Bad Day To Be Sony 812
Not only is Sony no longer selling the RootKit CDs, Arend writes "According to a USAToday article, Sony is to pull their controversial rootkit CDs from store shelves." A nice gesture, but a little late. bos writes "Sony's DRM rootkit has been found by Dan Kaminsky to have infected at least half a million networks, according to an article by Quinn Norton for Wired News. Dan has even put together some pretty pictures of the breadth of the infection." With so many people infected, it's unfortunate that wiredog writes "From The Washington Post comes the news that serious security flaws have been found in the software that Sony is distributing to users who want to remove the Sony rootkit. The article says: 'Because of the way the tool is configured ... it allows any Web page that the user subsequently visits to download, install and run any code that it likes.'" Oops. Even Microsoft is getting into the act. ares284 writes "Microsoft said it would remove controversial copy-protection software that CDs from music publisher Sony BMG install on personal computers, deeming it a security risk to PCs running on Windows."
Re:How to boycott? (Score:2, Insightful)
PS3? No thanks, Sony; you screwed the pooch (Score:5, Insightful)
Thank god for Sony (Score:5, Insightful)
Let us hope that people find out about DRMs before they saturate the market any further.
Now look at the mess you're in, Sony. (Score:3, Insightful)
Looks like they crossed the threshold... (Score:5, Insightful)
"Paging Eliot Spitzer [wikipedia.org], Paging Eliot Spitzer, Mr. Spitzer white courtesy phone..."
Vulnerability (Score:5, Insightful)
The question is, will they get punished for this by the authorities? The FBI and police seem to be happy to jail writers of virii or worms or those who spread vulnerabilities to unsuspecting systems. Why shouldn't the product manager responsible for this pay for his crime of making the nations computers even more insecure?
Considering the rootkit is installed without owners realistically being aware, doesn't that make it equivalent to a form of worm, virus, or other type of nasty?
I seriously believe that someone should be doing jail time for this. Such a punishment would make any other malfeasants think twice before thinking that they don't have to obey the law.
Boycott Big Music (Score:5, Insightful)
Who was held accountable? (Score:2, Insightful)
Re:How to boycott? (Score:5, Insightful)
Re:How to boycott? (Score:3, Insightful)
Re:How to boycott? (Score:5, Insightful)
FBI? NSA? Homeland Security? (Score:5, Insightful)
If this had been an individual, or small business, you know they would already be behind bars awaiting trial for violating some law or another... possibly even being brought up on some sort of national security-related charges.
( Someone in a secure/top secret/classified government network has probably stuck one of these CDs into their machine at some point.)
I want to know why the Feds aren't treating Sony like they would anyone else
buy second hand? (Score:5, Insightful)
Re:Thank god for Sony (Score:3, Insightful)
And if for nothing else this has been very funny to watch the problems snow ball for Sony.
Re:FBI? NSA? Homeland Security? (Score:5, Insightful)
By associating it with democracy, though, that makes it all better. We're all supposed to be happy that corporate profits supersede individual rights and property.
For the love of $$$ (Score:1, Insightful)
Wow (Score:5, Insightful)
They actually got the Department of Homeland Security to denounce them. I knew it had to be good for something
The great thing about all of this is that now that the Feds are aware of this evil DRM bullshit, they will start regulating it a little better. As it stands now, the DMCA basically give all the media companies "carte blanche" with regards to copy-protection schemes.
Re:How to boycott? (Score:2, Insightful)
Even if you were lucky enough to gather a large amount of people, their producs are so intertwined with everyday technology that your actions won't make the slightest dent in their profits.
It might seem like a good idea on how to "stick it to the man", but in reality it's not quite so effective.
Even with all this bad publicity, they'll probably see a temporary dent in their stock, but 6 months from now all will be back to normal.
Then the PS3 comes out, yadda yadda...
Won't work.
Re:How to boycott? (Score:3, Insightful)
Yes, there is something wrong with businesses that need the government in order to make profit. It's wrong because it goes against the nature of free markets. Have you heard of corporate welfare? If a business cannot make the profits necessary, then it should either change its business plan or die, and not have taxpayers pay to keep it alive. There is a huge difference between governments contracting corporations in order for them to build infrastructure and schools, and governments subsidizing businesses (e.g., corporate welfare). He's talking mainly about subsidies.
