EFF Pushes Consumers to Claim Rootkit Compensation 189
An anonymous reader writes "'It's time for music fans who bought Sony BMG CDs loaded with harmful XCP or MediaMax copy protection to claim their settlement benefits', says the EFF's Derek Slater in an awareness campaign that is urging those inflicted with one of Sony BMG's rootkit infected CDs to collect what is due to them. The compensation is a DRM-free version of the original CD, $7.50, and album downloads from iTunes, Sony Connect, and others."
Summary correction: (Score:5, Interesting)
Should read:
is a DRM-free version of the original CD, $7.50, and DRM-laden album downloads from iTunes, Sony Connect, and others.
I'd also like to know if anyone is going to try for a real settlement - like a company having to audit their network after finding one PC rooted.
Re:Summary correction: (Score:3, Insightful)
Re:Summary correction: (Score:3, Insightful)
--
Find the lowest price at PriceAge [priceage.com]. Comparison Shopping with online coupons.
Not true. (Score:5, Insightful)
Apple has changed the number of CDs you can burn it to, and the number of computers you can have the music on at the same time. Apple also force upgrades by requiring new software for new model iPods, so not updating iTunes isn't a viable way of escaping changes in the DRM permissions.
If Apple ever decided to build backdoors into iTunes, people would still have no choice but to upgrade and have all the backdoors affect all of their music, if they want iTunes to work with their latest iPod... or if they chose not to buy the latest iPod because of the backdoors, they would lose the ability to play all of their music on-the-go, since the music can't be played on any competing MP3 players.
Not as bad... up front, maybe. (Score:3, Insightful)
No thank you.
Re:Not as bad... up front, maybe. (Score:5, Insightful)
Because people knowing about a fair(er) form of DRM and agreeing with it is SO evil.
iTunes' DRM is very acceptable to most people, as its limits aren't very strict, and it only applies to music. Trusted Computing or whatever bollocks they call it now isn't in the same ballpark.
Re:Not as bad... up front, maybe. (Score:2, Insightful)
Re:Not as bad... up front, maybe. (Score:2)
Re:Not as bad... up front, maybe. (Score:3, Insightful)
Re:Not as bad... up front, maybe. (Score:2)
Please tell me how FairPlay DRM restricts fair use. You can burn it to CD, you can listen to it...where precisely is the problem?
Re:Not as bad... up front, maybe. (Score:3, Insightful)
Re:Not as bad... up front, maybe. (Score:2)
Obviously.
Re:Not as bad... up front, maybe. (Score:3, Informative)
Second, you can't transfer ownership of the AAC itself:
Re:Not as bad... up front, maybe. (Score:2, Insightful)
Re:Not as bad... up front, maybe. (Score:2)
Re:Summary correction: (Score:5, Interesting)
I completely agree with you - but itunes was not the only music service mentioned. From the EFF's site: CONNECT Music, f.y.e., iTunes, or Wal-Mart.
Whilst you might be prepared to trust Apple's DRM (and to be fair, I don't see much wrong with its terms either), read this thread [rokulabs.com] before trusting Wal-mart's. (I don't think I'd have to work hard to convince most people here that putting faith in Sony's DRM is a bad idea as well.)
The ultimate trouble with drm - any drm, is that it restricts your right to do what you want to do with your music. It's like giving a company the keys to your CD cabinet & trusting them to unlock it when you ask them.
Re:Summary correction: (Score:2)
Re:Summary correction: (Score:2)
Again, I agree. Apple's drm (along with both Sony's & Microsofts) can be easily defeated. It still doesn't really change the inention - to restrict me.
The fact that I'd have to:
a) Find a blank CD (why would I have one around for when I buy my music online anyway?)
b) Encode using a highly compressed source
to listen to music I've purchsed legally p
Re:Summary correction: (Score:3, Informative)
Seriously, that "just burn a CD" argument is tired, old, and most importantly, invalid. Stop using it already!
Re:Summary correction: (Score:2)
Purchasing copyrighted material is nothing more than a "lifetime rental fee".
You also get the right to give your license away to someone else. If I get a book, I can resell it after reading it. If I get a Windows CD, I cannot resell it, because there is no way of "disabling" my Windows license.
Re:Summary correction: (Score:2)
Well, apart from being crap, what's that got to do with music, which is what we were actually discussing?
Re:Summary correction: (Score:4, Insightful)
1) Unless otherwise clearly informed of the fact at the time of purchase, I have bought the licence in perpetutiy, not for a limited time - I do not expect to lose access simply because the company goes belly-up and the DRM prevents me from accessing it.
