don't believe he said it was copyrighted material he was downloading via P2P. He said that "downloading via P2P is quite legal"

Everyone who hears about P2P automatically relates it to sharing copyrighted material. That's why it has gotten such a negative outlook by people that only half-educate themselves on what is going on.

I share more than 300 songs through Ares, and every single song is not copyright protected. I know that because 20 of them were made by my band.

Score: 0

By PC_Tool

posted Nov 11, 2005 - 8:34 AM

My original response was to this quote:

"So essentially this removes any element of safety for buying CD's in comparison to taking a chance on a P2P."

Tell me where you get "legal" from this? If he's got to buy the CD, there's gotta be some asinine number, like 99.999% chance it's illegal to download.

And yes, I pulled the number right out of my ass, so wash your hands.

Besides, when talking about a service, it's more than acceptable to talk about it in regards to what the majority of it's users use it for. Want to try and tell me over 50% of bit-torrent users only download legit files?

Score: 0

By mancub

posted Nov 10, 2005 - 6:15 PM

called free ware

Score: 0

By PC_Tool

posted Nov 11, 2005 - 8:35 AM

Read my above response.

Score: 0

By roj

edited Nov 10, 2005 - 5:45 PM

Canada.

A ruling was made by a judge that a file downloaded via P2P was in essence the same as a copy made at the library of research material "I did not pay for". The CRIA has valiantly tried to overturn this and has failed at every turn, no doubt in part due to the levy imposed on all recordable CD media in tis country, which is supposedly used to compensate artists.

Also, Sony's rootkit is in clear violation of the Canadian Privacy Act since express permission must be asked for and granted for such an invasion and the penalties for ANY company violating that are strict - it's a Federal offence. As one example, a rather prominent bank was forced to change its disaster recovery plan because its backup site was located in the US - where the Patriot Act would grant access to the personal information of Canadian Nationals and thus rape the privacy of those individuals. Your Patriot Act even goes so far as to make it illegal for disclosure of said rape to occur.

Uh Uh.

Not on our watch.

Also, we weren't dumb enough to pass DMCA - it was tried at the behest of "points south" and roundly tossed out.

That being said, I've said my piece and I'm outta here. With due deference to your comment on flame retardant liquid elsewhere, I just don't bother - I dump the facts on the table and leave. :)

Score: 0

By PC_Tool

posted Nov 11, 2005 - 10:35 AM

lol

Oh, Canada, indeed. ;)

I have to admit, it's our own deeply-rooted dislike of taxes that made the levy down here in the US impossible and very likely, this whole ordeal we're going through now is a direct consequence of it.

I know you're outta here, but just in case you sneak back in for a peek:

Got alink to that ruling? I'd *love* to see it. Also, has the levy been tested? Are the artists (even the US artists) getting anything from this levy, or is it just funnling directly into the government's coffers?

I'm not trolling, I'm honestly curious.

Thanks.

Score: 0

By roj

edited Nov 11, 2005 - 12:36 PM

The Federal ruling, as reported by the CBC:

http://www.cbc.ca/storie...da/download_court040331

The "Chevy to the Levy" :) :

http://neil.eton.ca/copylevy.shtml

Our pride and joy (and that which protects us by standing between us and a variety of unscrupulous organizations including the RIAA and MPAA), the Canadian Privacy Act:

http://laws.justice.gc.ca/en/P-21/text.html

As you say, O Canada indeed. As an IT Security specialist (my specialty is IT Forensics), I am required to understand a great deal about the Privacy Act and its implications. The balance to that is that my wife is a legal assistant - on occasion we laughingly refer to our marriage as "sleeping with the enemy".

It might further interest you to know that Canadian ISPs fought successfully against organizations like the RIAA and MPAA arbitrarily having the right to access customer information. The ISPs also stated something which is now comically common knowledge in the US: there is no iron-clad way to tie internet activity to a specific individual (grandfather and people who don't even own computers notwithstanding). This is directly opposite to the situation which exists in your country where companies like Verizon sold out their customer base in just that way. Up here, it would be a violation of the Privacy Act. Only one ISP in Quebec, Videotron, was fighting to allow access and given that its parent company is Quebecor, a multimedia entertainment company, this was not surprising. They are now forced to abide by the decision and that, as well as a variety of other reasons is why I'm quite thankful I don't live in that Province. ;)

As do many other Canadians, I value my privacy and will not allow a government or other organization to buy it or legislate it away from me.