Re:[OT] Re:How to boycott? (Score:3, Insightful)
Because American Express rewards their customers by charging much higher merchant fees than their competition.
1 2-22-amex_x.htm [usatoday.com]
http://www.usatoday.com/money/perfi/general/2004-
Re:FBI? NSA? Homeland Security? (Score:2, Insightful)
No, they probably haven't. The kinds of machines that are in these secure environments are locked down big time...most don't even have a CD-ROM attached to the machine. The networks are closed (no direct internet access) and the machines with CD-ROMs/RWs have their lasers aligned differently so as to not be able to be read on a standard drive...one of the benifits of purposefuly misaligning the laser that writes the disks to be read in these machines is that you can't just insert a standard CD...
Yes, contrary to what the media would have you belive, the folks in secure/top-secret/classified government positions are not stupid...
Re:Looks like they crossed the threshold... (Score:3, Insightful)
Might be an interesting idea for a New York resident to make a phone call to his office...
Re:PS3? No thanks, Sony; you screwed the pooch (Score:5, Insightful)
They're associated well enough to have the name "SONY" branded on them. Good enough for me.
Re:[OT] Re:How to boycott? mercantilism (Score:5, Insightful)
Am I the only one who saw that as a disturbing statement? You spend 40 hours a week, which amounts to having a second job (I'm assuming that you're employed based on your previous statements) reinforcing your own point of view. I've met religious fanatics who don't spend that much time reading their religious scripture. Literally, you claim to be spending more time with whatever literature supports your views than a fundie does with a bible.
First off, if you wanted an informed opinion, wouldn't reading the opposition make more sense? If I want to know the full story about something, I find info from both sides, I don't just take the side I agree with as automatically infallable. Second, why the need to "reinforce" those things you already beleive? Sounds a bit too much like brainwashing for me - certainly if someone else was shoving their point of view down your throat that's the word I would use.
To kill DRM, make Joe Consumer Mad... (Score:5, Insightful)
Go Sony! Do it again!
Sony & Microsoft compete in DRM tech. (Score:1, Insightful)
Microsoft killing the Sony DRM is really scary from an anti-trust & DMCA violation point of view.
Here, you have a convicted monopoly destroying the security product of a competitor. And people are saying this is a good thing?
Re:Buying CDs is unsafe... (Score:2, Insightful)
I've changed my mind. Sony has destroyed any inhibitions I have against getting it for free from here on in. And I'm not kidding.
Re:How to boycott? (Score:5, Insightful)
If you actively pursue telling others you'll just annoy them and get labeled as a wacko. So it's pretty much up to you and your money. If the opportunity presents itself to discuss the topic without having to stretch for relevance (e.g. -- a friend/colleage/random stranger complains about a CD not working on their computer or something), then go for it. Otherwise keep to yourself. The only real exception here is demonstrations -- if you can get a reasonable number of people together then you don't look like quite such a loon; instead you look like a group of loons. But at least then you're in a flock.
As for boycotting Sony specifically -- first, write them a note telling them why you're boycotting and what they need to do to end your boycott. The second part is extremely important -- if you don't give them a method to regain your money, then why should they even bother? And in that vein, it has to be reasonable. I don't expect Sony to never issue non-CDs with DRM. I do expect them to never use this piece of crap again and to fire/relieve from their existing duties any managers that were involved in the approval of XCD.
Second, try to make sure you don't give them any money. If you want to be strict about it, then only punish Sony-BMG Music. That means no buying CDs from them. If you want to be more liberal then don't buy anything from any Sony division -- no CDs, no DVDs, no movies, no electronics (including PS2 and so forth), nothing whatsoever directly associated with the company. If you want to be even more liberal then don't buy anything that will funnel money to the company -- all PS2 games are licensed, so none of them. Similarly, many movies may use music that's owned by Sony, so start checking those music credits first! And if you want to be a complete whacko then avoid any thing that funnels money to them through cross-licensing, partnerships, and so forth. Given how big Sony is, if you take this route then I suggest you sit quietly in an open field and hope they break before you die of dehydration or starvation (pray for rain and small, harmless furry animals to wander nearby).
