Ravenwood - 11/14/05 06:00 AM
Sony is suspending production of CDs with anti-piracy software, after it was discovered that the software was being installed without the user's knowledge and transmitting information back to Sony without the user's knowledge. The announcement came after Homeland Security "official" Stewart Baker cautioned copyright owners about being too aggressive.
"It's very important to remember that it's your intellectual property, it's not your computer," Baker said at a trade conference on piracy. "And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days." [...]It was also discovered that hackers have been able to exploit Sony's anti-piracy technology to avoid detection. Sony cloaked their anti-piracy software to prevent the user from detecting it, and hackers were able to piggyback on that to avoid detection as well.Security researchers have described Sony's technology as "spyware," saying it is difficult to remove, transmits without warning details about what music is playing, and that Sony's notice to consumers about the technology was inadequate. Sony executives have rejected the description of their technology as spyware.
Category: Pleasure Police
Comments (2) top link me
Wow, it's worse than we thought. Via Digg.com
http://dewinter.com/modules.php?name=News&file=article&sid=215
"The spyware that Sony installs on the computers of music fans does not even seem to be correct in terms of copyright law."
...
"It turns out that the rootkit contains pieces of code that are identical to LAME, an open source mp3-encoder, and thereby breach the license.
"This software is licensed under the so called Lesser Gnu Public License (LGPL). According to this license Sony must comply with a couple of demands. Amongst others, they have to indicate in a copyright notice that they make use of the software. The company must also deliver the source code to the open-source libraries or otherwise make these available. And finally, they must deliver or otherwise make available the in between form between source code and executable code, the so called objectfiles, with which others can make comparable software."
--
Ok, so not only did sony install a root kit (basically a back door in the users PC that lets someone hack in remotely) and take pains to hide it, but as part of the scheme to protect their intellectual property, they seem to have stole the intellectual property of an open source project.
Ahh, I can hear the shredders roar over at sony from here.
You or I would go away to jail for a long time for a crime like this. Sony will likely end up just paying a fraction of a percentage of their income as a fine. Participants in a class action lawsuit will get coupons worth $1.98 off their next sony CD purchase, while the lawyers for the collective defendants will get millions.
Posted by: Standard Mischief at November 14, 2005 7:53 AMUgh, looks like I'm spreading disinformation. from the EFF website:
http://www.eff.org/deeplinks/archives/004144.php
"You insert your CD into your Windows PC, click "agree" in the pop up window, and the CD automatically installs software that uses rootkit techniques to cloak itself from you. Sony-BMG has released a "patch" that supposedly "uncloaks" the XCP software, but it creates new problems."
---
OK so that's "rootkit techniques to cloak itself", not necessarily an actual root kit. Sorry 'bout that.
Posted by: Standard Mischief at November 14, 2005 8:04 AM(c) Ravenwood and Associates, 1990 - 2014