Page 7 of 9 FirstFirst ... 3456789 LastLast
Results 61 to 70 of 89

Thread: Sony DRM

  1. #61
    Junior Member
    Join Date
    Nov 2005
    Posts
    25

    Default

    Quote Originally Posted by tashi
    I believe bitman was considering that in the rush to find a fix there was the possible potential to cause even more damage.
    True, nobody would want that. A potential approach might be for Spybot to detect and offer to remove the rootkit component only, as Microsoft is apparently safely doing. Removing the "rootkit component", i.e, the cloaking of files, appears straightforward, see Nancy McAleavy's post at: http://www.dozleng.com/updates/topic7048 Once the rootkit has been detected, Spybot could point the user to the eventual Sony uninstaller if a reliable one becomes available. My understanding is that Princeton is working with Sony on this, thus adding credibility which is badly needed. The alternative of course is for Spybot to stay out of this altogether and leave it in the hands of others like Microsoft. The drawback is that while the MS Malicious Software Tool will remove the cloaking, it will not warn users of the remaining XCP which has been classified as malware by CA and others.

    Oh well.... no clear answer here, I realize
    Last edited by el cpu; 2005-11-22 at 20:06.

  2. #62
    Esteemed Member
    Join Date
    Oct 2005
    Posts
    554

    Default

    Quote Originally Posted by zak.wilson
    Of these, I think CA's attitude is the most appropriate. I suspect they don't provide a fully functional uninstaller because they haven't properly tested it yet, not because they don't want to. Symantec and McAfee appear to believe XCP is legitimate, but a potential security risk. Microsoft condems the rootkit functionality, but seems ok with the rest of it. Only CA condems the whole package.
    Quote Originally Posted by el cpu
    Oh well.... no clear answer here, I realize
    That's been my primary concern here all along and is part of the reason my own posts seem inconsistent, since they are discussing the situation from different angles as our knowledge of it has evolved over time.

    After researching the ASC 'Anti-Spyware Coalition Definitions and Supporting Documents', I can see why some have decided to label it malware, based on the definitions of a rootkit.

    Rootkits
    • System Modifying Software
      • Used to modify system and change user experience: e.g. home page, search page, default media player, or lower level system functions
        • Without appropriate consent, system modification is hijacking
        • Can compromise system integrity and security
        • Can drive user to spoofed web sites in order to steal their ID.
      • May be used for desirable customization

    http://www.antispywarecoalition.org/...efinitions.htm

    I think it's interesting that many Blogs and other online news outlets have referenced something relating to the ASC definitions, but as yet, I've seen no anti-malware vendor that has, even anti-spyware. CA references that "this variant of the XCP.Sony.Rootkit program still violates the eTrust PestPatrol Scorecard" for example, and they are even a member of the ASC themselves. I'm not impressed with what I see as the first test of the decisions made and presented by the ASC, though I understand these are simply considered guidance at this point.

    I also understand why many consider the Digital Rights Management itself to be undesirable, since nobody really wants their activities monitored, even for a legal purpose. However, that issue has become confused with the definitions of malware in this case, primarily due to the use of rootkit like hiding of files and modification of CD-ROM access. I don't personally see this as a malicious rootkit, since its purpose isn't truly to take complete control of your pc, though the line is admittedly extremely thin.

    The issues of DRM technology itself has lead to much of the interest in this situation, since few would care if this were done to protect say, a database of personal picture files from deletion by mistake for example. Any DRM discussion is inherently rife with politics and opinions, which hasn't got a true home in these forums as of yet. Unfortunately, this decision can't be made without considering them as we've seen.

    My final statement of opinion is that I feel it would be best for Sony to take the responsibility for removal of this software, both for their own education and the user community as a whole. However, there's nothing wrong with them asking the anti-malware community for aid in notification and distribution of the removal tool(s) developed. The result might be better choices and involvement by both communities in whatever Sony decides to try next. It's the adversarial situation which exists with DRM that is the true core problem that needs to be resolved.

  3. #63
    Junior Member
    Join Date
    Nov 2005
    Posts
    25

    Default

    Thanks bitman, good comments above. While I have disagreed with some of your opinions I have always appreciated your technical advise; I was a visitor to the old SB forum and used to see your comments there.

    As we are now aware, this case has taken a legal turn; the Attorney General of Texas (among others) has filed a lawsuit, http://www.chron.com/disp/story.mpl/...s/3476945.html. I wonder if Sony will issue the uninstaller any time soon due to the legal quagmire they find themselves in. This problem will be around for years to come as only a fraction of the XCP CDs now in circulation will eventually come in. They are still for sale here in Houston....
    Last edited by el cpu; 2005-11-23 at 05:32.

