VideoHelp Forum
+ Reply to Thread
Page 7 of 7
FirstFirst ... 5 6 7
Results 181 to 201 of 201
Thread
  1. Banned
    Join Date
    Sep 2005
    Location
    USA
    Search Comp PM
    Now here is an itme worth buying.
    http://www.firewheeldesign.com/rootkit/
    Quote Quote  
  2. Originally Posted by GullyFoyle
    Now here is an itme worth buying.
    http://www.firewheeldesign.com/rootkit/


    We don't know about you, but when we buy a music CD we consider it a friendly invitation for complete strangers to come in and make our computer their personal playground. Install hidden software that hijacks basic components of our system? Open us to attack from viruses and hackers? Sounds perfect!

    Fortunately Sony BMG is dedicated to making customers' dreams come true by producing CDs which, well, technically aren't—but provide hours of destabilizing entertainment. Remember—only pirates and communists believe in having control over their personal property.
    Pre-order Your T-Shirt Today
    Quote Quote  
  3. I've been trying to keep updated on this, so excuse me if this is a repost, BUT these are the first STEP BY STEP removal instructions I have found on the net for the XCP Rootkit malware.

    Enjoy if you will, I just used them on a PC and it appears that everything worked A-OK.

    This is NOT just a disable of the cloaking, it's a full "un-install". A little scary for the computer illiterate, but probably easy enough if you just follow the direction.

    http://www.pcdoctor-guide.com/wordpress/files/SONY-XCP-DRM-removal.pdf
    Quote Quote  
  4. EFF Files Class Action Lawsuit Against Sony BMG
    November 21, 2005

    http://www.eff.org/news/archives/2005_11.php#004192
    Quote Quote  
  5. Member painkiller's Avatar
    Join Date
    Aug 2002
    Location
    Planet? What Planet?
    Search Comp PM
    Well, so much for them learning their "lesson."
    ===============================

    http://www.theregister.co.uk/2005/11/22/analysis/


    ...
    For all the lawsuits, over-the fold-coverage in mainstream print and on primetime TV, and howls of anguish from the blogosphere, Sony Music has sailed through the rootkit CD fiasco largely unharmed.

    The only figure that matters - the bottom line - appears to be unaffected by the fiasco. CNet's John Borland reports, and as retailers confirmed to The Register, that Sony hasn't lost sales from popular titles infected with the notorious XCP copy-restriction technology.
    ...
    Your guesses are as good as ours, but it's hard not to conclude that the WiReD myth of a 'Rip Mix and Burn' population has been somewhat overstated. Only a third of CD purchasers actually play music on a PC. And a vanishingly small number of them appear to want to take their music anywhere other than where it's directed to go by the manufacturer. If a CD plays in the home stereo and the car, then that's quite enough digital freedom already for most people.

    This may have less to do with a public acceptance of artificial restrictions such as DRM than the fact that music tends to stay in hardware 'silos', and digital music tends to stay where it's bought, largely through apathy and forgetfulness.
    ...
    Whatever doesn't kill me, merely ticks me off. (Never again a Sony consumer.)
    Quote Quote  
  6. Banned
    Join Date
    Feb 2005
    Location
    USA
    Search Comp PM
    Sony will weather through this rootkit dilemma. I don't believe Sony as a corporation will be effected by this action. They have corrected the situation, ordered a recall of the defective product, and will probably pay some damages or settlements.
    Quote Quote  
  7. Member painkiller's Avatar
    Join Date
    Aug 2002
    Location
    Planet? What Planet?
    Search Comp PM
    The ONLY reason that SONY will weather this storm is beecause that multi-megabuck international corporation isn't likely to be charged with criminal conduct for this episode. The politics won't allow it to happen.

    Other, lower lifeforms would be hauled into court faster than you can say Jack Robinson.

    As for them "correcting the situation" - that wouldn't have happened at all were it not for those of us living here in the Internet and raising such a big stink about it (starting with the dogged research by SysInternals and F-Secure) the Major Media finally caught on and highlighted the problem for all to see. Especially and including SONY couldn't avoid it then.

    The arrogance of SONY stood throughout, for the most part. Only those of us paying attention - and driven by the emotions - will hold them to task.

    But we will likely be considered as "Little Dutch Boys" as the dike continues to crumble around us all.