At least send the letter and try to stick to your boycott, at whatever level you choose. They've already done a lot more than I expected by recalling the defective CDs. Now they need to post a public apology (from a Japanese company that's a big deal), post a non-ActiveX method on their website to completely and utterly remove the DRM (and the decloaking junk), and appropriately punish the management involved in this cock-up. That would make me happy at least.
Comment removed (Score:2, Insightful)
Quite the reverse (Score:5, Insightful)
That sounds to me like more reason to boycott, not less - the impact is not compartmentalised, but spreads across their entire business. It also gives ammunition to those on the inside who are fighting against the shenanigans. Sony need to get the message that their actions don't just do damage to their CD sales business, they also create a serious dent in the Sony "brand" as a whole.
Re:How to boycott? (Score:5, Insightful)
JOhn
Half a million networks? (Score:3, Insightful)
Excellent (Score:5, Insightful)
Blockquoth the AC:
Let's hope so. With a bit of luck, this case will demonstrate the idiocy of both draconian copy protection mechanisms and draconian anti-copying laws. If it becomes Sony vs. Microsoft, there will be a big, high profile case with both sides sending zillions of lawyers at each other and zillions of lobbyists at the government, ultimately with no winning option for either side since any outcome will hurt their corporate interests in the longer term even as it protects them in the short term. The government can't suck up to both parties forever, and public opinion is bound to sway against things like the DMCA, DRM, and so on the longer it goes on.
Re:Looks like they crossed the threshold... (Score:3, Insightful)
Frankly, I am glad there are at least _some_ incentives to reward people like Elliot Spitzer who try and force corporations to comply with the law -- because there are HUGE financial incentives for the corporations to flaut the law.
Maybe you'd like to explain how society should hold corporations in check after it throws away any recognition, title (politics) or money (lawsuits) awarded to those who do so. It seems to me that we should not leave corporate money as the sole remaining incentive or insist that public advocates live like monks.
So what's your point? (Score:3, Insightful)
If you don't think a boycott is the way to go maybe suggesting something that you think will make a difference would be a good idea.
Way to shoot yourself in the foot, Sony! (Score:5, Insightful)
For whatever reason, I buy one of your CD's, pay the $18 CAD or thereabouts for a new release. But this is the computer age, I don't even own a stereo, so I want to play the CD on my computer.
The first thing I notice is that the CD is DRM-ed to death so it's a pain in the ass to convert the songs to MP3 format; so much for listening to the music that I've bought on my iPod. (If I live in Canada, I may have also paid for this music twice, once through the purchase of the CD, and a second time through the levy on my iPod as "blank media".) Oh yeah, and for some reason, neither iTunes nor Winamp will play the CD.
The second thing I notice (because who really reads the EULA?) while researching how to crack the DRM, is that, among other things, if my house is burgled I will have to delete all the mp3's from this disc. (Because, you know, a burglar would spend all that time copying the MP3's from my hard drive instead of stealing the whole damn computer. And man, if I own a laptop, they're just going to leave it on the desk and take my crappy TV instead...) Also, if I don't update the software whenever it prompts me to, I will lose all access to the music that I have purchased. And I can't listen to the music on a work computer, nor can I re-sell the CD that I have just purchased. WTF?
But then my system crashes, and some virus I can't get rid of keeps me from accessing all the data on my hard drives that I haven't backed up in ages (of course). And how did this virus get on my system? Through a root kit that the Sony CD installed without even telling me it was doing so, thank you very much.
Alright, Sony, now you've shot yourself in the foot. You've basically persuaded millions of CD buyers out there (you know, the people who were actually paying for your product?) that it's easier, safer, and plain old less annoying to yoink MP3's from thier favorite website or file-sharing program.
Way to go.
(Idiots.)
