Sony is at it Again - This times it's SunnComm

[thecoalman]

sometimes they will leave for the "better deal" but a large number of them will come back to you, if nothing else, for customer service.....

I do provide excellent service to the point where customers are willing to pay a few extra dollars to have me provide the service as opposed to the other guy even when they know they are getting the exact same product. In my case though it's more than that, to be labled anthracite it has to meet a set standard but the standard isn't exactly a premium product so the quality can vary widely from one place to the next under the same lable. I only purchase a high quality product but pay more for it as do my customers.

There's some people that will never buy coal from me because my price is quite a bit more than the other guy. Many do shop for price and no matter what you do you'll never convince them of the difference. Once I get a cutomer few rarely leave though, especially if they have been burned once by the other guy, I lose more customers to death than anything else....

Word of mouth is probably the biggest advertising tool I have, people talk. I think in the end this is really going to hurt Sony. Most of the people purchasing these CD's are not going to have the knowledge to understand what they do to a computer so they are going to avaoid them altogether simply because word has spread that they can screw your computer up. That may carry over to other protected CD's as well whether there's issues or not.

No matter what the law is people want to be able to use the music they purchase where and when they want. If the music industry doesn't wake up to this fact and continues down the road they are on now they are not going to last that long. At some point another company is going to provid what people want and people will flock to it, just look at Itunes. I'd imagine musicians are getting fed up with it as well, they just need someone to step up to the plate and provide what consumers want.

[jimdagys]

I am in China and nobody copies movies or music. The reason is any store bought DVD movie costs 40 cents and a cd music costs 10 cents. A blank DVD-R costs 40 cents and a blank cd-r costs 10 cents. But even cheaper, you can go to any internet cafe (costs 15 cents/hour with free tea) and watch unlimited free DVD quality the latest movies in comfortable chairs, 24/7. The movies are on the server (100mbps).

[adam]

When you talk of 40 cents per DVD and 10 cents per CD you aren't talking about official releases though are you? I don't see how at those prices. Those sound like illegal DVD/CD silvers. So yes, people ARE copying movies and music just on a much larger and much more commercial level. I think most people would agree that this is far worse than the casual copying that American media companies are going after.

China is known for being a haven for bootlegging movies and music and I hardly think it is an example of a better system of distribution. Obviously the industries cannot afford to charge so little because they actually have to recoup the millions of dollars spent on producing the work, something that the bootleggers don't have to worry about.

Is that unlimited downloaded movie thing legit? Sounds pretty cool if so but not if you have to watch it on a tiny monitor.

[ROF]

Those guys and gals in China get all the good deals. They get newer game systems, larger capacity drives, dirt cheap media, and even a sub $100USD windows. Most of what is purchased is black market products, but since it's sold in stores over there most don't even realize this.

[painkiller]

Some years back, I bought Photoshop 3 at a computer show here iin Baltimore.

When I tried to install it, it wouldn't so I called Adobe.
After some discussion - I mentioned it just wouldn't go past the dialog asking for the serial number. I was informed that there were at least 23 to 25 other copies using the same serial number.

I told them - well, it certainly looked like your product complete with official looking manual and silkscreened media. They told me they would "make me good" and I sent copies of my receipts and other documentation back to them.

Around that timeframe, there used to be two different outfits holding these computer show events. Shortly after this incident, there remains only one.

So it happens here in the States, too.

[ROF]

I purchased a 10 pack of Windows 2000 from Israel because of a dirt cheap price. None of them were valid. After a similiar discussion with Microsoft I faxed them a copy of the receipt. After almost 2 weeks of waiting I got a reply with 10 new keys. If you can prove you purchased media from a pirate organization the company will in most cases help you out. They do so because by telling them where you got these from they can usually shut down the organization. In this case, the website I bought them from was gone by the time I got my valid keys.

[robertazimmerman]

There seems to be one thing that many people are forgetting. Music (like many other art forms) is a form of entertainment. If you do not like that form of entertainment, or if you do not wish to invest your hard-earned cash to indulge in it, then don't partake. I am not a fan of opera, so I don't buy tickets to see opera. I'm also not crazy about synchronized swimming, so I choose not to pay to see it in person.