    And since they can afford the fines, it will also not likely affect their bottom line, nor quarterly profits.
    Whatever doesn't kill me, merely ticks me off. (Never again a Sony consumer.)
    Quote Quote  
  8. Banned
    Join Date
    Feb 2005
    Location
    USA
    Search Comp PM
    Originally Posted by painkiller
    The ONLY reason that SONY will weather this storm is beecause that multi-megabuck international corporation isn't likely to be charged with criminal conduct for this episode. The politics won't allow it to happen.
    Nor will the courts since there is nothing criminal about what they did unless you want to call every P2P and FTP into question.

    Originally Posted by painkiller
    As for them "correcting the situation" - that wouldn't have happened at all were it not for those of us living here in the Internet and raising such a big stink about it (starting with the dogged research by SysInternals and F-Secure) the Major Media finally caught on and highlighted the problem for all to see. Especially and including SONY couldn't avoid it then.
    False. The reason they are correcting it is because Microsoft is releasing a patch and security companies are adding detection and removal tools for this thus making it quite useless. We living here in the internet had zero effect or maybe .00001 percent of an effect at best.

    Originally Posted by painkiller
    The arrogance of SONY stood throughout, for the most part. Only those of us paying attention - and driven by the emotions - will hold them to task.
    You talk a good talk but when it comes right down to it most here and elsewhere probably just ranted on the web, complained loudly to their peers, or even at the most desperate maybe sent a nasty email to Sony. Nobody here or elsewhere will hold them to the task unless they can profit from it. Majority shareholders continue to support Sony in their drive to protect their intellectual property.
    Quote Quote  
  9. Member rkr1958's Avatar
    Join Date
    Feb 2002
    Location
    Huntsville, AL, USA
    Search Comp PM
    It's a shame that Sony's heavyhanded tatics not only hurts their customers but now it's hurting the artist that sign with their label. Check this out ...

    Sony's Escalating "Spyware" Fiasco

    Sony's going to reap what they've sowed.
    Quote Quote  
  10. Banned
    Join Date
    Feb 2005
    Location
    USA
    Search Comp PM
    Originally Posted by rkr1958
    It's a shame that Sony's heavyhanded tatics not only hurts their customers but now it's hurting the artist that sign with their label. Check this out ...

    Sony's Escalating "Spyware" Fiasco

    Sony's going to reap what they've sowed.
    It isn't hurting this one that much considering the article says on November 22 this CD was ranked no. 25,802, but since then it has shot back up to 3,652 and the disc amazon is selling still contains the rootkit so even Amazon doesn't feel the need to become a part of the recall Sony issued. Most of what you read is overhyped BS. There are currently no active viruses that take advantage of this rootkit. There were attempts but they all failed.
    Quote Quote  
  11. Member
    Join Date
    Jul 2002
    Location
    Up in yo' bitch.
    Search Comp PM
    Originally Posted by ROF
    Originally Posted by rkr1958
    It's a shame that Sony's heavyhanded tatics not only hurts their customers but now it's hurting the artist that sign with their label. Check this out ...

    Sony's Escalating "Spyware" Fiasco

    Sony's going to reap what they've sowed.
    It isn't hurting this one that much considering the article says on November 22 this CD was ranked no. 25,802, but since then it has shot back up to 3,652 and the disc amazon is selling still contains the rootkit so even Amazon doesn't feel the need to become a part of the recall Sony issued. Most of what you read is overhyped BS. There are currently no active viruses that take advantage of this rootkit. There were attempts but they all failed.
    Is your name Troy? You remind me so much of my friend Troy. If he disagrees with you on something he states that "all those news stories are overhyped BS." He also turns to saying things like "they have already proven that all those attempts failed".

    Who are they? Where did you hear that the attempts to exploit rootkits failed? Who failed? I need sources!
    Quote Quote  
  12. Banned
    Join Date
    Feb 2005
    Location
    USA
    Search Comp PM
    Originally Posted by smearbrick1

    Is your name Troy? You remind me so much of my friend Troy. If he disagrees with you on something he states that "all those news stories are overhyped BS." He also turns to saying things like "they have already proven that all those attempts failed".