As an aside, I may not always agree with you but I'd never accuse you of trolling. You're far too level-headed for that. :)

Peace...

Score: 0

By PC_Tool

posted Nov 11, 2005 - 12:59 PM

Just a few comments:

The ruling - Looks like it's pretty vague. No proof of intent was shown, and thus they got off. I'd like to see how they'd handle something more "warez" oriented than "Shared Directories" though. Has a user of an actual P2P service been brought up in Canadian court?

In the levy link, regarding sharing of music:

"If you post a song on the internet, or make it available to others via a peer-to-peer network, or if you send it to someone as an email attachment or via FTP, you are considered to be making a public transmission of the work. It is also clearly not for your own private use. You would be infringing copyright unless you had explicit permission from the rights holders."

Sounds a bit conflicted with the article on the federal ruling, though this one specifically mentions P2P.

The distribution is amazing:

* To Eligible Authors 66.0%
* To Eligible Performers 18.9%
* To Eligible Makers 15.1%

Could not imagine a better model.

Grass is looking pretty green up there, man...and I ain't talking about the kind ya smoke. :P

Score: 0

By wincement

edited Nov 10, 2005 - 3:18 PM

=((((

I really want to agree with you, but you had to bring up the 'legit' aspect of AllofMP3. They are legit, yes, but highly immoral.

The artists don't get a penny, and your money lines the pockets of thieves.

...other than that though, I completely agree.

Score: 0

By PC_Tool

posted Nov 10, 2005 - 4:11 PM

Can't prove it's going to thieves. ROMS pay ROA, and there's no real trail from ROA to the artists, but with enough pressure, and possibly only a small increase in price, it easily could.

But yes, you can pretty much bet it is not going to the artists. Which is a bad thing. Just so you know where I stand on that.

I hate the fact that artists likely don't see a dime of it, but I can't help not at the very least *trying* to support an alternative to RIAA.

If ROMS/ROA could give us a documented paper-trail and get some artists on their bandwagon here in the US, RIAA would have a serious monkey on their back.

*shrug* Perhaps I need to re-examine my reasons for using them. Maybe my own morals are slipping somewhat.

It's a tough one. Seeing as I basically can't buy CDs now, iTunes gives crap quality, the rest seem to be using restrictive WMA DRM...

The realistic alternatives are getting scarce.

Score: 0

By wincement

posted Nov 10, 2005 - 4:49 PM

"The realistic alternatives are getting scarce."

No kidding. I'm still sticking with CDs - even after this incidentj. I've always had autorun disabled, so it poses no threat to me.

BUT, I can definitely understand people's reasons for not buying CDs, especially now.

Score: 0

By Maxwolf

posted Nov 11, 2005 - 9:39 AM

And the perfect excuse too!

Score: 0

By PC_Tool

edited Nov 11, 2005 - 10:38 AM

No, actually, it's not.

Did some more research. ROMS resembles RIAA more than I had originally understood.

So much for AllofMP3. 'Tis a shame, it'd be a great model for the Music industry if they could be the slightest bit ethical about it.

Score: 0

By kevrocker86

posted Nov 10, 2005 - 5:48 PM

I just realized I almost prefer reading your comments along with PC_Tool's comments more than reading the articles themselves here on betanews... lol. So many poor comments on some topics, but the two of you usually have some great things to point out.

Score: 0

By PC_Tool

posted Nov 11, 2005 - 8:36 AM

It's the flame-retardant. Really.

Score: 0

By AshG

edited Nov 10, 2005 - 2:42 PM

One of the other articles talks about how viruses are appearing that make use of Sony's rootkit to hide. I believe that Sony should be sued for damages for each virus that uses the XCP cloaking technology, as it was their greed that unleashed this new destructive tool on the world.

What we have is an electronic equivalent of the Exxon Valdez, with plenty of damage and destruction to come because of power-drunken negligence and poor corporate steering.

Score: 0

By imafurby

posted Nov 10, 2005 - 2:22 PM

"Record company weasels strike a colossal blow at own selves." Geez, this is gonna make every CD suspect from now on. Hard to imagine how much more messed up this could have been. How to not encourage people to buy CDs anymore. Maybe they just want to kill the whole manufacturing process and go purely digital. That's a big cut in operating costs.