If you do not wish to watch movies at home, don't buy DVDs. If you don't want to listen to music, don't buy CDs. Frankly, I don't care what type of copy protection the companies embed in their CDs. If they cause me problems, such as not being able to play them in my home, car or portables, then I may choose not to buy them.

The company I work for has developed and manufactures software for a specific industry. If users don't like our software, they have the option of not buying it, but they do not have the option of bypassing its protection or copying an associate's package.

Music lovers - you do not have a "right" to the music. You have an option to either buy or not buy it. End of story.

roberta

[SCDVD]

Frankly, I don't care what type of copy protection the companies embed in their CDs. If they cause me problems, such as not being able to play them in my home, car or portables, then I may choose not to buy them.

roberta

If what you say were the extent of the problem, that would be one thing but this stunt that Sony pulled goes far beyond that. First of all, many users had their computers infected with a nasty Rootkit piece of malware simply by playing a CD in their computer with no knowledge of the nefarious slime that was going on in their computer. Among other things, this Rootkit reports back to Sony information about the music the user is listening to. It also makes the users' computers vulnerable to attacks by malicious thugs who want to exploit the vulnerability. Lastly, it isn't possible to remove it without damaging the operating system. So a hard disc format and a complete system rebuild is necessary to restore the system to its undamaged state. You may not mind this sort of MAJOR inconvenience, but I and many others do. You make it sound benign but it isn't, not by any means. So I'm afraid that it isn't "the end of story".

[ROF]

Frankly, I don't care what type of copy protection the companies embed in their CDs. If they cause me problems, such as not being able to play them in my home, car or portables, then I may choose not to buy them.

roberta

If what you say were the extent of the problem, that would be one thing but this stunt that Sony pulled goes far beyond that. First of all, many users had their computers infected with a nasty Rootkit piece of malware simply by playing a CD in their computer with no knowledge of the nefarious slime that was going on in their computer. Among other things this Rootkit reports back to Sony information about the music the user is listening to. It also makes the users' computers vulnerable to attacks by malicious thugs who want to exploit the vulnerability. Lastly, it isn't possible to remove it without damaging the operating system. So a hard disc format and a complete system rebuild is necessary to restore the system to its undamaged state. You may not mind this sort of MAJOR inconvenience, but I and many others do. You make it sound benign but it isn't, not by any means. So I'm afraid that it isn't "the end of story".

Let's clarify something. I've been running the Sony Rootkit on an internet connected system for over 48 hours now. The system is functioning normally with no system resources being hogged or any attempt to broadcast information outside the system. No users are vulnerable to attack if they are using proper firewall software since I was gaming on the machine last night(always invites snoopers). I've also listened to several music CDs and MP3 files without the rootkit getting in the way or reporting to Sony my activities.

I'll be removing this rootkit via Sony's directive next week after running this test for a full week. At that time I will attest to whether it cripples the system or not.

So far, it's completely benign and if you read the CD insert it includes a warning about the software being installed and Sony not being responsible for any damage caused by it. The rootkit by itself does nothing but what it's supposed to. If you are running an unprotected system which causes your system to be vulnerable this rootkit should be the least of your troubles. Even Microsoft acknowledged the need for active firewalls and includes them on their latest OSs. While the firewall is active, the rootkit is unable to be taken advantage of.

[gadgetguy]

ROF What is your method of testing whether the software is "phoning home" or not. If I understand the description of the problem, you are not able to detect the rootkit by any software running ON THE SAME COMPUTER. Do you have a seperate hardware network monitor tracking the test computer and do you utilyze a hardware firewall?

[Timmychuck]

Not putting any one down, but this is old news.
I post this last year, of a Beastie Boys CD

https://www.videohelp.com/forum/viewtopic.php?t=227027&highlight=

[thecoalman]

Let's clarify something.