    Who are they? Where did you hear that the attempts to exploit rootkits failed? Who failed? I need sources!
    I only called it overhyped BS because I've never known a single CD to fall 20,000 points and back up 20,000 in just 7 days. The article quoted is full of BS. The only known virus was one created in Europe but it's payload failed to install correctly and therefore was useless. You need to read more then just this website if you want to learn about these things.
    Quote Quote  
  13. Member thecoalman's Avatar
    Join Date
    Feb 2004
    Location
    Pennsylvania
    Search PM
    Originally Posted by ROF

    Nor will the courts since there is nothing criminal about what they did unless you want to call every P2P and FTP into question.
    .
    Show me a FTP client that meets any of the following criteria:

    1. Embeds itself so deeply into OS it can't be found.
    2. Can't be uninstalled from the ADD/Remove
    3. If you attempt to uninstall manually it can give you a BSOD which will require Windows reinstall.
    4. Makes you sytem vulnerable to a permanent infestation of other spyware/viruses that will not be detected not because the software is flawed but because it's doing what it's meant to do.
    5. Continuosly uses system resources that you have no idea are in use <see #1>


    Shall I go on.... How you can possibly compare the rootkit that Sony Cd's install to FTP is beyond me.
    Quote Quote  
  14. Member
    Join Date
    Jul 2002
    Location
    Up in yo' bitch.
    Search Comp PM
    Originally Posted by ROF
    Originally Posted by smearbrick1

    Is your name Troy? You remind me so much of my friend Troy. If he disagrees with you on something he states that "all those news stories are overhyped BS." He also turns to saying things like "they have already proven that all those attempts failed".

    Who are they? Where did you hear that the attempts to exploit rootkits failed? Who failed? I need sources!
    I only called it overhyped BS because I've never known a single CD to fall 20,000 points and back up 20,000 in just 7 days. The article quoted is full of BS. The only known virus was one created in Europe but it's payload failed to install correctly and therefore was useless. You need to read more then just this website if you want to learn about these things.
    That's what I was asking. What were you reading when you found this information regarding the rootkit exploits?

    Unless quoted from a reliable source, I take anything written here with a grain of salt. I may speculate myself, but I don't believe in unsubstantiated (without facts) speculation.
    Quote Quote  
  15. Banned
    Join Date
    Feb 2005
    Location
    USA
    Search Comp PM
    Originally Posted by smearbrick1
    Originally Posted by ROF

    I only called it overhyped BS because I've never known a single CD to fall 20,000 points and back up 20,000 in just 7 days. The article quoted is full of BS. The only known virus was one created in Europe but it's payload failed to install correctly and therefore was useless. You need to read more then just this website if you want to learn about these things.
    That's what I was asking. What were you reading when you found this information regarding the rootkit exploits?

    Unless quoted from a reliable source, I take anything written here with a grain of salt. I may speculate myself, but I don't believe in unsubstantiated (without facts) speculation.
    Same here. That's why I called the article overhyped BS. Show me a CD that dropped 20,000 points and raised itself back up 20,000 points in a matter of one week. Any CD? Most of the writers of these articles take the slant of slamming Sony because it's what the readers want to hear. You need only view those who chime in to bash my opinions to see that the media isn't the only ones who only want to hear what they like to hear.
    Quote Quote  
  16. Member painkiller's Avatar
    Join Date
    Aug 2002
    Location
    Planet? What Planet?
    Search Comp PM
    (I knew this would be a mistake. there's just no talking to some folk. You try to help, you offer what you think is an educated opinion... what a waste of time.)
    Whatever doesn't kill me, merely ticks me off. (Never again a Sony consumer.)
    Quote Quote  
  17. Originally Posted by painkiller
    (I knew this would be a mistake. there's just no talking to some folk. You try to help, you offer what you think is an educated opinion... what a waste of time.)
    Well, I for one *do* appreciate the educated opinions and just disregard the idiotic ones because I have no trouble recognizing those for what they are
    Quote Quote  
  18. Member painkiller's Avatar
    Join Date
    Aug 2002
    Location
    Planet? What Planet?
    Search Comp PM
    http://www.businessweek.com/technology/content/nov2005/tc20051129_938966.htm


    Sony BMG's Costly Silence
    The label was alerted to the secret, virus-vulnerable software on its CDs long before the scandal broke. Trouble is, it didn't act immediately to alert consumers
    For Sony BMG Music Entertainment, it has become a public-relations nightmare -- and it shows no signs of abating. On Oct. 31, computer-systems expert Mark Russinovich posted a message on his blog revealing that Sony BMG had placed anti-piracy software on music CDs that was difficult to detect and that made customers' PCs vulnerable to hacker attacks (see BW Online, 11/17/05, "Sony's Copyright Overreach").

    Since then, Sony BMG has been the subject of countless unflattering news reports and has been vilified in the blogosphere. On Nov. 21, Texas Attorney General Greg Abbott filed suit alleging that the label is violating the state's consumer-protection laws, and New York's bulldog attorney general, Eliot Spitzer, also is looking into the matter (see BW Online, 11/29/05, "Spitzer Gets on Sony BMG's Case").