  4. #64
    Junior Member
    Join Date
    Nov 2005
    Posts
    4

    Default

    Quote Originally Posted by bitman
    I also understand why many consider the Digital Rights Management itself to be undesirable, since nobody really wants their activities monitored, even for a legal purpose. However, that issue has become confused with the definitions of malware in this case, primarily due to the use of rootkit like hiding of files and modification of CD-ROM access. I don't personally see this as a malicious rootkit, since its purpose isn't truly to take complete control of your pc, though the line is admittedly extremely thin.
    I think that distinction is critical if you're filing a lawsuit or criminal charges. I find it relatively unimportant to the question of how Spybot should classify the software: it's hidden software with harmful effects that's difficult to remove and unlikely to be installed on purpose if the user actually understands what it's going to do. That's exactly the sort of thing people run antispyware software to get rid of.
    Quote Originally Posted by bitman
    The issues of DRM technology itself has lead to much of the interest in this situation, since few would care if this were done to protect say, a database of personal picture files from deletion by mistake for example. Any DRM discussion is inherently rife with politics and opinions, which hasn't got a true home in these forums as of yet.
    Quite right about the political issues. I think most people would be unhappy if they installed a program that was intended to prevent accidental deletions and it cloaked itself, could not be removed safely and contacted its distributor without notifying the user or administrator. The problem here is not so much with DRM but with the methods used by XCP.
    Quote Originally Posted by bitman
    My final statement of opinion is that I feel it would be best for Sony to take the responsibility for removal of this software, both for their own education and the user community as a whole.
    I agree with you there, though I think they should ask First4Internet to share that responsibility as they're the ones who created the product. It would be nice if they offered assistance to the anti-malware community to develop their own solutions as well; after the first two removal utilities, I suspect many people aren't too inclined to trust Sony.

  5. #65
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Question

    But first, a few questions:

    Sony-baloney
    - http://www.securityfocus.com/columnists/370
    2005-11-22...

    ...not many answers yet.


    :(
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #66
    Junior Member
    Join Date
    Nov 2005
    Posts
    8

    Default

    Updates?

    Lets keep this up top for now.

  7. #67
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    There is nothing really new in the following article for an upcoming issue of Newsweek International, but it is interesting (non-technical) reading. Hopefully the article will keep the issue in the public eye and expand the awareness of the problem. I can only hope that the continued attention on the issue will help prevent similar abuses in the future.

    Sony Gets Caught With Slipped Discs
    http://msnbc.msn.com/id/10217704/site/newsweek/

    By Steven Levy
    Newsweek International

    Dec. 5, 2005 issue - Benjamin Franklin once remarked that the definition of insanity is doing the same thing over and over and expecting a different result. In that case, someone should immediately dispatch a cadre of psychiatrists to the headquarters of Sony. Its efforts to protect the music it sells have resulted—again—in unmitigated disaster. After infuriating its customers, alienating its artists and running afoul of the U.S. Homeland Security Department, Sony recently announced a recall of 52 CD titles—everyone from Dion to Celine Dion—protected with a flawed scheme that left customers' computers vulnerable to viruses and vandals. …
    Also:

    Since Sony's new CEO Howard Stringer is a smart guy, one might have assumed that he cautioned the company's music division, which recently merged with Bertelsmann's BMG label, that future efforts should not turn off customers by erring on the side of protection. ...
    My view, if Sony's new CEO Howard Stringer is a smart guy, one might assume that he would fire Thomas Hesse, President of Sony BMG's global digital business division, for this inane remark during a National Public Radio (NPR) interview on November 4, 2005 which demonstrated his contemptible disregard for the company's customers:

    Most people, I think, don't even know what a rootkit is, so why should they care about it?

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  8. #68
    Junior Member
    Join Date
    Nov 2005
    Posts
    3

    Default

    Quote Originally Posted by bitman
    At this point it's also obvious that anti-malware developers will have to become involved in the cleanup effort. Since the original software had no automatic update facility (that I've heard of anyway) there's no way to inform those with the issue directly.
    Turns out there is, and it would be technically trivial for Sony to do it. See

    http://www.benedelman.org/news/112105-1.html

  9. #69
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    According to the following article, F-Secure notified Sony BGM about the potential dangers of their XCP DRM software long before Mark Russinovich posted the problem on his Sysinternal's Blog and they failed to act:

    Sony BMG's Costly Silence
    The label was alerted to the secret, virus-vulnerable software on its CDs long before the scandal broke. Trouble is, it didn't act immediately to alert consumers
    http://www.businessweek.com/technolo...129_938966.htm

    For Sony BMG Music Entertainment, it has become a public-relations nightmare -- and it shows no signs of abating. On Oct. 31, computer-systems expert Mark Russinovich posted a message on his blog revealing that Sony BMG had placed anti-piracy software on music CDs that was difficult to detect and that made customers' PCs vulnerable to hacker attacks …
    SLOW TO ACT? Sony BMG is in a catfight with a well-known computer-security outfit that became aware of the software problem on Sept. 30 and notified the music company on Oct. 4 -- nearly a month before the issue blew up. F-Secure, a Finland-based antivirus company that prides itself on being the first to spot new malware outbreaks, says Sony BMG didn't understand the software it was introducing to people's computers and was slow to react. ...

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  10. #70
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,766

    Default

    Quote Originally Posted by md usa spybot fan
    I can only hope that the continued attention on the issue will help prevent similar abuses in the future.
    With the excellent and informed reporting such as we have seen here; one could indeed hope any such company will not further assume the public is completely uneducated in such matters.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •