Where are the Prosecutors? 35
a_greer2005 wonders: "In the past 5 years, we have seen plenty of virus writers in the United States brought to justice both criminally and when possible financially. In the past couple of weeks it has been discovered that Sony has shipped a rootkit, which is worse than the common spyware or virus, so I ask you, where are the law suits? Is anyone planning criminal/civil action at all? Does Sony frighten the entire legal industry? If nothing is done about this, will we have ANY right to tell a company 'NO' in the future when it comes to DRM worms -- Is this but a sample of things to come?" Update: 11/12 10:20 PM EDT by C :Whoops! Missed the fact that we've already reported on the fact that California has already started a class action suit against Sony (thanks to the posters that caught this). New York may soon follow. However that is only 2 states out of 50. Is there a possibility of more to follow?
SONY rootkit violates LPGL (Score:5, Interesting)
A computerexpert, whose name is known by the redaction, discovered that the cd "Get Right With The Man" by "Van Zant" contains strings from the library version.c of Lame. This can be conluded from the string: "http://www.mp3dev.org/", "0.90", "LAME3.95", "3.95", "3.95 ".
Re:SONY rootkit violates LPGL (Score:2)
Re:SONY rootkit violates LPGL (Score:3, Interesting)
Re:SONY rootkit violates LPGL (Score:2)
That has BabelFish's German to English fingerprints all over it. Unfortunately, the site doesn't site the German website that they plagiarized their content from, so I can't attempt to guess what "whose name is known by the redaction" really means (other than vaguely "who kept his name secret").
Re:SONY rootkit violates LPGL (Score:4, Informative)
http://www.webwereld.nl/articles/38285 [webwereld.nl]
Re:SONY rootkit violates LPGL (Score:4, Funny)
Re:SONY rootkit violates LPGL (Score:1)
Re:SONY rootkit violates LPGL (Score:3, Informative)
Re:SONY rootkit violates LPGL (Score:1)
Re:SONY rootkit violates LPGL (Score:1)
A fine statement - but with two minor drawbacks:
One, they are NOT music CDs;
Two, they are NOT music CDs, as you won't find the CD logo on these discs because they don't strictly adhere to the standards for music CDs.
Now technically speaking that's only one drawback, but it was such a big one that I thought it needed mentioning twice...
Re:SONY rootkit violates LPGL (Score:4, Insightful)
Just like you willingly ran an executable containing a virus? I don't buy it. Basically that argument comes down to a rootkit being okay for Sony because they are the good guys and not okay for anyone else because they are criminals/terrorists/anarchists.
Re:SONY rootkit violates LPGL (Score:1)
Re:SONY rootkit violates LPGL (Score:2)
They've got protection... (Score:4, Insightful)
Re:Let's not forget (Score:2)
There's winning the battle, and winning the war. Large corporations with deep pockets are well-suited to winning battles, but there isn't much they can do about losing the war with regard to the effects of negative public opinion.
Re:They've got protection... (Score:2)
But the real question is whether the Sony rootkit constitutes a criminal act on their part. If it is criminal (and I sure hope it is, I hate the idea that the only recourse we have against computer hackers is a civil action) when will the government discipline Sony?
Why should a major corporation be able to get away with hacking our computers and installing backdoors when we actually bought something from THE
Uhhh (Score:5, Informative)
Wrong! (Score:4, Informative)
Where have you been? (Score:1, Redundant)
Where have you been lately? [slashdot.org]
Not a rootkit (Score:3, Insightful)
Re:Not a rootkit (Score:4, Insightful)
A "virus" or "trojan" or "worm" is the software that performs the compromise. A "rootkit" allows the V/T/W writer to produce their creation with less effort.
Sony is directly responsible for reducing system security on PCs that have been infected with their rootkits. That is actionable, but likely nobody will go to jail.
Re:Not a rootkit (Score:2)
Re:Not a rootkit (Score:4, Informative)
Not hacked by Sony but others are beginning to take advantage as a result of Sony making it easy for them. Sony Rootkit Trojans Emerge [techtree.com]. So far, trojans Backdoor.IRC.Synd.a and its variant Backdoor.IRC.Synd.B have been detected.
The thing is... (Score:2)
Re:The thing is... (Score:3, Insightful)
It is just a dirty deal.
Re:The thing is... (Score:2, Insightful)
If it only FUCKS over the little guy, then fuck it - it's okay.
However, if it fucks over a big fish - then shit - we have to prosecute.
There's something distinctly wrong with that, and I really hope that that was not your intent.
Re:The thing is... (Score:3, Interesting)
Oh. So by that definition ANY rootkit is just peachy.
It's mostly single homer users affected
Where do you think those zombie botnets that send out all the crap spam are located?
That's right. Compromised home users who don't even know something's wrong because their system has been hit with a rootkit. Now Sony has created a powerful new tool for the spambot creators to use. Thanks Sony!
This is what you get... (Score:2, Interesting)
Some information (Score:4, Informative)
She did not install anything
She did not agree to anything
She never saw an EULA
Her computer could not RIP ANY CD's afterwards
All she did was attempt to import a CD into iTunes and from then on out any attempt to import CD's would freeze up her computer, not just XCD protected disks.
Re:Some information (Score:4, Informative)
On insertion (simulated here via the AUTORUN.EXE, since my autorun is off) the CD displays an "Enhanced CD Installer" window, which has the title and artist of the cd. "End User License Agreement" is off to the right.
In the center is the familiar legalese of the EULA - stating "IMPORTANT - READ CAREFULLY:" Off to the bottom is an "Agree/Disagree" radio button, which if you select Disagree (agree is defaulted, BTW - without any scrolling in the main EULA part) the CD automatically ejects to protect itself.
But it will not install any software if you select Disagree. Given, I am only able to test on this specific CD, so I can't really state with full authority that your mother clicked on "Next" without moving the radio button, but in my case you'd have to hit something to install this rootkit.
p.s. You can also rip away with EAC while the agreement is being displayed, if you don't want to turn off Autorun. My thoughts are to just turn off Autorun, however... It is handy in certain cases, but I'm not a typical user I guess.
pps bottom of my eula = (ID:239675.18 -- 1/7/2005)
Re:Some information (Score:2)
editor flambe (Score:1)
Bigger response than you think (Score:2)
It's not just a domestic issue anymore. Before CA filed or people began talking about the NY case, a consumer protection group from Italy filed suit.
The domestic issues are just the tip of the iceberg. Other countries that are not so impressed by the financial might of companies like Sony are going to nail anyone using such underhanded methods. Rootkits like this one most likely violates the Berne Convention, TRIPS, and possibly WIPO.
AC