Jump to content
aberdeen-music

Reptile

Members
 View Profile  See their activity

  • Posts

    74

  • Joined

  • Last visited

 Content Type 

Posts posted by Reptile

  1. Fuck sony

    in Music Discussion

    Posted

    Sony rootkit roundup, part II

    Immunize Yourself Against Sonys Dangerous Uninstaller: Princeton DRM researchers Ed Felten and Alex Halderman explain how to miitgate the security vulnerabilities left behind by Sony's incompetent "uninstaller" program.

    http://www.freedom-to-tinker.com/?p=930

    List of infected CDs: Sony finally lists the 52 titles infected with the XCP rootkit. Note that Sony initially claimed that fewer than half that number were infected.

    http://cp.sonybmg.com/xcp/english/titles.html

    US-CERT: Never Install Audio-CD DRM Software. The Department of Homeland Security's Computer Emergency Readiness Team advises that you never install CD DRM: "Do not install software from sources that you do not expect to contain software, such as an audio CD."

    http://www.eff.org/deeplinks/archives/004167.php

  6. Fuck sony

    in Music Discussion

    Posted

    Sony's spyware "remover" creates huge security hole

    Princeton's Ed Felten and Alex Halderman have published new research into a grave security vulnerability opened up if you run the "uninstaller" that Sony supplies to rid your PC of its malicious rootkit software, which it installs when you insert an audio CD into your PC, as a means of restricting your use of the music on the CD.

    The new vulnerability is as grave as a security vulnerability can be. If you run the uninstaller, your computer can be utterly compromised by an attacker who can reach it via the Web. Your computer can be made to run any code and surrender your data. It can be enlisted to act as a "zombie" for sending spam or attacking sites that are being shaken down in protection rackets.

    Ed and Alex have written a demo to show that this danger is real. They've also supplied instructions for removing this dangerous software from your PC.

    The music industry often warns against the use of P2P systems because they claim that P2P software can contain sneaky, malicious software that compromises your PC. Well, it appears that legitimately purchased CDs are deliberately corrupted with the same dangerous software.

    If you buy CDs, you risk your PC, you risk having your personal information stolen by crooks, and you risk having your equipment used to break the law.

    The consequences of the flaw are severe. It allows any web page you visit to download, install, and run any code it likes on your computer. Any web page can seize control of your computer; then it can do anything it likes. That's about as serious as a security flaw can get.

    The root of the problem is a serious design flaw in Sony's web-based uninstaller. When you first fill out Sony's form to request a copy of the uninstaller, the request form downloads and installs a program - an ActiveX control created by the DRM vendor, First4Internet - called CodeSupport. CodeSupport remains on your system after you leave Sony's site, and it is marked as safe for scripting, so any web page can ask CodeSupport to do things. One thing CodeSupport can be told to do is download and install code from an Internet site. Unfortunately, CodeSupport doesn't verify that the downloaded code actually came from Sony or First4Internet. This means any web page can make CodeSupport download and install code from any URL without asking the user's permission.

  7. Fuck sony

    in Music Discussion

    Posted

    Sony Loves You Loozer

    Sony begins to recall some infected CDs

    Sony is beginning a limited recall of some of the CDs it has shipped that were infected with dangerous, malicious rootkit software. However, Sony still hasn't shipped a working uninstaller for infected machines (the current uninstaller actually creates more vulnerabilities), offer restitution to people whose PCs were damaged by their software, or offered to pull CDs with its other malicious trojan, SunComm's MediaMax.

    Sony BMG Music Entertainment said Monday it will pull some of its most popular CDs from stores in response to backlash over copy-protection software on the discs. (Related item: Firestorm rages over lockdown on digital music)

    Sony also said it will offer exchanges for consumers who purchased the discs, which contain hidden files that leave them vulnerable to computer viruses when played on a PC.

    I wonder if new CDs you get from Sony will have any sneaky malware on them? I bet they will!

    :swearing:

  8. Fuck sony

    in Music Discussion

    Posted

    The story so far

    Sony anti-customer technology roundup and time-line

    Since Hallowe'en, we've been posting the details about he revelations relating to Sony's DRM systems, which show jaw-dropping contempt for their customers, for copyright law, for fair trading and for the public interest. With all these posts strung out over a couple weeks, I thought it was high time we put together an omnibus post, summing up all the posts to date:

    Oct 31: Sony DRM uses black-hat rootkits

    Mark Russinovich, a security researcher, discovers that Sony has been sneakily installing "rootkit"-based DRM on their customers' computers. Rootkits are black-hat hacker tools used to disguise the workings of their malicious software. Removing Sony's rootkit nukes your Windows installation.

    Nov 3: Sony releases de-rootkit-ifier, lies about risks from rootkits

    Sony announces a "service pack" for its rootkit DRM. It deceptively downplays the risks the rootkit presented. It turns out that the remover doesn't actually work, either.

    Nov 3: Felten on Sony's rootkit-"remover"

    Princeton DRM researcher Ed Felten analyzes Sony's rootkit "remover" and concludes that it's a hunk of junk: "they're almost certainly adding things to the system...they're not disclosing what they're doing."