    The flap has raised questions as to what Sony BMG knew -- and when the joint venture of Sony (SNE) and Germany's Bertelsmann knew it. Computer-security experts say the company's response is a cautionary tale for other entertainment companies hoping to make use of copyright-protection software.

    SLOW TO ACT? Sony BMG is in a catfight with a well-known computer-security outfit that became aware of the software problem on Sept. 30 and notified the music company on Oct. 4 -- nearly a month before the issue blew up. F-Secure, a Finland-based antivirus company that prides itself on being the first to spot new malware outbreaks, says Sony BMG didn't understand the software it was introducing to people's computers and was slow to react.

    "If [Sony] had woken up and smelled the coffee when we told them there was a problem, they could have avoided this trouble," says Mikko H. Hypponen, F-Secure's director of antivirus research.

    Sony BMG officials insist that they acted as quickly as they could, and that they expected to be able to go public and offer a software patch at the same time. However, Russinovich posted his blog item first, forcing Sony BMG to scramble to contain the crisis. It recalled millions of CDs recorded by 52 artists, including Van Zant, Celine Dion, and Neil Diamond. Plus, it offered exchanges to customers. "We're very, very sorry for the disruption and inconvenience that this has caused to music consumers," says Thomas Hesse, president of Sony BMG's Global Digital Business.

    Computer-security experts call Sony BMG's travails a wake-up call for the entertainment industry. The message: Know your technology lest it trip you up. Sony BMG outsourced the job of writing the software to a small British consultancy called First4Internet Ltd. The resulting program, called XCP, made it possible for hackers to hide malicious code in customers' PCs. Security experts say Sony BMG's second mistake was effectively loading the software onto customers' computers without telling them exactly what the software did (see BW Online, 11/29/05, "Rooting Out Sony BMG's Rootkit").

    "A DESPERATE ATTEMPT." Some say this episode shows that the recording industry's attempts to use digital-rights management software to stem the tide of piracy is fatally flawed. "Making digital files not copyable is like making water not wet," says Bruce Schneier, chief technology officer at security consulting firm Counterpane Internet Security. "You can't do it. DRM is a desperate attempt to cling to their old business model. They have to figure out how to make money in the new world."

    It didn't take a computer scientist with a PhD to sniff out Sony BMG's software glitch. It was spotted by John Guarino, owner of TecAngels.com, a two-person PC-repair outfit in midtown Manhattan. Guarino had for months been removing a pesky piece of so-called rootkit software found on clients' PCs. After investigating, he discovered that it was Sony BMG's software. His "Aha!" moment came on Sept. 30 when he loaded a CD by pop singer Amerie onto his laptop computer and confirmed that the offending software came with it.

    "This was really bad," he says. "The worst thing you can have on your computer right now is a rootkit, and Sony was installing it on people's computers."

    That's when F-Secure got into the act. Guarino sent an e-mail to the Finnish company, since it makes the rootkit-detector software that he used to investigate. F-Secure did its own investigation and notified Sony DADC, which manufactures Sony BMG CDs, on Oct. 4. Sony BMG says the e-mail, which was forwarded to it on Oct. 7, didn't signal a serious security issue. F-Secure said its rootkit-detection software had spotted a potential rootkit in XCP.

    CONFLICTING ACCOUNTS. "This e-mail, which we have also reviewed, seems to be about a routine matter," says Hesse. "While it did introduce the notion of a 'rootkit,' it did not suggest that this software was anything but benign."

    Nevertheless, Sony BMG asked First4Internet to investigate. Both Sony BMG and F-Secure say that it was on Oct. 17 that F-Secure first spelled out the full scope of the problem to Sony. The security company's report on the matter, sent that day to First4Internet and Sony BMG, confirmed there was a rootkit in XCP and warned that it made it possible for hackers to hide viruses and protect them from antivirus software products. F-Secure referred to XCP as a "major security risk," according to a copy of the e-mail supplied to BusinessWeek Online by F-Secure.

    Sony BMG says it asked the two software companies to investigate and find a solution to the problem. "From the moment our people learned that F-Secure had identified a potential problem we contacted our vendor and in no uncertain terms told them you have to get with F-Secure and find out what needs to be done about it," says Daniel Mandil, Sony BMG's general counsel.

    BOGGED DOWN. What happened next is in dispute. F-Secure had a conference call with executives of First4Internet on Oct. 20. It says First4Internet argued that there was no real problem because only a few people knew of the vulnerability XCP created, and said an update of the XCP software, due out early next year, would fix the problem on all future CDs.

