View Profile
View Forum Posts
What about Canada? If I read their law correctly you can legally make complete backups for personal use as long the media you backing up to has been bought in Canada and you have paid the levy on such media.Originally Posted by adam
In the United States it is illegal to do this because we do not pay excessive levies on our products.
+ Reply to Thread
Results 151 to 180 of 201
-
-
Yes Canada has a specific law which essentially grants general backup rights in exchange for levies on media. We have a very similar situation in the United States but only in regards to musical recordings, primarily CDs. Whether a similar law is ever enacted for audio/visual works such as DVDs remains to be seen but I'm not holding my breath.
But none of this has anything to do with Fair Use which was my main point. Even though Fair Use is incredibly broad and undefined in regards to what it applies to, it is rather clear on what it does NOT apply to and that is complete perfect copies. Since the 4 tests of Fair Use are part of the Berne Convention Treaty and now the TRIPS Treaty, you are looking at all of the *major countries following these same basic truths to this doctrine.
*by major I mean countries that create the most intellectual property. (trying to be politically correct here.) -
Fair use has to be the number one most confused and most violated portion of copyright law. Most people don't even realize they are breaking it and will even go as far as to defend their fair use breaking privilege. Quite a few people even think fair use covers things for which it has nothing to do with.
-
<Dealer> Hey, man want to buy some crack?'This is the new drug on the street.'
<Man> Uh, no thanks.
<Dealer> What about Season 2 of Gilmore Girls?
<Man> Oh man, can you hook me up?
Leave to the cartels to find a non-story and jump on it for their own propaganda. -
There are a few tech columnists who are so incensed with Sony that they're calling for a boycott of all Sony products. One of them is even calling for a boycott of all CDs by any major label. While it may be true that boycotts usually don't work, the vote is still out on this. It depends upon how many consumers agree with these columnists. But, it will possibly bring a new dynamic into the debate.
Previously, when CD sales went down, the industry immediately put the blame on piracy. But if a boycott gains any significant steam, it would be much harder to use that excuse (especially for Sony/BMG). It'll be interesting to watch for reports on sales figures in the near future.
-
Of course they can still blame it on copyright infringment. They can just make up new figures as per usual.
Piracy is actually up by the way
http://news.bbc.co.uk/1/hi/world/africa/4415196.stm
I believe there are still some major labels out there that still sell actual audio CD's. If their sales stayed the same whilst Sony's, etc. went down then it might send a clearer message. Basically don't buy anything without a compact disc audio logo. -
Sony rootkit uninstaller causes bigger threat
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1145344,00.htmlThe security risk created by Sony BMG Music Entertainment Inc.'s rootkit-based copy protection software may be nothing compared to a flaw that appears when someone tries to use the tool Sony made available to uninstall it.
Researchers at Princeton University said they've taken a "detailed" look at the Web-based uninstaller software and confirmed claims from a Finnish researcher that malicious Web sites could exploit a flaw in the software to install and run code on victims' computers.
"Over the weekend a Finnish researcher named Muzzy noticed a potential vulnerability in the Web-based uninstaller that Sony offers to users who want to remove the First4 Internet XCP copy protection software," Ed Felten, a professor of computer science and public affairs at Princeton University, wrote in his Freedom to Tinker blog along with Alex Halderman, a Ph.D student at the university. "We took a detailed look at the software and discovered that it is indeed possible for an attacker to exploit this weakness. For affected users, this represents a far greater security risk than even the original Sony rootkit."
According to Felten and Halderman, a "serious" design flaw in the uninstaller puts users at risk under the following circumstances:
When the user fills out Sony's form to request a copy of the uninstaller, the request form downloads and installs an ActiveX control called CodeSupport, created by Sony's British technology partner, First4 Internet.
CodeSupport remains on the user's system after they leave Sony's Web site, and it is marked as safe for scripting, "so any Web page can ask CodeSupport to do things," the researchers said
Among other things, CodeSupport can be told to download and install code from Web sites. "Unfortunately, CodeSupport doesn't verify that the downloaded code actually came from Sony or First4 Internet," the researchers said. "This means any Web page can make CodeSupport download and install code from any URL without asking the user's permission."