    Nov 3: Defeat WoW spyware using Sony's rootkit

    Warden, a program used by Blizzard to scour World of Warcraft players' system and report on the contents to the company can be defeated with the Sony rootkit. Blizzard claims that Warden only detects a few programs that facilitate cheating, but researchers have found evidence to the contrary.

    Nov 8: Defend against Sony's rootkit with DRM-ripping software

    AnyDVD, a DVD-ripping program, advertises that it can also inoculate you against the Sony rootkit.

    Nov 9: List of CDs infected with Sony's rootkit DRM

    EFF releases a partial list of CDs believed infected to infected with Sony's rootkit. Buyer beware -- you're better off buying music from someone else.

    Nov 9: Sony's EULA is worse than their rootkit

    EFF attorney Fred von Lohmann analyzes the license agreement that accompanies Sony's rootkit DRM (that's right, a license to listen to an audio CD!). It is unbelievably outrageous, the kind of thing that makes you want to get a torch and a pitchfork and head over to the nearest Sony office.

    Nov 9: Wanna sue the pants off Sony?

    EFF is looking for people who bought rootkit-infected CDs to join a potential lawsuit against Sony

    Nov 10: Sony Music CDs infect Macs, too

    Mac users shouldn't be smug -- Sony's audio CDs also contain an app that patches OS X's kernel with unspecified restriction-software; though Mac users have to take a few more steps before their computers are compromised

    Nov 10: Fantastic screed against the coders who wrote the previous Sony DRM junk

    This isn't the first time Sony's been caught doing crap like this; the last time around a geek wrote an amazing rant excoriating the coders who helped Sony write its anti-customer malware

    Nov 11: Sony will stop shipping infectious CDs -- too little, too late

    Twelve days after being caught using rootkits, Sony announces that it will stop shipping rootkit-infected CDs. No recall of the existing rootkits, though -- and Sony doesn't come close to apologizing. Buying Sony CDs is a great way to screw up your PC, but a lousy way to acquire music.

    Nov 12: Sony's *other* malicious audio CD trojan

    Princeton DRM researcher Alex Halderman reports on the other malicious software found on Sony CDs, a Suncomm product called MediaMax. MediaMax is a vicious little bug, which spies on you and reports on your deeds to the mothership.

    Nov 12: New Sony lockware prevents selling or loaning of games

    Sony patents a piece of software that can prevent you from playing a game that's been inserted into one console on another console; speculation is that this is destined for the PS3. Kiss game rentals, loaning and re-sale goodbye. Also, if your PS3 breaks or is stolen, you might as well toss out all your games, they're useless without it.

    Nov 13: Sony's malware uninstaller leaves your computer vulnerable

    A Finnish researcher discovers that the "uninstaller" for Sony's rootkit leaves a ton of crap behind that hackers can exploit -- he can reboot your computer just by getting you to load a web-page

    Nov 13: Sony's rootkit infringes on software copyrights

    There are strong indications that Sony ripped off a Free Software-based library called the LAME Encoder for its rootkit. The LAME Encoder is licensed under the Lesser GPL (LGPL), which was released for free re-use by public spirited programmers who merely requested that they be acknowledged. In Sony's zeal to protect its copyrights, they had no compunction about clobbering the copyrights of those software authors.

    Other stuff:

    Sony lied about its rootkit. They said it didn't phone home with information about your deeds. It does. When they were caught in the lie, they said that they didn't pay attention to the information it sent back, so it's OK

    Microsoft is building a Sony rootkit-remover into its anti-spyware product

    Lawsuits against Sony are already underway in Italy and the US

    At least one piece of malicious software that exploits Sony's rootkit has been discovered in the wild

  10. Fuck sony

    in Music Discussion

    Posted

    surely Sony are breaking the computer misuse act by installing software without the owner's authorisation?

    According to my reading of act they are in both the UK and the US. However' date=' taking on their laywers would be scary. The EFF ([url']www.EFF.org) are going to fight this, give them a donation.

  14. licensing...

    in General Discussion

    Posted

    16-17 year olds are allowed in to consume alcohol of less than spirit strength with a meal if accompanied by an adult.

    Children under 16 are only allowed in if accompanied by an adult.

    Children under 14 are allowed in if the bar has a childrens licence. (And only up until 9pm I think.)

    Spend a lot of time taking children to bars Sue!!! :nono:

  18. Million Dollar Baby

    in General Discussion

    Posted

    I can't believe people could compare this to mystic river... It's like a feminised Rocky' date=' but shit. The acting, to be fair was spot on, even Clint Eastwood hasn't lost his schpadoinkle but the actual story was guff. As i've said already, the 'shocking twist' and the last 40 minutes of the film were unbearable. Going from beginner boxer to championship material in the space of 5 minutes isn't good storytelling.

    The twist itself comes out of absolutely nowhere, what's the point in going from a solid story to a tragedy in the blink of an eye... i just don't get it. None of the characters (minus the main ones) felt like proper characters, just stereotypes like the fat mum, gangsta' bitch and stupid kid with the heart. What about the letters he writes his daughter? why doesn't she answer?

    I just don't think it has a patch on Mystic River.[/quote']

    I cannot disagree with any of the above comments.

    Go and hire Mystic River and ignore this unless you have some strange facination with female boxers

×
×
  • Create New...