2) If I have bought the right to listen to the music, then I should be allowed to replace it if lost, stolen, destroyed or otherwise unusable to me for a nominal replacement fee. I should not be forced to buy a new CD at full retail simply because my daughter broke the old one.
Re:Summary correction: (Score:3, Informative)
Parent is pointing out that the record companies shouldn't have it both ways. If the record companies cause you to lose your ability to listen to the music (by preventing you from backing it up for instance), they should have to provide you a free replacement. Or at most a cd at cost but I personally think th
Re:Summary correction: (Score:3, Informative)
Not sure if you speak of a specific rental service (I have no idea about itunes or any of the others mentioned in the post you replied to) or about buying music in general. If we stick to music in general, yes it is yours, those specific copies of the music are. No idea why you have some other idea.
>The only thing you get by buying a movie, music, or game is the right to
>watch/listen/play.
No, if you buy it, you buy it, that is covered by normal sales laws, co
Re:Summary correction: (Score:3, Insightful)
Not as far as I can tell it isn't. Most CDs say somewhere on the case something along the lines of "no unauthorised copying, hiring, lending, reproduction, public performance or broadcasting of the work". If I was the actual owner of the music that I'd just purchased, why is anyone else able to put those restrictions on what I do with it?
If I buy a bottle of Coke, I'm not told that I wouldn't be allowed to serve it at
Re:Summary correction: (Score:5, Insightful)
That would be a painful settlement. How many thousands/millions? of PCs were hit?
Apologize (Score:5, Insightful)
Companies who pull this shit need to be punished. Badly. Not a public tounge wagging followed by a pseudo-aplogy. They hire people to do PR and deal with that. When the company's bottom line is hurt, they will be more cautious in the future. And if it takes months or years of cases hanging over their head, the stock will suffer. And when the stock suffers, so do the folks at the top.
Anything else is just the cost of doing business.
Re:Apologize (Score:5, Informative)
Re:Apologize (Score:2, Insightful)
Pot. Kettle.
Re:Apologize (Score:2)
Yes, if it can be shown in a criminal court that this was a violation of the law, the violation warrants a jail term, and he was guilty of the crime.
What about the guy who got the rootkit code into the linux kernel, should he be jailed?
Yes, as above.
What about all the members of the cDc? Should they be jailed?
If they can be shown to be guilty of crimes, then yes. On the merits of their association alone, no.
Re:Apologize (Score:2)
Re:Apologize (Score:2)
Errr...what? What worm in GCC? I've never heard of this, and apparently Google hasn't either? There's a worm that required GCC be on a system in order to compile the worm code, but that's hardly a worm in GCC.
Similarly, what rootkit code in the kernel? Again, Google appears to have never
Re:Apologize (Score:2)
Re:Apologize (Score:4, Interesting)
Re:Apologize (Score:2)
Re:Apologize (Score:2)
Re:Apologize (Score:2)
Re:Apologize (Score:2)
Assuming somehow you could prove that the directors and CxOs knew that the DRM was even sold, (what chances are there that those individuals are even tech savvy enough to know what DRM is), what justifies this? What are the losses? Has anyone stepped forward and said, 'My machine was hacked because of a defect in your product!'
Without quantifiable damages or actual harm, what right do you have to call for them being jailed? I think what's fair is a new copy of the CD withou
Maybe so, but... (Score:2)
Re:Apologize (Score:3, Insightful)
Compensation...? (Score:3, Insightful)
There needs to be a clear signal. What we're seeing here is just a buyout.
Re:Compensation...? (Score:2)
Re:Compensation...? (Score:2, Insightful)
1) Like mail-in rebates a good portion of the tactic relies on the fact that many people will simply not find it worth their time/trouble to bother pursuing the claim. A good portion of people will take the first couple of steps and then find that other things in life demand more attention. Eventually the claim period expires or the person simply doesn't feel like devoting effort to it. This is unacceptable. It allows corporate crim
Re:Compensation...? (Score:3, Insightful)
Basically, they sent a letter to Sony before suing them outlining the steps that they should take to correct their mistake. Sony ignored the letter, and the EFF sued them. They came to a settlement that achieved most of the suggestions outlined in the original EFF letter.
The settlement wasn't too bad. Sure, they didn't hit Sony as hard as they could have, but everyone is getting replacement CDs and a small amount of compensation money. Anyone wh
Well... (Score:2)
Re:Well... (Score:2)
Very Little Compensation (Score:5, Insightful)
The best thing that may come out of this is that the rules on what companies can and can't do have been clarified.