In other words, Felten and Halderman said, "The consequences of the flaw are severe. It allows any Web page you visit to download, install, and run any code it likes on your computer… That's about as serious as a security flaw can get."
They recommended users take the following protective measures:
Don't accept the installation of any software delivered over the Internet from First4 Internet. That will keep CodeSupport off the user's machine, if it's not already there.
Users can check their machines to see if CodeSupport is installed by trying Muzzy's reboot demonstration link. "If CodeSupport isn't on your machine, the link will do nothing, beyond displaying a message in your browser window. But if you have CodeSupport and are therefore vulnerable, then the link will reboot your machine," the researchers said. They warned, however, that Muzzy's demo "might sometimes make things worse" and that "We'll develop a safer variant and post it [on the Freedom to Tinker blog]."
If the machine is vulnerable, delete the CodeSupport component. From the start menu, choose "Run." In the box that pops up, type (on a single line) cmd /k del "%windir%downloaded program filescodesupport.*
"This is not an ideal solution -- depending on your security settings, it may not prevent the software from installing again -- but it's better than nothing," Felten and Halderman said. "We'll have to wait for First4 Internet to develop a complete patch."
Security experts have roundly criticized Sony since researcher Mark Russinovich, chief software architect and co-founder of Winternals Software in Austin, Texas, found the company's rootkit on his own machine and wrote an analysis of it on his blog at Sysinternals.com, setting off the controversy.
Experts said Sony was playing with fire by using a rootkit-based digital rights management (DRM) system to prevent CD copying and that the company's move could trigger a variety of dangerous exploits. -
Everyone knows Pirates hate our freedom.Originally Posted by Headbanger's Ball
They capitalize on people like this
-
Here's recap from the beginning up to now:
http://slyck.com/news.php?story=996 -
So who is actually liable here; Sony, First4Internet, or both?
Can Sony protect their deep pockets by placing all the blame on First4Internet? -
Our cities are not safe! First it was Crack Houses now it's DVD Houses! When will it end?
-
Interesting. So then (in theory :P ) a DVD that has been ripped and had portions removed (such as all the !##$@#$@@!!^$# commercials) is no longer an exact copy and should be perfectly legal under fair use.Originally Posted by adam
Or one that has been passed through DVDShrink (or other) and had the data altered to make an "imperfect copy" should also be OK.
Edit: Don't know how I missed this the first time...
Then why all the bruhaha over DeCSS? Without it exercising your rights to Fair Use was severely hampered.Originally Posted by adam -
Partial and/or imperfect copying is one requirement of Fair Use, specifically a requirement based upon the "substantiality of copying" prong of the test. You've still got to judge the actions under the other 3 prongs as well as on balance, even if you are only excerpting. Fair Use is intended to apply to things like scientific research and educational endevours. It has very limited application to purely non-cultural uses, such as archiving something to protect your purchase. Once again, no court in any country has ever ruled that Fair Use allows archival copying of IP based goods. That is simply not at all what Fair Use is intended to protect. And the guidlines for Fair Use rule out any kind of technical avoidance of the "no complete copying" rule by just ommitting something. For instance, when excercising Fair Use copying of written works you are generally limited to excerpting "short passages" not even full pages much less full chapters. You also have to have a good reason. Unless you are a library, its not sufficient to just copy it in case the original gets damaged.
As for DeCSS, again nothing in life is that black and white. Just because something has lawful purposes doesn't mean it cannot be regulated. DeCSS itself has withstood legal testing because it can be used to play DVDs in Linux. The code itself really cannot get you into trouble. But programs that primarily backup DVDs, and contain the code, run afoul of the DMCA because they have limited Fair Use purposes. Yes there are still valid purposes but that is not the test for contributory infringement which software/hardware is judged upon. The device must have a "substantially" non-infringing purpose and its primary intended use cannot be infringing. In the 321 Studio's case the 9th Circuit ruled that the software (it was basically straight backup software) had only limited Fair Uses and that people could still exercize Fair Use copying through analogue measures. (I guess the judge wasn't very familiar with Macrovision.) The main nail in the coffin was the fact that the software was obviously intended to be used for archival copying of commercial DVDs in violation of their copyrights. 321 Studio's did not deny this either.