Score: 0

By wat0114

posted Nov 10, 2005 - 2:04 PM

You legally purchase a cd, place it into a cd drive of a legally purchased pc and, voila!, Sony's DRM technology secretly plants a rootkit on your machine. I'm boycotting ALL Sony products until they do away with this malicious practice.

For those interested, here's an online petition against Sony's rootkits (just don't post your address or phone number).

http://www.petitiononline.com/bcsony/petition.html

Score: 0

By wincement

edited Nov 10, 2005 - 3:24 PM

I think the lawsuits will have a little more effect than a petition. Good idea though. I still signed it and sent them my thoughts via their website's feedback form.

Score: 0

By PC_Tool

posted Nov 10, 2005 - 3:09 PM

Heh... Did that a *while* ago, but thanks for the linky.

Score: 0

By deadmonkey

posted Nov 10, 2005 - 1:46 PM

Good move of McAfee. Nice to see they did the right thing for the customers. It isn't easy to be the first to do something like this so I am impressed with their decision.

Score: 0

By Jedite

posted Nov 10, 2005 - 1:45 PM

That is a missleading statement by McAfee, over on Marks Blog in www.sysinternals.com/blog someone already posted that the McAfee AV detects, and decloaks the application but does not remove it.

Score: 0

By spamspanker123

posted Nov 11, 2005 - 4:41 AM

Why can't you just uninstall the driver for your affected drive, then reinstall it?

Score: 0

By Jedite

posted Nov 11, 2005 - 11:05 AM

No that doesnt work. Mark from sysinternals who originally discovered this rootkit, went on to detail what he had to do to remove it. If you were to delete the actual .sys file called aeris.sys your CD-ROM drive would become useless.

To fix it you would have to dig deep into your systems registry and hack away at some entries to restore the drive. A comp novice wouldnt even know were to start. Heck most geeks would find it difficult to fix.

If you want check out all of Marks blogs which i think are 4 related to this topic, explaining the intial finds and the painful process of removal.

www.sysinternals.com/blog

Score: 0

By PC_Tool

posted Nov 10, 2005 - 3:07 PM

Yeah, just saw that.

Damn.

So no-one has come up with a way to safely remove this thing without risking some serious sh1t with Windows.

Hopefully someone soon will. This is getting pretty bad.

Score: 0

By JacenSolo

posted Nov 10, 2005 - 4:07 PM

This is Windows. The whole thing is cross programmed and dangerous.

I think that it'd have to be done at the operating system level by Microsoft (prevention)

Score: 0

By Maxwolf

posted Nov 11, 2005 - 9:40 AM

Cross programmed? Do you even know any programming languages outside of VB?

Score: 0

By PC_Tool

posted Nov 10, 2005 - 4:12 PM

Beat the windows thing to death...c'mon...I know you want to.

Score: 0

By wincement

posted Nov 10, 2005 - 4:52 PM

I think it might already be dead.

Score: 0

By JacenSolo

posted Nov 10, 2005 - 7:02 PM

*picks up a stick and beats Windows over the head*

Score: 0

By PC_Tool

posted Nov 11, 2005 - 8:36 AM

*pokes it with a stick*

*swats fly*

Yup. She's dead.

Score: 0

By deadmonkey

posted Nov 10, 2005 - 1:47 PM

Is this because removing it can cause some nasty problems with the CD drive or some other reason?

Score: 0

By Jedite

edited Nov 10, 2005 - 2:01 PM

Im guessing so. Basically when it unhooks itself from the driver it can cause the system to crash because of bad coding practices.

Also the process of fixing the registry so your system can once again use the CD drive, is pretty heafty

Score: 0

By fewt

posted Nov 10, 2005 - 1:06 PM

"With the latest DATs, McAfee detects, removes, and prevents reinstallation of XCP,"

Respect +1 to MCafee

Score: 0

By nightops

posted Nov 11, 2005 - 11:26 AM

Respect +0.5 to McAfee, it does NOT remove ;-) To prove: run one of the listed XCP-protected CD's. Find Aries.sys as well as check for the cloaked files using Mark's Rootkit Revealer (www.sysinternals.com). Run the latest DAT on McAfee. Restart. Check for Aries.sys and the cloaked files using the Rootkit Revealer. Wow, the cloaked files are there, as well as Aries.sys. However, the files are no longer cloaked, and the registry has been fixed.