If I install software on my machine, I expect it to behave itself, providing I believe that the company itself is reputable. Sony have damaged themselves through this.
Re:Very Little Compensation (Score:2)
Re:Very Little Compensation (Score:2)
Re:Very Little Compensation (Score:2)
I just read The Great Time Machine Hoax. Very cool.
Re:Very Little Compensation (Score:2)
Re:Very Little Compensation (Score:3, Informative)
If you participate in this, you are NOT giving up your right to sue for damage to a computer or network!
Even if you get the small amount from this claim, you can still go on to sue for actual damages, should you have them.
http://www.eff.org/IP/DRM/Sony-BMG/settlement_faq
Re:Very Little Compensation (Score:2)
Re:Very Little Compensation (Score:2)
Difficult to prove. Expensive and time-consuming to pursue. Take Grandma out on BINGO night instead. The odds are better that you will come home a winner.
Re:Very Little Compensation (Score:3, Informative)
Allow? Allow?! Surely the whole point of a lawsuit is that Sony don't get any say in what's allowed - that's down to the court.
MOD PARENT INFORMATIVE!!! (Score:2)
Hey, everybody: you are not "consumers," and you are not sheeple! You are CITIZENS, and you had damn well better start acting like it!
Re:Very Little Compensation (Score:3, Insightful)
And even more importantly, if you put what you were led to believe is an audio CD in your computer's CD-ROM drive, you should expect it to behave itself by simply playing the music encoded on it and nothing more.
Friends (Score:5, Interesting)
That doesn't seem fair. One CD could have infected multiple machines, but only the original owner gets "compensated" by Sony.
Re:Friends (Score:3, Insightful)
Re:Friends (Score:2)
Re:Friends (Score:5, Insightful)
Re:Friends (Score:2)
Re:Friends (Score:2, Funny)
Re:Friends (Score:4, Insightful)
They didn't tell you or the original owner of the malware on the disk, so they are liable because they were aware of its existence.
Re:Friends (Score:2)
On the other hand, he can sue his friend, who lent him the CD.
Re:Friends (Score:2)
So yes, those who were harmed by the malware -- which I might add installs even if you attempt to deny permission -- have grounds to sue. Or would you claim I was not liable if I a
Sony get off too lightly by half (Score:5, Interesting)
Thats's the civil liability. Here in the UK what Sony have done is a *criminal* offence under the computer misuse act.
I hope we haven't even started to see the scale of damage this is going to cost Sony. Frankly I hope it bankrupts them.
If some 14 year old kid wrote this rootkit he would be staring at 10 years in jail.
Re:Sony get off too lightly by half (Score:5, Interesting)
It is supposed to be criminal here to under the CFAA (Computer Fraud and Abuse Act) [panix.com]. Of course, you will never see them charged like they are supposed to be.
B.
Re:Sony get off too lightly by half (Score:2)
I am a professional engineer, and obtaining that title is a long process, and at no point is Windows installation, spyware removal, or other pc-geek-bitch work taught or tested.
who is the ass master (Score:5, Interesting)
We can only hope (Score:3, Interesting)
This will like set an important precedent w.r.t. rootkits and other commercial malware (Starforce anyone?). I only hope the result will be good for the customer and not the corporations. If Sony don't get the punishment they deserve for this, everyone else will jump on the bandwagon.
Re:We can only hope (Score:2)
I avoid buying Sony products, unless the product is substansially better than the competition. If more people buy fewer Sony products, you can be sure that Sony execs will take notice. So their CD stunt had effect spilling i
Days of War, Nights of Love. (Score:2, Insightful)
Knowing this, is how politics take advantage of the mass consumer thinking.
Days of War, Nights of Love is a collection of political essays which may touch on these ideas:
http://en.wikipedia.org/wiki/Days_of_War%2C_Night
Re:Days of War, Nights of Love. (Score:2)
In the run up to Easter people have other things on their mind than a refund from SONY. I don't give this "awareness" campaign much chance.
No thanks to ANYTHING from Sony (Score:5, Interesting)
And the "real" punishment, as far as I'm concerned, is that I had the opportunity to explain to a lay-person what Sony has done, why they did it and why they shouldn't trust Sony with their dollars ever again. I truly think it's a powerful thing since these people found out first-hand that it wasn't "their fault" and that trusting a big company like Sony to always do the right thing is pretty wrong. The opinion these people, and those they that hear their story, hold of a much lower opinion of Sony than they once did.
May Sony feel the wrath of the consumer!!