Why does Microsoft look so good here? (Score:2, Insightful)
Re:FBI? NSA? Homeland Security? BullSh*** (Score:5, Insightful)
All I can say is I am in the know with regard to such matters and you are so amazingly wrong it is unbelieveable. There may be EXTREMELY isolated cases of such Machiavellian security measures, but it has been my experience that music CDs are always making it into secured areas and being played on secure machines.
Re:How to boycott? (Score:5, Insightful)
I recall that a certain popular tax preparation software (TurboTax, that's it!) got into hot water when, in the effort to curb piracy, they started mucking with the customer's boot sector, or some such. (Couple years back.) They ended up retracting their software naughtiness, and doing a profound mea culpa.
Anyhow, will these companies ever learn that the bad press from borking their customers' computers, will cost them much more than piracy ever will? Sure, they see piracy as a problem to be met with DRM, but they're losing all perspective. Their DRM hammer is leaving holes in the wall.
Good will is a commodity which is built up slowly over many years, and can be lost overnight.
Re:Vulnerability (Score:2, Insightful)
No, it makes it a pieces of spyware or malware, which may or may not yet be illegal. The state of New York (and a few others) have filed civil suits against spyware companies based on existing tresspass and privacy laws.
The 'I-SPY' act ( a Federal anti-spyware law) as far as I know is still waiting to be passed by the Senate. In fact it's been sitting in the senate judiciary committie since the end of May, so don't hold your breath.
I'm not interested in jail time so much as making sony pay. The New York state spy-ware law suits were something like a $500 fine per instance of infection - consider the millions of infected CDs Sony sold over the last 18 months, and you can bankrupt Sony pretty quickly. A $50 billion dollar class action law suit - that's a Ford Pinto type situation. I don't think they'll forget the lesson when they're still paying into a settelment fund 25 years from now.
Re:How about Criminal Charges. (Score:1, Insightful)
The skript kiddie, contrary to popular opinon, is a human being.
Sony, on the other hand, is a multi(b?)illion dollar multinational corporation.
Guess which one has more rights?
Guess which one gets more protections?
Re:PS3? No thanks, Sony; you screwed the pooch (Score:4, Insightful)
They want to make money on the Sony name, period. If there's going to be a consumer response, then the response should show the industry just what that "SONY" nameplate is worth.
Curiouser and curiouser... (Score:2, Insightful)
Re:Criminal charges against Microsoft too. (Score:2, Insightful)
Nice try.
Re:How to boycott? (Score:3, Insightful)
Possible goals:
- Better patch
- Pledge to never do it again
- Give money to spyware erradication groups
- Give money to the EFF
Note that Sony alread seems pretty willing to whatever it takes to make this go away, so I'd stick to the important stuff. If you feel you can make them do something like give $100 to everyone who bought a CD then a) you'll never win and b) you, the protestor, will look like the asshole.
Remember, boycotts should happen only in extreme circumstances. If they fix the extreme stuff then all you'll have left is the trivial, and thats no reason to go boycotting.
TW
Re:Criminal charges against Microsoft too. (Score:3, Insightful)
As the news spread, check here often (Score:2, Insightful)
This news story has really only begun to break onto mainstream media and just wait for it to hit the general public. I bet Sony cant wait to have regular Joe Schmoe think that when they buy a Sony CD, they are going to mess up and get a virus on their computer. And just before the Christmas season as well. Average consumers have no was to discern what the real problem was here, the concept of a "rootkit" would probably lead to potato or carrot issues, so they will just blanket Sony products with the "full of bad stuff" stigma. And then just wait for the sales #'s to come in after the Christmas season. This stock is going from bad to worse. Boycotts are fun, but when the guys who own $300 million in stock are getting screwed, then the fun really begins. Seppuku anyone?
Re:How to boycott? (Score:5, Insightful)
Re:Where the hell were the anti-malware vendors? (Score:3, Insightful)
Perhaps it's time to install Clam (which I just did) and then call Jay Beale and ask him him how Bastille for OS X is coming along.
I have no idea, is there a malware app like addaware for OS X?