Score: 0

By PC_Tool

posted Nov 10, 2005 - 1:13 PM

"prevents reinstallation of XCP,"

Now if only that read "XP".

*ducks*

Score: 0

By JacenSolo

posted Nov 10, 2005 - 4:08 PM

*agrees*

Score: 0

By fewt

posted Nov 10, 2005 - 3:54 PM

HAH!

Score: 0

By wincement

posted Nov 10, 2005 - 2:39 PM

Lol. Hope you've smeared lots of flame-retardant all over.

Score: 0

By PC_Tool

posted Nov 10, 2005 - 3:02 PM

After the last few P2P threads, I've made it part of my routine to bathe in the stuff daily.

Score: 0

By wincement

posted Nov 10, 2005 - 3:21 PM

LOL. You'll notice, I've stayed away from those stories entirely for just that reason.

Score: 0

By PC_Tool

posted Nov 10, 2005 - 4:13 PM

But it's *so* much fun!

Score: 0

By gawd21

edited Nov 11, 2005 - 11:22 AM

Why would anyone want to avoid them. I mean heck, this is what makes my day fun.

Score: 0

By PC_Tool

posted Nov 11, 2005 - 1:42 PM

lol...

That's gotta suck, man.

Score: 0

By gawd21

posted Nov 11, 2005 - 1:57 PM

Well when you are stuck on the phone in front of a PC all day, there really isn't much you can do.

Score: 0

By PC_Tool

posted Nov 11, 2005 - 2:16 PM

Oh man...how wrong you are...

Just imagine the pranks you could pull on your cube-mates.

When I worked in the Roseville MPC callcenter, we'd torture eachother. Still managed to beat out the rest of the groups in resolutions, though somehow.

It's also amazing the hand/sign-language you can come up with to describe the current customer you're on with.

Be creative, man.

*grin*

Score: 0

By gawd21

posted Nov 11, 2005 - 2:28 PM

LOL. I could imagine, however, I work from home.

Score: 0

By PC_Tool

posted Nov 11, 2005 - 2:44 PM

Okay...now *that* sucks.

I'm sure it has it's benefits, but the social aspect just got shot out the window.

Score: 0

By W@KK0

edited Nov 10, 2005 - 1:03 PM

Sony is royally screwing up left and right over this.

Sony also needs to fire the BMG president for the moronic comments made during the other day's interview. That or enforce it. Hey, if Sony doesn't know their getting hacked, what are they getting so upset about?

Score: 0

By PC_Tool

edited Nov 10, 2005 - 12:57 PM

Go McAfee!

While the rest of the AV world holds it's breath, McAfee takes the first bold step and not only detects and informs, but removes and prevents re-installation of Sony's *first* attempt at virus coding.

Eat it, Sony.

To the other AV manufacturers, grow a spine and stop this BS now, before it gets out-of-hand.

Score: 0

By jsc315

posted Nov 10, 2005 - 3:22 PM

I've never been a fan of McAfee but i got to give it to them this time. At least someone is taking this into there own hands.

Score: 0

By JacenSolo

posted Nov 10, 2005 - 4:09 PM

I've never been a fan of any of the big companies, but I must say that McAfee is doing the right thing. Now, if only Sony's webserver blows up...

Score: 0

Dec 2 - 5:09 PM ET Microsoft: Vista SP2, Windows Server SP2 betas Thursday

Dec 2 - 4:55 PM ET With premium content, monetization will follow, says YouTube exec

Dec 2 - 3:59 PM ET Europol plan against cyber-crime would enable remote searches

Dec 2 - 2:22 PM ET Roaming SMS charges to decrease in Europe

Dec 2 - 1:41 PM ET Oracle contributes Linux code for detecting 'silent data corruption'

Dec 2 - 1:31 PM ET Sling.com launches its joust with Joost

Dec 2 - 1:27 PM ET Nokia closes its Symbian acquisition, seeding an open source foundation

Dec 2 - 11:44 AM ET Another confusing split decision in Broadcom / Qualcomm spat

Dec 2 - 11:02 AM ET Africa is springing into fertile ground for WiMAX

Dec 2 - 10:08 AM ET Nokia goes full-tilt in unveiling its N97