Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Security Government Sony The Courts News

Where are the Prosecutors? 35

Posted by Cliff
from the companies-violating-your-property dept.
a_greer2005 wonders: "In the past 5 years, we have seen plenty of virus writers in the United States brought to justice both criminally and when possible financially. In the past couple of weeks it has been discovered that Sony has shipped a rootkit, which is worse than the common spyware or virus, so I ask you, where are the law suits? Is anyone planning criminal/civil action at all? Does Sony frighten the entire legal industry? If nothing is done about this, will we have ANY right to tell a company 'NO' in the future when it comes to DRM worms -- Is this but a sample of things to come?" Update: 11/12 10:20 PM EDT by C :Whoops! Missed the fact that we've already reported on the fact that California has already started a class action suit against Sony (thanks to the posters that caught this). New York may soon follow. However that is only 2 states out of 50. Is there a possibility of more to follow?
This discussion has been archived. No new comments can be posted.

Where are the Prosecutors?

Comments Filter:
  • Uhhh (Score:5, Informative)

    by timdorr (213400) * on Friday November 11, 2005 @11:15PM (#14013554) Homepage
  • Some information (Score:4, Informative)

    by _LORAX_ (4790) on Friday November 11, 2005 @11:40PM (#14013635) Homepage
    I spent the better part of an hour yesterday ridding my mothers computer of this "rootkit". Most of that time was spent attempting to restore the use of her CD/DVD drive that went missing after the core DRM code is shut down. Before people get on my case, my mom is no idiot and is very protective of her computer. I asked her specifically if she ran or saw anything run when she put the CD in her drive and I believe her version of events.

    She did not install anything

    She did not agree to anything

    She never saw an EULA

    Her computer could not RIP ANY CD's afterwards

    All she did was attempt to import a CD into iTunes and from then on out any attempt to import CD's would freeze up her computer, not just XCD protected disks.
  • Re:Not a rootkit (Score:4, Informative)

    by max born (739948) on Saturday November 12, 2005 @12:39AM (#14013842)
    I don't believe there has been any indication of systems compromised and hacked into by Sony ...

    Not hacked by Sony but others are beginning to take advantage as a result of Sony making it easy for them. Sony Rootkit Trojans Emerge [techtree.com]. So far, trojans Backdoor.IRC.Synd.a and its variant Backdoor.IRC.Synd.B have been detected.
  • by Dachannien (617929) on Saturday November 12, 2005 @12:52AM (#14013897)
    It was Dutch, actually.

    http://www.webwereld.nl/articles/38285 [webwereld.nl]

  • Re:Some information (Score:4, Informative)

    by karnal (22275) on Saturday November 12, 2005 @01:11AM (#14013957)
    I have Our Lady Peace's new disc, Healthy in Paranoid Times.

    On insertion (simulated here via the AUTORUN.EXE, since my autorun is off) the CD displays an "Enhanced CD Installer" window, which has the title and artist of the cd. "End User License Agreement" is off to the right.

    In the center is the familiar legalese of the EULA - stating "IMPORTANT - READ CAREFULLY:" Off to the bottom is an "Agree/Disagree" radio button, which if you select Disagree (agree is defaulted, BTW - without any scrolling in the main EULA part) the CD automatically ejects to protect itself.

    But it will not install any software if you select Disagree. Given, I am only able to test on this specific CD, so I can't really state with full authority that your mother clicked on "Next" without moving the radio button, but in my case you'd have to hit something to install this rootkit.

    p.s. You can also rip away with EAC while the agreement is being displayed, if you don't want to turn off Autorun. My thoughts are to just turn off Autorun, however... It is handy in certain cases, but I'm not a typical user I guess.

    pps bottom of my eula = (ID:239675.18 -- 1/7/2005)
  • by dtfinch (661405) * on Saturday November 12, 2005 @01:48AM (#14014089) Journal
    You may expect a program CD to auto-run, but nobody expects a music CD to run executable code. You expect music CD's to simply be read and played, which does not involve running code from the CD. Music and data CD's are even encoded differently. Pure music CD's have no filesystem. If you look carefully on the surface of a DRM'd CD, you'll see two faint bands, a large outer band for audio, and a thin, almost invisible inner band for data. For a long time, CD's were either all-audio, or all-data, and almost never hybrid, and for the most part that's how it still is, which leads some people to the false assumption that music CD's can't infect their system.

    The amount of harm in installing a rootkit is often uncertain, except that there's always some harm. They modify internal operating system structures, and can cause quirks and instability. Rootkits simply do not get the same quality of testing as mature operating system code. We already know that Sony's DRM'd CD's will crash Windows Vista. At the very least, they cause a slight slowdown and make it easier for other unwanted programs to hide from the user. At the worst, any patch to the operating system which changes one of those internal structures could render a system running the rootkit unbootable, which for an average user (not most skilled users) means the loss of everything they had on the system, if they're forced to reformat and reinstall the system using the restore CD that came with the system. For such an inexperienced user, the damage caused by the rootkit could be in the tens of thousands of dollars.

    I got a computer science degree from Southern Oregon University, and I've taken a few classes on computer related legal issues, but none of which (as far as I can remember) has any relation to what I just said.
  • Wrong! (Score:4, Informative)

    by sconeu (64226) on Saturday November 12, 2005 @02:29AM (#14014197) Homepage Journal
    Nope. Class Action Suits are civil actions. Story Poster is asking "Where are the *CRIMINAL* penalties for this"?

"An ounce of prevention is worth a ton of code." -- an anonymous programmer