Re:[OT] Re:How to boycott? (Score:3, Insightful)
What will work (Score:5, Insightful)
So what will work:
Litigation. That's a great start because it costs them money they can count (legal fees) instead of four people not buying some Sony product. It looks like this might end up costing them big.
Harrass customer service. It is not as effective but if a lot of people start consuming customer service with calls, again this costs them a measureable amount of money and also makes the VP in charge of customer service very angry. You want angry people at the same level in the company as the ones who are putting in things like the rootkit.
The main goal in all this should be to try and make a public example of Sony so that other companies do not do the same thing, and Sony themselves will not want to try again for quite some time.
Re:How to boycott? (Score:2, Insightful)
I disagree a little. I, as a nerd, take it upon myself to say something when people ask me specific advice about a product. That's sort of what people expect of us. If someone asks me about laptops I say, "I like IBM and Toshiba, because the experience I have with Dell and HP shows inconsistency in product quality. Sony sometimes makes great laptops, sometimes they're terrible and unsupported and Sony doesn't care. I don't buy Sony because they put on the market a virus that invades their consumers right to privacy."
Lots of times it affects people's buying decision and appreciate being told in a non-offensive manner.
But I don't walk up to people and say, "SS-S-SSO-OO-ON-N-NY'S EVIL!!! AAAHHH!" if that's what you're talking about.
Re:Where the hell were the anti-malware vendors? (Score:3, Insightful)
Looking at the list of artists the DRM affects, I'm surprised it was noticed at all. Course, I am biased, I stopped regularly buying CD's about 10 years ago. Now I buy CD's only if I'm at a store, and really bored.
Re:How to boycott? (Score:3, Insightful)
What.
It's a rootkit.
It's intended functionality is deleterious to the consumer. Better testing might have made it better, but it could never have made it Good.
Re:How to boycott? (Score:2, Insightful)
I quit buying from RIAA member companies awhile back. I'll listen on the radio, but I haven't heard anything worth buying for a long time. And I station-surf through commercials
As for Sony, I am done with them. My last TV was a Sony, but my current one is some German company that I can't pronounce. My Sony stereo has been abused for way too many years. I will not be replacing it with a Sony. My digital camera needs replaced. I'm thinking Canon. My notebook computers are Toshiba, and my desktops are custom-built and Sony-free. As mentioned above, I don't buy Sony-label (or RIAA-label) music. I haven't gone to the movies forever, and my (non-Sony) DVR watches TV for me, and most shows get erased unwatched. I think that about covers it... Well, except for gaming. My last console was an Atari 2600 and I don't do much PC gaming. When I do, it's usually Blizzard. So, Sony, what are you going to do to get my business back? Remove a couple of crappy CDs from store shelves? Not likely to get my business back. They're gonna hafta go through a lot of chapstick to accomplish that!
thanks Sony, whitenoise from now on. Jerks. (Score:1, Insightful)
Not anymore!
Re:[OT] Re:How to boycott? (Score:3, Insightful)
virtually everyone who calls themself a 'capitalist' isn't. to be a capitalist, you must live off the revenue generated by capital you control. i suspect stronlgy that dada21 and others like him actually live by trading their labour to people who are, in fact capitalists.
Re:A little harsh (Score:4, Insightful)
Robert Morris didn't intend his little worm program to spread as widely as it did, but none of the companies and universities whose networks were shut down by the Morris Worm in 1988 cared about intentions. They only cared about the fact that the worm killed their networks. When Sony's software starts playing games with my system I don't care what their intentions were, only what the results are.
How about an OS that just plays a music CD (Score:5, Insightful)
Why is the operating system trying to run a program from the CD?
You should be able to set the OS to treat music CD's as music CD's and ignore any other content.
This is all due to MS advanced features messing the user over. Pressure should also be placed on Microsoft to treat music CDs as music CDs.
Perhaps a configuration to easily switch between
1. Play Music
2. Access any Autorun features
3. Offer option of 1 or 2
"Bad Guy" paradigm shift? (Score:3, Insightful)
Up until now the RIAA trade group has been the front-man for all of the label cartels' untenable activities -- it's never been BMG, Geffen, Warner Brothers, Universal, EMI, et al, suing 12 year old girls and old ladies--noo, it's the RIAA.