And another important thing to note is that Fair Use is not a right. Fair Use is an an affirmative defense to copyright infringement which means that it by definition is an exception to those rights granted to the copyright holder. These exceptions are intended to be limited and they are not guarantees. The copyright holder is perfectly within their rights to limit infringing activity even if it impinges on Fair Uses, so long as you are still capable of exercising those Fair Uses. So far, US courts have ruled that there are other ways besides DeCSS based ripping software.
To cover my ass here, since these topics tend to get heated, I am expressing no opinion one way or the other about anything I just typed. That's just the way it is to the best of my knowledge. -
Attack targets Sony 'rootkit' fix
http://news.com.com/Attack+targets+Sony+rootkit+fix/2100-7349_3-5956707.html?tag=nefd.topSony BMG took another blow Wednesday, when a security company said it has found malicious attacks based on software designed to defuse the record label's "rootkit" problems.
Websense's security labs reported that it has discovered several Web sites designed to exploit security flaws in a rootkit uninstaller program issued by Sony BMG Music Entertainment. As reported earlier, some Sony CDs deposit rootkit-like code onto people's computers that leave them open to attacks. -
I'm very curious about what a thorough dissection of the replacement CDs would show.
-
Boing Boing has a nice little roundup of the SONY rootkit information.
http://boingboing.net/
WIRED has this
Quoted from Boing Boing
http://www.wired.com/news/print/0,1294,69601,00.htmlSchneier: Why didn't anti-virus apps defend us against Sony's rootkit?
Bruce Schneier has a great editorial on Wired News that asks why anti-virus companies -- who would normally address a rootkit or similar piece of software within hours -- didn't notice Sony's rootkit, which had been in place since mid-2004? Also: why did they initially refuse to patch against it? Who do these companies work for -- us, or the entertainment industry?
Real Story of the Rogue Rootkit
By Bruce Schneier
Story location: http://www.wired.com/news/privacy/0,1848,69601,00.html
02:00 AM Nov. 17, 2005 PT
It's a David and Goliath story of the tech blogs defeating a mega-corporation.
On Oct. 31, Mark Russinovich broke the story in his blog: Sony BMG Music Entertainment distributed a copy-protection scheme with music CDs that secretly installed a rootkit on computers. This software tool is run without your knowledge or consent -- if it's loaded on your computer with a CD, a hacker can gain and maintain access to your system and you wouldn't know it.
The Sony code modifies Windows so you can't tell it's there, a process called "cloaking" in the hacker world. It acts as spyware, surreptitiously sending information about you to Sony. And it can't be removed; trying to get rid of it damages Windows.
This story was picked up by other blogs (including mine), followed by the computer press. Finally, the mainstream media took it up.
The outcry was so great that on Nov. 11, Sony announced it was temporarily halting production of that copy-protection scheme. That still wasn't enough -- on Nov. 14 the company announced it was pulling copy-protected CDs from store shelves and offered to replace customers' infected CDs for free.
But that's not the real story here.
It's a tale of extreme hubris. Sony rolled out this incredibly invasive copy-protection scheme without ever publicly discussing its details, confident that its profits were worth modifying its customers' computers. When its actions were first discovered, Sony offered a "fix" that didn't remove the rootkit, just the cloaking.
Sony claimed the rootkit didn't phone home when it did. On Nov. 4, Thomas Hesse, Sony BMG's president of global digital business, demonstrated the company's disdain for its customers when he said, "Most people don't even know what a rootkit is, so why should they care about it?" in an NPR interview. Even Sony's apology only admits that its rootkit "includes a feature that may make a user's computer susceptible to a virus written specifically to target the software."
However, imperious corporate behavior is not the real story either.
This drama is also about incompetence. Sony's latest rootkit-removal tool actually leaves a gaping vulnerability. And Sony's rootkit -- designed to stop copyright infringement -- itself may have infringed on copyright. As amazing as it might seem, the code seems to include an open-source MP3 encoder in violation of that library's license agreement. But even that is not the real story.
