how-to block ads
|
TrueAudio2
join:2005-08-06
| Gilliat-Smith's of F 4 I Psychobabble
»news.com.com/5208-7355-0.html?fo···start=-1
"No comments" - baloney
Reader post by: Wally Bass
Posted on: Wed Nov 02 19:23:09 PST 2005
Story: Sony CD protection sparks security concerns
>>"I think this is slightly old news,"Gilliat-
Smith said. "For the eight months that these CDs have been out, we haven't had any comments about malware (malicious software) at all."
Let me translate this.
"Since most people lack the skills of
Russinovich, no one else so far has been able to track any of the system failures that we have induced back to us. You see, we spent an extraordinary amount of time covering our tracks by cloaking things that people would normally able to see in their systems.
"As to the (probably thousands of) poor smucks whose CD disappeared due to our code, or who blue screened, or whatever, and who spend hours trying to figure out what was wrong, and then more hours rebuilding their systems - well - who cares. They didn't trace it back to us - it doesn't affect our bottom line."
I really love his attitude: "well, we knew that we screwed you eight months ago - boy are you guys dummies that you only now have figured it out."
Hopefully, a good case will be made against these clowns, and Sony will pay heavily though a class action suit, and in the marketplace. With a little luck, maybe someone will even do some jail time. | |
Nailbag
join:2001-10-16
London, ON
 ·Rogers Hi-Speed
| How about this:
Antivirus firm CA finds security risk in Sony's DRM rootkit
Posted by Quakester2000 on 10 November 2005 - 12:59 - Source: Zdnet
Kerry56 used our news submit to tell us that antivirus companies from around the world are now releasing tools to both identify and in cases remove Sony's DRM toolkit. With Computer Associates saying that it does much more than initially thought and that their software will remove it. Antivirus firms view Sony's DRM toolkit as a potential risk as it installs itself into the windows operating system and hides itself. The software is then hidden from the OS and any other programs on the system including antivirus programs. If exploited by marking a file with the same characters that hide its DRM from the system a virus could run undetected.
There have been a wide range of opinions from antivirus firms with Symantec which owns Norton Antivirus saying that its software will detect the DRM rootkit software but will not remove it. Instead it says that its software will give a link to Sony’s website that will show how to remove the program along with the patch that exposes the files.
Computer Associates on the other hand says that it will release software that will remove it after finding that the software did much more than stop the copying of protected CD's. CA found that Sony’s rootkit made itself the default player on the host system and sent back information detailing what cds you played along with your ip address. CA also found that wither or not intended the software makes it impossible to make a clean rip from non protected cds as it inserts pseudo-random noise into the MP3 file that makes it of poorer quality. Computer associates president said what was disturbing was the fact that the software gave no notice or approval as well as a lack of an easy removal tool.
Sony said it was investigating these c claims by Computer associates but had no immediate comments to make. The outcry comes 8 months after the first CD with Sony’s Rootkit was released in the US.
Antivirus companies are releasing tools this week to identify, and in some cases remove, copy protection software contained on recent Sony BMG Music Entertainment CDs. The software has been identified as a potential security risk.The Sony software, found on several of the company's recent albums, is triggered by playing one of the CDs in a PC. From the CD drive, the software installs itself deeply inside a hard drive and hides itself from view. This cloaking technique could be used by virus writers to hide their own malicious software, security experts have said.
There is a range of opinion among security companies about how much risk the software poses, from those who consider it no worse than an adware pest to those who view it as potentially dangerous spyware. Symantec said on Wednesday that its antivirus software would identify the Sony software, but would not remove it. Instead, it will point to Sony's own Web site, where users can get instructions for uninstalling the software or download a patch that will expose the hidden components."We're trying to reinforce here that we're not talking about a virus, or malicious code, we're talking about technology that could be misused," said Symantec Senior Director Vincent Weafer. "We're trying to work co-operatively."
However, Computer Associates, which has a security division, said on Monday it had found further security risks in the Sony software and was releasing a tool to uninstall it directly. According to Computer Associates, the Sony software makes itself a default media player on a computer after it is installed. The software then reports back the user's Internet address and identifies which CDs are played on that computer. Intentionally or not, the software also seems to damage a computer's ability to "rip" clean copies of MP3s from non-copy protected CDs, the security company said."It will effectively insert pseudo-random noise into a file so that it becomes less listenable," said Sam Curry, a Computer Associates vice president. "What's disturbing about this is the lack of notice, the lack of consent, and the lack of an easy removal tool."
A Sony spokesman said the company's technical staff was looking into the issues identified by Computer Associates, but had no immediate comment.The furore over the Sony software comes nearly eight months after the copy protection technique, created by British company First 4 Internet, was first released on a commercial disc in the United States.
| |
|