Up until now whenever the consuming masses are outraged, all they have to derive their seering hatred towards is a large anonymous trade association which exists purely to absorb all of that yucky malevolent P.R.
Finally the pressure is being put on a specific corporate entity who happens to also be an RIAA member, and they will feel the wrath directly. It couldn't happen to a better company (well... okay, perhaps EMI; Bronfman is a real chode smacker).
Re:PS3? No thanks, Sony; you screwed the pooch (Score:3, Insightful)
Somebody from Texas does something you don't like. Abroad, everything from Texas or New York or even Saipan is only labelled "made in the USA." Additionally, federal taxes collected from businesses in New York still benefit those folks in Texas.
Now, would you like to go even further out of your way in the course of your boycott to make sure that you only penalize those businesses from Texas, or do you want to make sure that everybody in the US, regardless of what state they're in, is penalized for allowing Texas to do what it does and helping them to do it?
Just because there are times when you should ask whether the scalpel or the chainsaw is the best tool to use doesn't mean the chainsaw is always the wrong choice.
Re:Excellent (Score:3, Insightful)
So who's really breaking the law here? (Score:3, Insightful)
Should it be a violation of law to circumvent such copy protection schemes, even though they are harmful to the user?
It's still copy protection software, and they're still removing it.
Of course I don't think Sony would take Microsoft to court over this since they put themselves in such a bad position -- it would make them look twice as bad.
I think we finally found the missing link:
1. Sell a CD with copy protection / spyware or virus in one program
2. Antivirus will remove the program, circumventing the copyright measure and therefore breaking the law
3. Sue the antivirus maker for the huge loss of billions of dollars (per second) and the awful personal damages from such a terrible disaster.
4. PROFIT!!!
Re:Criminal charges against Microsoft too. (Score:3, Insightful)
We Need to Start a Programmers Guild (Score:2, Insightful)
yeah, right (Score:1, Insightful)
1) You're not making this up. This being slashdot, odds are you made this up.
2) It costs Sony $0 to manufacture 32" TVs
3) Nobody else in the supply chain wants to be paid, shipping costs nothing, etc.
Re:Phone Sony about the problem (Score:5, Insightful)
I don't think it will help a whole lot if the DOJ gets 100,000 emails that all look like typical /. posts.
Re:artists properly compensated? (Score:5, Insightful)
However, with the advent of internet-based human networking (IM, blogs, etc.), this is starting to change. You still can't get the old airplay and venues, but it is now affordable to distribute your music over the internet, using word of mouth to increase demand. Similarly, you might not be able to book the good venues, but with blogs etc., people can find the alternative venues that don't get ad-time in newspapers, on the radio, or on TV.
So in summary, artists often are victims, but with the new technologies of the last 10 years, more and more artists are able to emancipate themselves and survive.
Don't expect a DMCA case (Score:5, Insightful)
New sig:
--
Days since my last Sony purchase: 602
The more important question (Score:4, Insightful)
This is Typical Sony (Score:2, Insightful)
Re:Excellent (Score:4, Insightful)
I believe you underestimate the federal government.
Re:Don't expect a DMCA case (Score:3, Insightful)
Re:apply black hat laws to sony? (Score:3, Insightful)
Five dollars says that *no* sony executive will spend any time in jail
Re:[OT] Re:How to boycott? (Score:5, Insightful)
Capitalism as an economic theory has its attributes and flaws, but capitalism as a religion is the worst thing ever foisted upon humankind. If you let "do as thou willst be the whole of the law" in business, you give businessmen a license to rob and loot. Guess what. They will use it. Bowing before golden calves called "competition" and "the markets" is all anarcho-captalism is, and libertarianism is basically the same.
Re:[OT] Re:How to boycott? (Score:3, Insightful)
Capitalism is the savior of the third world. It works every time it's tried. Just look at the Asian tigers.
You should really sit down with some Ayn Rand. I'd even offer to buy a book or two for you if you'd read it. I'd recommend Capitalism: The Unknown Ideal.