Yes lets, the information I posted above was from the website that originally publisged the information about the rootkit. Here's the mans credentials:

Mark Russinovich is Chief Software Architect and co-founder of Winternals Software (www.winternals.com), a company that specializes in advanced systems software for Microsoft Windows. Mark is coauthor of Inside Windows 2000, Third Edition (Microsoft Press) with David Solomon and the Fourth Edition, entitled Windows Internals. He and David Solomon also deliver public and private seminars on Windows operating system internals and advanced troubleshooting to numerous companies and organizations, including regular deliveries to Microsoft. They also created a 12 hour self-paced Windows internals video tutorial that Microsoft has licensed for worldwide corporate use.

Mark is a Microsoft Most Valuable Professional (MVP) and serves as senior contributing editor for Windows IT Pro magazine where he writes for the Windows Power Tools column. He is also a frequent speaker at major industry conferences such as Microsoft Tech Ed, IT Forum, Windows IT Pro Magazine's Connections and Redmond Magazine's TechMentor.

Mark has a B.S. from Carnegie Mellon University and a M.S. from Rensselaer Polytechnic Institute, both in computer engineering. In 1994, he earned a Ph.D. from Carnegie Mellon University, also in computer engineering. After working briefly at NuMega Technologies (now Compuware NuMega Laboratories), Mark worked for two and a half years at IBM's Thomas J. Watson Research Center in New York, where he participated in the research and development of kernel-mode Web server-accelerator technologies. He can be reached at mark@sysinternals.com.

If you find different than what I posted then I suggest contacting him to dispute his claims. Additionally his claims have been backed up by other highly qualified professionals in his fields including a professor of computer science at Princeton University. These are not people out to pirate CD's but professionals in the computer industry. I'm assuming by your research you have proved them wrong. Please enlighten us and the rest of the world.

[Dv8ted2]

Let's clarify something.

Yes lets, the information I posted above was from the website that originally publisged the information about the rootkit. Here's the mans credentials:

Mark Russinovich is Chief Software Architect and co-founder of Winternals Software (www.winternals.com), a company that specializes in advanced systems software for Microsoft Windows. Mark is coauthor of Inside Windows 2000, Third Edition (Microsoft Press) with David Solomon and the Fourth Edition, entitled Windows Internals. He and David Solomon also deliver public and private seminars on Windows operating system internals and advanced troubleshooting to numerous companies and organizations, including regular deliveries to Microsoft. They also created a 12 hour self-paced Windows internals video tutorial that Microsoft has licensed for worldwide corporate use.

Mark is a Microsoft Most Valuable Professional (MVP) and serves as senior contributing editor for Windows IT Pro magazine where he writes for the Windows Power Tools column. He is also a frequent speaker at major industry conferences such as Microsoft Tech Ed, IT Forum, Windows IT Pro Magazine's Connections and Redmond Magazine's TechMentor.

Mark has a B.S. from Carnegie Mellon University and a M.S. from Rensselaer Polytechnic Institute, both in computer engineering. In 1994, he earned a Ph.D. from Carnegie Mellon University, also in computer engineering. After working briefly at NuMega Technologies (now Compuware NuMega Laboratories), Mark worked for two and a half years at IBM's Thomas J. Watson Research Center in New York, where he participated in the research and development of kernel-mode Web server-accelerator technologies. He can be reached at mark@sysinternals.com.

If you find different than what I posted then I suggest contacting him to dispute his claims. Additionally his claims have been backed up by other highly qualified professionals in his fields including a professor of computer science at Princeton University. These are not people out to pirate CD's but professionals in the computer industry. I'm assuming by your research you have proved them wrong. Please enlighten us and the rest of the world.

Sony has realized the error of their ways.

here

[SCDVD]

The thing that most concerns me about a reckless self-anointed blowhard like ROF is that some readers of this forum who haven't been around long enough to know who he is can take things he says at face value as a valid input and create big problems for themselves. They don't realize this guy takes counter positions on issues and argues for the sheer perverse pleasure of it.

The Sony Rootkit IS dangerous as attested to by a number of leading computer scientists and professionals.