It's an epic of class-action lawsuits in California and elsewhere, and the focus of criminal investigations. The rootkit has even been found on computers run by the Department of Defense, to the Department of Homeland Security's displeasure. While Sony could be prosecuted under U.S. cybercrime law, no one thinks it will be. And lawsuits are never the whole story.
This saga is full of weird twists. Some pointed out how this sort of software would degrade the reliability of Windows. Someone created malicious code that used the rootkit to hide itself. A hacker used the rootkit to avoid the spyware of a popular game. And there were even calls for a worldwide Sony boycott. After all, if you can't trust Sony not to infect your computer when you buy its music CDs, can you trust it to sell you an uninfected computer in the first place? That's a good question, but -- again -- not the real story.
It's yet another situation where Macintosh users can watch, amused (well, mostly) from the sidelines, wondering why anyone still uses Microsoft Windows. But certainly, even that is not the real story.
The story to pay attention to here is the collusion between big media companies who try to control what we do on our computers and computer-security companies who are supposed to be protecting us.
Initial estimates are that more than half a million computers worldwide are infected with this Sony rootkit. Those are amazing infection numbers, making this one of the most serious internet epidemics of all time -- on a par with worms like Blaster, Slammer, Code Red and Nimda.
What do you think of your antivirus company, the one that didn't notice Sony's rootkit as it infected half a million computers? And this isn't one of those lightning-fast internet worms; this one has been spreading since mid-2004. Because it spread through infected CDs, not through internet connections, they didn't notice? This is exactly the kind of thing we're paying those companies to detect -- especially because the rootkit was phoning home.
But much worse than not detecting it before Russinovich's discovery was the deafening silence that followed. When a new piece of malware is found, security companies fall over themselves to clean our computers and inoculate our networks. Not in this case.
McAfee didn't add detection code until Nov. 9, and as of Nov. 15 it doesn't remove the rootkit, only the cloaking device. The company admits on its web page that this is a lousy compromise. "McAfee detects, removes and prevents reinstallation of XCP." That's the cloaking code. "Please note that removal will not impair the copyright-protection mechanisms installed from the CD. There have been reports of system crashes possibly resulting from uninstalling XCP." Thanks for the warning.
Symantec's response to the rootkit has, to put it kindly, evolved. At first the company didn't consider XCP malware at all. It wasn't until Nov. 11 that Symantec posted a tool to remove the cloaking. As of Nov. 15, it is still wishy-washy about it, explaining that "this rootkit was designed to hide a legitimate application, but it can be used to hide other objects, including malicious software."
The only thing that makes this rootkit legitimate is that a multinational corporation put it on your computer, not a criminal organization.
You might expect Microsoft to be the first company to condemn this rootkit. After all, XCP corrupts Windows' internals in a pretty nasty way. It's the sort of behavior that could easily lead to system crashes -- crashes that customers would blame on Microsoft. But it wasn't until Nov. 13, when public pressure was just too great to ignore, that Microsoft announced it would update its security tools to detect and remove the cloaking portion of the rootkit.
Perhaps the only security company that deserves praise is F-Secure, the first and the loudest critic of Sony's actions. And Sysinternals, of course, which hosts Russinovich's blog and brought this to light.
Bad security happens. It always has and it always will. And companies do stupid things; always have and always will. But the reason we buy security products from Symantec, McAfee and others is to protect us from bad security.
I truly believed that even in the biggest and most-corporate security company there are people with hackerish instincts, people who will do the right thing and blow the whistle. That all the big security companies, with over a year's lead time, would fail to notice or do anything about this Sony rootkit demonstrates incompetence at best, and lousy ethics at worst.
Microsoft I can understand. The company is a fan of invasive copy protection -- it's being built into the next version of Windows. Microsoft is trying to work with media companies like Sony, hoping Windows becomes the media-distribution channel of choice. And Microsoft is known for watching out for its business interests at the expense of those of its customers.
What happens when the creators of malware collude with the very companies we hire to protect us from that malware?
We users lose, that's what happens. A dangerous and damaging rootkit gets introduced into the wild, and half a million computers get infected before anyone does anything.