Re:No thanks to ANYTHING from Sony (Score:5, Funny)
Explaining it to the end users was probably a waste of time, since THEY didn't have to clean up their machines - they foisted it on you. Its the same as explaining to an IE addict why they should switch to Firefox ... over and over and over and ...
Besides, I see that there's a Celine Dion album on the list. I would argue that the world is a better place if everyone who bought that CD ends up with a non-functional computer.
Re:No thanks to ANYTHING from Sony (Score:4, Insightful)
That's how I explained it to Joe sickpack, and it worked perfectly. They hated Sony as much as we do and it's the truth.
Remember "Virus" is a scary word for the uninformed, they think it means "everything gone" or "credit card details stolen". It also does it quick enough for them not to get bored, hence perfect solution and the truth in 1.
My reply from the EFF (Score:5, Interesting)
I just read on your website where the EFF has agreed to settle with Sony BMG.
What a pathetic settlement that does nothing to assist consumers with the costs of removing the rootkit software and in addition, fails to act as any sort of a deterrent to Sony BMG.
Way to knuckle under for the little guy.
Unhappy in California
Hi ,
I'm sorry you feel that way and there may be nothing I can do to
convince you otherwise, since I understand some people want Sony
BMG's head on a pike and nothing less will do. I don't necessarily
disagree, but the law limits what we can get in the context of a
class action settlement. But I hope you'll at least give me a hearing.
First, you understand that the settlement *preserves* the claims of
folks who have hardware damage due to the rootkit, right? They can
still sue to get more and we're happy to help. The scope of the
settlement is for a different harm -- the harm of merely having
bought these bad CDs.
The main reason that we didn't settle those claims is that we haven't
had enough people come forward with proof that the CDs harmed their
computers to constitute a sufficient number for a class action. Class
actions require "numerousity" and "uniformity" of claims. If you
know of such people, please send them our way. They can bring small
claims actions. If we do discover enough folks with a common pattern
of harm, we will consider another class action.
Second, as for whether this will serve as a deterrent to Sony in the
future, I guess we'll see in time. Even if we had taken the case all
the way through to a trial and been completely successful, a court
would not be able to order Sony to cease using all DRM under current
law. So as much as I'd like to see Sony do that, this case alone was
never going to accomplish that goal.
Right now they have stopped pressing *any* CDs with DRM on them,
agreed to independent review of any future DRM (with a report to the
lawyers involved in the case), and agreed to allow non-DRM/non-EULA
versions of all of the music that was affected by the bad DRM. The
cash cost of the settlement is hard to value but Sony says that the
value of album downloads are $10 per album. If the 5 million people
affected by MediaMax get a free album download that's a cost of $50
million to Sony. That's before the $7.50 per album for the 3 million
XCP users and the extra downloads that they get, or the replacement
music for the MediaMax 3 users.
While the settlement terms are the product of negotiation and so
aren't perfect, I do think we got a good deal in the settlement for
purchasers of the CDs. Believe me it was hard fought and there is
much in there now that Sony started out by flatly rejecting. I
certainly understand if you disagree and want to try for more on your
own. You absolutely have the right to opt-out of the settlement and
bring your own action. I'd be very curious to hear how that goes if
you choose to do it.
Most important for us was:
1. stop production of any more CDs with the dangerous DRM on it.
2. get people non-DRM'd/non-EULA'd versions of their music (this was
strongly resisted by Sony)
3. do it quickly
4. get people some free music (or in the case of XCP, money) for
their trouble.
There's much more in the settlement than that, of course, but for the
purchasers these were the core goals.
Again, I appreciate your feedback.
- Show quoted text -
On wrote:
----
---- www.eff.org
Electronic Frontier Foundation
454 Shotwell Street
San Francisco, CA 94110
(415) 436-9333 x
Re:My reply from the EFF (Score:3, Insightful)
Re:My reply from the EFF (Score:3, Insightful)
But, what the EFF said was:
First, you understand that the settlement *preserves* the claims of folks who have hardware damage due to the rootkit, right? They can still sue to get more and we're happy to help. The scope of the settlement is for a different harm -- the harm of merely having bought these bad CDs.
That means that the lawsuit applies only to buying the DRM'd CD. It has nothing to do ins
Wow 7.50 plus free downloads! (Score:2)
Poor Sony, please help them out! (Score:2)
7.50 per album? I've got an upstream that will save you a cool 10k/day! Hang in there, if we can get 100k Slashdotters to help out, you'll be saving a billion dollars per day!!
This explains piracy (Score:2)
If you want more blood (Score:5, Informative)
from taking them to small claims court and getting what you deserve. Most small claims courts have a very small fee like $10 for filing, 5 minutes in front of a judge and bingo you have got cash!