[painkiller]

There is another, very important point that probably most folk are not completely aware of.....

The ZoneLabs software firewall doesn't automatically tell you of absolutely every single attempt to communicate from your machine to the internet. There are defaults that allow for interaction between the installed machine and Microsoft, for example, in order to allow for updates and quite likely, other features unknown to us.

So who's to say that - regardless of firewall that you use - its internal defaults (accesible only through its expert mode) there wouldn't be other manufacturer's conditions to be automatically allowed without prompting the user all the time? and the DRM issues come to mind.

And I would be very interested in knowing if the "phoning home" as Mr. Russinovich has identified it - bypasses firewalls.

[jimdagys]

Regarding this previous question about China:
Is that unlimited downloaded movie thing legit? Sounds pretty cool if so but not if you have to watch it on a tiny monitor.
"Legit" in China simply means everybody does it. By the way, the monitors are high quality 19in and 24in monitors.

[Micker_C]

It's amazing, or perhaps omebic in nature that anyone can't see what's been going on for the last five months.

Sony has hosed enough systems that it's cost those who simply play a CD in their PC -Why? Because for one the intrusion opens and creates holes for malicous software, designed to bring a PC to it's knees, steal an infected users ID and make the CDROM useless -By design.

It's not just personal PC's we are discussing either, the code compromises small & large businesses -After all, the employee was 'Just' listening to a bought CD, right? -That knocked their whole security system to hell.

These 'Knights' supporting Sony and the likes, need to seriously learn something about PC security and then come back!

No company has the right to tamper with how a users PC functions, open a users PC to Blackhats or reduce the functionality ~Speed reduction via malicous code/disable hardware. I'm surprised MS, as yet has not taken them to task for harboring drivers that "Appear' ligit to the average user. More surprised that MS has not snarked them for "Tampering" with their OS kernel via ASPI hooks that are not intentional to promoting OS use and creating further work to maintain security.

Screw Sony and all those hybrid dogs, that know very little about the subject they discuss.

[ROF]

ROF What is your method of testing whether the software is "phoning home" or not. If I understand the description of the problem, you are not able to detect the rootkit by any software running ON THE SAME COMPUTER. Do you have a seperate hardware network monitor tracking the test computer and do you utilyze a hardware firewall?

Yes to both. I utilize a hardware fiewall and the server system monitors all traffic for intra-network and inter-network traffic. It includes logging, resolving IPs to names, etc. So far, I can surf the web, play different audio CDs, play the rootkit CD, play DVD/SVCD movies, play online gaming, I even did some capturing tonight using the TV Tuner. So far the rootkit has yet to transmit any info or interfere with any network traffic or system resources. I'd be interested in knowing what these guys with degrees know that my network doesn't.

The rootkit only is dangerous to those who do not operate a properly protected system online. Unless I'm missing something. The thing I'm going to be curious to see is how the removal of the rootkit goes. I'm expecting it to give me some issues. I'll report my findings in a little more than 48 hours. I want to give this thing at least a full week of usage on my network and then perform a removal.

Some say certain media is garbage or certain makes of memory modules are bad. While I do listen to that advice I've found most reports of those things are sketchy at best. The best test of system performance, media performance, or your experience is to actually try them with your hardware and software and see the results yourself. That's why I'm testing this rootkit. After listening to the articles and ignoring the hype I decided it was safe enough to try. So far my results have proved that to be true.

[gadgetguy]

I'd be interested in knowing what these guys with degrees know that my network doesn't.

They know what the rootkit's code is and what it's designed to do. If you haven't analyzed the code to see under what conditions the code manifests itself, then all your tests are inconclusive. By design, it is supposed to remain hidden from view and it appears that so far, on your test equipment, it is accomplishing that goal.

[ROF]

I'd be interested in knowing what these guys with degrees know that my network doesn't.

They know what the rootkit's code is and what it's designed to do. If you haven't analyzed the code to see under what conditions the code manifests itself, then all your tests are inconclusive. By design, it is supposed to remain hidden from view and it appears that so far, on your test equipment, it is accomplishing that goal.