Who are the security companies really working for? It's unlikely that this Sony rootkit is the only example of a media company using this technology. Which security company has engineers looking for the others who might be doing it? And what will they do if they find one? What will they do the next time some multinational company decides that owning your computers is a good idea?
These questions are the real story, and we all deserve answers. -
Adam, I would encourage you to not take the reactions of some people personally. Concepts and ideas that generate strong feelings in people can't exist in the air. It is human nature to feel the need to vent strong feelings and reactions on someone and not into the air. When you share your legal perspective, it is very helpful. But it is unfortunately natural for people to use you as the point of attack to vent their outrage or other feelings when you are the one who points out the issues at hand.Originally Posted by adam
On occasion, the strong reactions that people demonstrate are harbingers of future law and in some cases even Constitutional amendments. The collective will of the people is sometimes the impetus that changes or generates changes to law and even the Constitution. After all is said and done, the people collectively are the ultimate authority. This can even go so far as the creation of Constitutional amendments. How many of the Constitutional amendments that we have today would have been generated if it were not for STRONG reactions of the people to an unfairness or impropriety, e.g. women's right to vote. The law is not the ultimate authority. It is the mechanism by which a society maintains order. From time to time laws are changed, new laws are made and even the Constitution is amended as dictated by the people.
Sometimes, those in any profession including the legal profession become a bit myopic and see things as they exist as the absolute way that it is. But that is not really true. I am not suggesting necessarily that this issue will rise to the level of outrage that will precipitate changes to law or even the Constitution, but it has happened before. So sometimes when you hear people sounding off and venting strong feelings or even rage, take a step back and don't take it personally. You may just be witnessing the genesis of new law or even occasionally a Constitutional amendment. -
Bruce Schneier missing the point with the anitvirus companies. In the US, it would have been illegal (and still is) to remove the rootkit. Doing so is a clear cut violation of the DMCA. Most of the big security companies are either based in the US or have a stong presence here. I'm sure there was strong pressure internally from their own legal departments to ignore this. Only now with public outcry so strong against Sony can they risk it.
However, they still should have stepped up to the plate and taken the (then) inevitable DMCA lawsuit. But, as with all things, business reasons trumped security. -
Microsoft is involved now so the DMCA is nullified in the face of the monopoly.Originally Posted by phelix
-
Originally Posted by phelixIt looks as if they didn't even detect it for over a year. Every hacker in the world knew it was there and we still do not know how many of them took advantage of it. We may never know.What do you think of your antivirus company, the one that didn't notice Sony's rootkit as it infected half a million computers? And this isn't one of those lightning-fast internet worms; this one has been spreading since mid-2004. Because it spread through infected CDs, not through internet connections, they didn't notice? This is exactly the kind of thing we're paying those companies to detect -- especially because the rootkit was phoning home.
But much worse than not detecting it before Russinovich's discovery was the deafening silence that followed. When a new piece of malware is found, security companies fall over themselves to clean our computers and inoculate our networks. Not in this case.
McAfee didn't add detection code until Nov. 9, and as of Nov. 15 it doesn't remove the rootkit, only the cloaking device. The company admits on its web page that this is a lousy compromise. "McAfee detects, removes and prevents reinstallation of XCP." That's the cloaking code. "Please note that removal will not impair the copyright-protection mechanisms installed from the CD. There have been reports of system crashes possibly resulting from uninstalling XCP." Thanks for the warning.
Symantec's response to the rootkit has, to put it kindly, evolved. At first the company didn't consider XCP malware at all. It wasn't until Nov. 11 that Symantec posted a tool to remove the cloaking. As of Nov. 15, it is still wishy-washy about it, explaining that "this rootkit was designed to hide a legitimate application, but it can be used to hide other objects, including malicious software."
The only thing that makes this rootkit legitimate is that a multinational corporation put it on your computer, not a criminal organization.
That is scary and irresponsible. -
Sony Quality Management Department 800 Number:
1-800-255-7514
You may also write them at:
Sony Music
550 Madison Ave, 24th Fl
New York, NY 10022-3211 -
And say what that hasn't already been said?
Well, I'll be speaking via my wallet.