    A person manning the phones at First4Internet's British offices said the company would not comment on the matter, and Sony BMG said it doesn't know what was said during that phone conference, since none of its employees participated.

    Next, F-Secure and Sony BMG held their own conference call. F-Secure says Sony BMG didn't seem inclined to do anything about the CDs that were already in circulation. "We told them it was a major security risk," says Santeri Kangas, F-Secure's director of research, who was on the call. "They thought we were silly. They wanted to keep the problem quiet." Sony BMG disputes this account.

    "Both of these vendors were put together to create a solution, a patch that would obviously culminate in a public announcement," says Sony BMG spokesman John McKay. Sony BMG planned to fix the glitch as soon as possible and to immediately make available a software patch that customers could download onto their computers to protect their machines from hackers. After Oct. 20, however, F-Secure and First4Internet made little progress because they couldn't agree on the terms of a nondisclosure agreement.

    POST MORTEM. Meantime, F-Secure decided against going public, but blogger Russinovich, who had found the XCP problem on his own, felt no such restraint. "I felt this was an issue that would be best addressed more quickly and thoroughly if handled in a public forum," he says. "I accomplished what I set out to do, which was raising awareness."

    Security experts say within a week of Russinovich's revelations, hackers had produced viruses designed to exploit the software. Sony's patch was available by then, and there have been no reports of a virus outbreak.

    Since the blowup, Sony BMG has been analyzing what transpired in search of what it should have done differently. "Right now, we are in the process of reviewing all of these initiatives," Hesse notes.

    ESSENTIAL LESSON. "We have taken this matter very seriously and have taken numerous steps, including issuing a software update, and creating and implementing an ambitious exchange program, to reach out to consumers and make this situation right," says McKay.

    Sony BMG's response is not likely to satisfy all of its customers -- and certainly not the bloggers who are calling for a consumer boycott. The best lesson that Sony BMG -- and the music industry -- can take away is to be more vigilant when it comes to the software they ask customers to load onto computers
    Whatever doesn't kill me, merely ticks me off. (Never again a Sony consumer.)
    Quote Quote  
  19. I for one am done with ALL Sony products!

    No Sony DVD burner.
    No Sony PS3.
    No Sony blank media.
    No Sony movies.
    No Sony music.
    No Sony appliances/hardware.
    No Sony video games.

    Now if I can find a list of other companies that are umbrella-ed under the Sony moniker, I'll personally boycott them too.

    This won't destroy Sony but it will make their competitors stronger.
    Quote Quote  
  20. Member painkiller's Avatar
    Join Date
    Aug 2002
    Location
    Planet? What Planet?
    Search Comp PM
    http://www.theregister.co.uk/2005/11/30/sony_drm_spitzer/

    Sony's DRM woes worsen
    By John Oates
    Published Wednesday 30th November 2005 10:51 GMT
    Sony BMG has done a marvellous job of dealing with fallout from secretly installing spyware on consumers' machines - but now unfortunately it has attracted the attention of New York's Attorney General Eliot (the Blitzer) Spitzer.

    Spitzer's office found that despite Sony's claim that it had recalled the affected products Sony's dodgy CDs were still available in various New York stores including BestBuy, Circuit City, Sam Goody, WalMart and Virgin Megastore.

    Spitzer said: "It is unacceptable that more than three weeks after this serious vulnerability was revealed, these same CDs are still on shelves, during the busiest shopping days of the year." He told consumers to take CDs back to retailers for a refund.

    The CDs contain malware which secretly installs itself onto your computer if you play the disc. This could leave your machine more at risk from hack attacks.

    Spitzer has not ruled out further legal action against the music giant.

    California and Texas have already filed lawsuits against Sony.

    Spitzer earned his reputation by forcing Merrill Lynch and other investment banks to do a better job of separating their supposedly independent research from investment activities.

    More details from BusinessWeek .

    Much of the cricitism of Sony is that it failed to act quickly enough when the problem became clear. This is likely to get worse with today's news that Finnish security firm F-Secure warned Sony about problems with its software on 4th October. This was followed by a more detailed report on 17 October.

    A few days later, 20 October, a conference call was held between First4Internet, which wrote the rootkit for Sony, F-Secure and Sony. F-Secure claims that Sony decided at that point to keep things quiet. At the end of October the vulnerability was found, and published, by software engineer Mark Russinovich.

    More details on BusinessWeek here
    Whatever doesn't kill me, merely ticks me off. (Never again a Sony consumer.)
    Quote Quote  



Similar Threads

Visit our sponsor! Try DVDFab and backup Blu-rays!