* damage to a computer or network resulting from interactions between the XCP Software or the MediaMax Software and your computer (e.g., damage to your hard drive);
* damage related to your reasonable efforts to remove the XCP Software or the MediaMax Software; or
* copyright, trademark or other claims arising from the development of the MediaMax Software or the XCP Software, or any uninstallers or updates thereto.
You may still sue Sony BMG for any such claims, whether or not you choose to take advantage of the settlement benefits. As part of the settlement process, Sony BMG agreed to waive its overreaching New York forum selection clause and $5 limit on damages, so you can take them to your local small claims court for your damages.
See here for more information about the small claims process.
Re:If you want more blood (Score:2)
and if you believe this, I hold a lease on a bridge into Manhatten that you can buy out cheap.
Re:If you want more blood (Score:3, Informative)
It would be great if Sony was treated the same as some punk kid who hacks into a computer owned by MegaCorp and is fined thousands and given jailtime, but that's unlikely in
only the bad publicity harmed Sony (Score:3, Informative)
What I love is... (Score:2)
Fairness Hearing Scheduled for May 22, 2006 (Score:5, Informative)
Don't forget -- claims MUST BE submitted by December 31, 2006. If you want to be excluded from the settlement, you MUST FILE before May 1, 2006. If you do not exclude yourself, you can attend the fairness hearing, at your own expense, and be heard by yourself or through your attorney.
I run the SonySuit.com website an plan to start collecting messages about the settlement to submit to the court as exhibits to my statement at the fairness hearing. If you have a comment about the settlement, send it to sonysuit@gmail.com [mailto].
Payment (Score:3, Funny)
Not doing a good job (Score:2)
Well the EFF isn't doing a very good job. Almost nobody I know - even computer geeks like myself - has heard or taken note of the whole Sony rootkit fiasco. I only know about it myself because of Slashdot. I was dragged along to Wal-Mart when visiting my brother recently, and had to explain the whole thing to several members my family when I saw that they were
What this is really about.... (Score:3, Funny)
The Linked article was bad (Score:4, Informative)
exert...
Why does EFF think the settlement is a good deal for purchasers of the Sony BMG CDs?
EFF agreed to the settlement because we believe it provides a good compensation package for the group of people who purchased the CDs but did not experience any hardware damage as a result. This means purchasers whose claim is primarily based on their purchase of the CDs and experiencing the hassle of having to patch or uninstall their systems, or in the case of MediaMax 3, having had files installed prior to giving you a chance to agree.
EFF's goals for purchasers of the CDs were to :
There's much more in the settlement than that, of course, but for the purchasers these were EFF's core goals and the settlement meets them all. That's why we think the settlement is a good deal and we endorse it.
So much for compensation, how about the damage? (Score:2)
Imagine you're a computer illiterate. Like about 70% of the people out there, who just know how to slip a CD in and hope that autorun works. Who is going to pay for the expert they need to get the computer back into shape? Or, if they don't, who's gonna pay for the consequential costs those backdoor'ed and trojan-prepared machines are going to cause? Who's going to pay the hours necessary if you do it yourself?
My time has a price
Title should be... (Score:2, Insightful)
I would think they would be encouraging victims to withdraw from the class action. Maybe the victims who did so would get nothing (as opposed to next-to-nothing), but every victim who withdrew from the class would cost the lawyers who agreed to this worthless settlement a little bit of their fee.
Not only does the agreement not compensate the victims for real damages ($7.50 is what, 10 minutes of tech support?), but contains no punitive damages. Let's not forget that Sony di
Very Lame Compensation (Score:3, Insightful)
I don't see a single thing in this settlement that punishes Sony sufficiently to absolutely convince them to never even think of attempting this again.
Worse yet, I don't see anything here to scare off any other big music or movie company from trying the same thing.
Sony should have gone down big time over this one.
And the lawyers should have only gotten a replacement CD and 3 free downloads as well.
Are there still any other suits in any other state/countries pending that will hurt them more?
You have it in your wallet to hurt them (Score:2)
Now, it's not like Sony produces anything so essential that you have to have it or you die. They're in the entertainment business.
All we gotta do is realize that we can live and stay healthy without their music. Personally, I think it ain't that hard, considering the crap they sell.
I have good news and bad news for Sony (Score:2)
The good news, you don't have to recompense me for the malware-infected CD's you sold on the market.
The bad news, it's due to the fact that I don't buy music anymore. I can do without you, I hope you're fine without my money.
MediaMax Comp is a joke (Score:2)
Dave
Re:Windows only? (Score:2)