While that maybe true for the system it's installed on, it doesn't hold water when the tests and analysis is done via network traffic monitored on a different system.

[gadgetguy]

But even if it never causes any problems on your test system because the proper conditions aren't met, that does not prove that it is harmless. It only proves that your system was missing one or more critical elements of the process.

[ROF]

But even if it never causes any problems on your test system because the proper conditions aren't met, that does not prove that it is harmless. It only proves that your system was missing one or more critical elements of the process.

Which critical elements? Which proper conditions?

[gadgetguy]

You've just proved my point. If you don't know what they are, then your tests are not valid.

I personally don't have the knowledge to analyze the code so I don't know under what conditions the rootkit will manifest itself, so I trust someone that does. That would be Mark Russinovich who's credentials are listed above.

[ROF]

You've just proved my point. If you don't know what they are, then your tests are not valid.

I personally don't have the knowledge to analyze the code so I don't know under what conditions the rootkit will manifest itself, so I trust someone that does. That would be Mark Russinovich who's credentials are listed above.

Actually by stating there are certain conditions and criteria which must be met proves you don't understand the nature of this rootkit. Analysis done by Mark has indicated that no transmissions occur(which I've verified). He does state there is the potential for it but it's currently not used. He also says that the system is vulnerable to hacking. Well, any system is vulnerable to hacking if not properly protected via hardware protection. So far no hacking has occured. He also explains how to uncloak the rootkit, which I've done. That's why I asked which critical elements or conditions should I be exploring in order to cause any problems? Mark can't find any and neither can I. Even Mark acknowledges that has system didn't suffer at all only that he couldn't trace certain issues before uncloaking and that removal of the drivers and such would cause system failure which is quite common of all system drivers.

So I'll ask again but you don't need to answer since you can't, which critical elements or conditions should I be checking for? So far, I have normal system functionality without any issues to report.

[thecoalman]

I'd be interested in knowing what these guys with degrees know that my network doesn't.

That's interesting ROF, they are all wrong. Who would have thought it. Must be a conspiracy and you have foiled their plot. I'd report this to Sony immediately. :P

[ROF]

I'd be interested in knowing what these guys with degrees know that my network doesn't.

That's interesting ROF, they are all wrong. Who would have thought it. Must be a conspiracy and you have foiled their plot. I'd report this to Sony immediately. :P

Actually they are correct and I've confirmed most of what Mark wrote. I haven't removed the rootkit yet so I don't know if my results will vary but since someone here thinks there are special conditions that must be met which both myself and Mark Russinovich haven't been able to find I'm asking those who may know what those conditions are and how I can make this rootkit behave badly. So far it has done nothing. The player collected info about different CDs I've used but even Media Player does that.

[gadgetguy]

All virus's or rootkits or even non-threatening software require conditions for execution. Those conditions don't need to be "special", but they do need to be met. Mark has identified and warned about code within the rootkit that could perform the actions we want to avoid. The fact that he hasn't announced, or even if he doesn't know, what conditions are required for that code to be executed doesn't negate the threat, but it does negate your test. How do you know that the code waits for a certain amount of activity before execution and that your 1 week test doesn't meet that threshold?

[vitualis]

ROF, once again, consider yourself warned.

Sony has lost the debate of public opinion. Even big GWB has pitched in to wave his finger at Sony.

Sony's "rootkit" may well be relatively benign on its own but the fact of the matter is that it is an unwanted piece of software that is covertly installed on your PC. That is bad bad bad bad bad. Before it was exposed, there was no way of uninstalling the software. Worse, it exposed an obvious security flaw which has since been exploited.

There are reasons why Sony has now made a 180 degree backflip, promised to send un-DRMed CDs and is now facing at least two lawsuits.

Sony's use of a "rootkit" is basically indefensible and an abuse and betrayal of trust to its customers. When I put a music CD into my computer, I don't expect software that I have not explicitly consented to being installed, to be installed.

This thread is over.

Regards.