Scott -
Not a lawyer bu tI'd argue that point. That would be like saying you can't have a cop arreseted that just burgarlized your house because he's a cop.Bruce Schneier missing the point with the anitvirus companies. In the US, it would have been illegal (and still is) to remove the rootkit......
They know it now, I've seen no mention of any viruses written to take advantage of this prior to it becoming news.Originally Posted by GullyFoyle -
wow, this thread took some reading to catch up
-
FWIW, I just updated my copy of Sypsweeper
www.webroot.com
and I notice it now has the option to check for rootkits. I do not recall this as an option before. So some good IMHO has come out of this mess. Now vendors are at least checking for the existence of rootkits.
Also IMHO SypSweeper is one of the better Spyware cleaning software(s) out on the market.
Some others that are legitimate are Spybot Search & destroy, Ad-Aware, Pest Patrol, Ewido security suite, CWshredder (only for Cool Web Search). Some other utilities I use would be HiJackThis, Kazaa Begone, HostFilesReader, VX2Finder, and of course Microsoft Antispyware Beta for Win2K and XP only. Spyware guard, Spyware Blaster help keep inefctions out
A couple of Caveats, Hijack this can be dangerous to your windows health so be very cautious using it.
Brief Disclaimer: to the best of my knowledge these are legitimate programs.
http://forums.tomcoyote.org/lofiversion/index.php/t39029.html
is a listing of rogue/suspect and legitimate programs.
Hope this info helps anyone with concerns about spyware including rootkits.
Cheers -
Sony's list:CD’s Containing XCP Content Protection Technology
Note: We will shortly be releasing new versions of these titles without the XCP software. You therefore need to check this list for both the name of the album and the item number (which can be found on the spine of the CD). If the item number is not listed below, your CD does not contain XCP content protection. Please note, DualDiscs do not use XCP content protection and are therefore not included in this program.
http://cp.sonybmg.com/xcp/english/titles.html
That looks like more than 20 cds to me.
Copy protection an experiment in progress
http://seattlepi.nwsource.com/business/1310AP_Music_Copy_Protection.html
Edit: fixed url -
Spybot blocks a tracking cookie then I get a 404 error....Originally Posted by somebodeez
-
thecoalman,Originally Posted by thecoalmanSpybot blocks a tracking cookie then I get a 404 error....Originally Posted by somebodeez
somebodeez missed l at the end. Try this:
http://cp.sonybmg.com/xcp/english/titles.html -
Another article in USA-TODAY:
"CD woes may have had roots in merger"
http://www.usatoday.com/money/industries/technology/2005-11-17-sony-cds_x.htmBy Jefferson Graham, USA TODAY
It sounded like music to record executives' ears.
Copy-protection software that would to do the impossible: make CDs that couldn't be repeatedly copied.
Britain's First 4 Internet landed meetings with the four major record labels, trying to sell software called XCP. The concept was that consumers could burn one copy and one copy only, defeating the rampant piracy that the industry says costs it billions in lost revenue.
Each label signed up. EMI, Warner Music and Universal employed the company only for trials, using a limited form of XCP that scrambled the CD for pre-release promotional copies sent to critics.
Sony BMG, the world's second-largest label, decided to go one step further, releasing more than 50 consumer titles with the strictest form of copy protection ever used by the music industry. -
Oops, SorryOriginally Posted by MozartMan
Quote
Similar Threads
-
Make new home cinema system Sony DAV-IS10 region free
By johli in forum DVD & Blu-ray PlayersReplies: 2Last Post: 6th Mar 2010, 16:37 -
Sony DAV-IS10 home theatre system
By joemarsh in forum DVD & Blu-ray PlayersReplies: 1Last Post: 12th Jan 2009, 13:07 -
Can Sony PS3 system play copied DVD movie?
By coody in forum DVD & Blu-ray PlayersReplies: 5Last Post: 11th Jan 2009, 00:33 -
Sony DAV-HDX265 ALL REGION/TV SYSTEM HACK----HELP!
By DVD superfreak in forum DVD & Blu-ray PlayersReplies: 6Last Post: 20th Feb 2008, 11:57 -
Sony Unveils Next-Generation TV Technology
By roma_turok in forum Latest Video NewsReplies: 21Last Post: 28th Nov 2007, 05:15