Updating A Few Things...
Hello again, loyal readers. I just wanted to update folks on the success or failure of a few previous posts.
The war against the spammers is going exceptionally well. By instituting the Turing Test (the "enter the word or letters seen here" part of the comments page), I have completely eliminated the scripted comment spam that was taking place. Thus I am claiming a provisional victory over the spammers. To the spammers: I won, you lost, now pack up your stuff and leave quietly! *sticks tongue out at departing spammers* (Ok, it is juvenile, I admit it, but if you hated spammers as much as I do, then you'd do it too!)
Speaking of things I hate, here's something for you if you haven't already heard about it.
As the people who know me can attest, if there is one thing dealing with computers that I hate above all others (including spam), it is spyware and malware. Spyware and malware, at least to me, are the scourge of the internet. They are generally unwanted and, sometimes, univited pieces of trash that do nothing more than gather information about you (generally stuff you don't want disclosed), slow down your machine, and eat up bandwidth. They are pathtically bad programs written by pathetically bad programmers, and doing bad things to your machine (especially in the case of malware).
Having said that, a new and despicable use for spyware has emerged this past week. Spyware is now becoming digital rights management (DRM). For those of you who don't know what DRM is, basically it is an attempt by certain companies to digitally protect the content of their products (it is a little more complicated than this, but this is the basic concept). DRM can be found in everything from computer software (see things like "safedisc" by Macrovision) to audio compact disks. DRM is a corporate illusion as hardcore computer junkies can, and have, found ways around it or have cracked it outright.
As for the spyware as DRM, here is the story. Sony, the Japanese electronics giant, has introduced a new type of DRM on certain audio cds. The DRM is called "XCD". The idea behind it was to stem the tide of piracy that (supposedly) currently exists. XCD does this by placing a program on your computer to limit the number of times you may copy a disk (I guess Sony hasn't heard of the "fair use" clause in US copyright laws). The problem with the new XCD DRM comes in the fact that the software copied onto your system is nothing more than a "rootkit". A rootkit is a program or package of programs that can allow a hacker to break into and control your system (in simplest terms). Not only does the XCD install as a rootkit, but it also hides itself on your system so that you can't tell it is there. This leaves a potential security hole in your system for hackers to exploit. In fact there have been reports of a virus (just now coming out) designed to exploit the security hole that the DRM opens up.
Sony has release a patch that will reveal the installed program and its components, but the patch does nothing to remove the software. In order to get the patch, you must first jump through half a dozen hoops and "request" it from Sony. Then Sony will send you an email. Then you must jump thorough a few more hoops, and Sony will send you another email. The finally, you must download the patch (which includes a few undisclosed "updates"). All of this just to reveal the program! The patch does not uninstall the software. In fact, if you try to unistall the software you run the risk of not only getting a blue screen error, but you also run the risk of rendering your computer's cd player/recorder inoperable!! In other words, trying to removing this unwanted p.o.s. will break your cd-r/rw!!
Now Sony isn't entirely at fault. The company responsible for coming up with this pathetic piece of crap is a UK-based company called "First 4 Internet". They claim to be a developer of "advanced software" based in Oxfordshire. I am guessing that by "advanced software" they mean software capable of making your system do its doorstop impersonation.
The man responsible for finding this Sony screw-up is Mark Russinovich of Sysinternals. Russinovich discovered the problem while having diffculties with his own system. For those of you who have never heard of Dr. Russinovich, he is the chief software architect and co-founder of Winternals (a company that makes advanced systems software for Windows-based machines). He has a Phd from Carnegie Mellon University (just up Forbes Ave from Pitt [in the Shadyside neck of the woods]) and is generally considered to be one of the world's foremost authorities on the Windows Operating System. So, therefore, when he says he found that Sony's DRM is a rootkit, I am pretty sure that he knows what he is talking about! Dr. Russinovich's blog explains the problem in more detail and much better than I ever could. The blog is located at Mark's Sysinternals Blog.
Also, the Electronic Frontiers Foundation has a page (here) listing the signs to look for to check if you have one of these rootkit "protected" disks. They have also compiled a list of the Sony CDs containing the XCD (rootkit) protection (here). If you have recently bought a Sony CD or have a Sony CD (or any cd as Sony publishes under many names, most notably Sony and BMG) that you are not sure of, I urge you to check out both of these sites. Then check out the Sysinternals Blog for ways of dealing with it if you are infected.
Finally, in my opinion, Sony has gone to far. In resorting to installing rootkits on the computers of people who have legally bought a Sony CD, Sony has resorted to a tactic once considered to be the sole province of internet criminals. We have laws on the books dealing with this sort of thing. People who hack your computer are (under many federal and state laws) criminals. Sony has hacked your system, and the people responsible for this debacle should be held criminally liable. But, Sony being a large company, and the Federal Government being in the hip pocket of the corporations, Sony probably won't be prosecuted. And more's the pity, as Sony has set a new precedent in how companies, in the future, will protect their products. If Sony gets away with this, it will open up the door to more companies (and not just the record companies, either) protecting their product by breaking your computer. This is the equivalent of a record company thug coming to your house and saying "I don't give a damn about the law and fair use, I don't like the way you are using your cd!" and then smashing your cd player or stereo. If someone actually did that, you'd call the cops and have them arrested (if you didn't shoot them first). In this case, Sony is actually doing that, but without stepping foot onto your property. Sony also thinks that their End User Licensing Agreement (EULA) will protect them. I have bad news for Sony. Their EULA is the equivalent of someone having you (voluntarily) sign a paper saying that it is ok to shoot you. Unfortunately for the person pulling the trigger, the shooting is still a criminal act and the paper means nothing as you are prohibited by law from signing any contract that entails breaking the law as one of the conditions of fulfillment. Therefore, Sony's EULA is worthless as it requires a criminal act to fulfill the EULA. If you have been affected by one of these Sony CDs, I urge you to contact a lawyer and your states Attorney General (to see if criminal charges can be brought against Sony). If you haven't been affected, then I urge you to boycott Sony products (or at least their audio cds).
As always, I am Chuck and this has been my rant. Oh, and this entry is protected by my version of Digital Rights Management. It is digital, and I manged to write it. (And unlike Sony's DRM, it won't break your computer!)
The war against the spammers is going exceptionally well. By instituting the Turing Test (the "enter the word or letters seen here" part of the comments page), I have completely eliminated the scripted comment spam that was taking place. Thus I am claiming a provisional victory over the spammers. To the spammers: I won, you lost, now pack up your stuff and leave quietly! *sticks tongue out at departing spammers* (Ok, it is juvenile, I admit it, but if you hated spammers as much as I do, then you'd do it too!)
Speaking of things I hate, here's something for you if you haven't already heard about it.
As the people who know me can attest, if there is one thing dealing with computers that I hate above all others (including spam), it is spyware and malware. Spyware and malware, at least to me, are the scourge of the internet. They are generally unwanted and, sometimes, univited pieces of trash that do nothing more than gather information about you (generally stuff you don't want disclosed), slow down your machine, and eat up bandwidth. They are pathtically bad programs written by pathetically bad programmers, and doing bad things to your machine (especially in the case of malware).
Having said that, a new and despicable use for spyware has emerged this past week. Spyware is now becoming digital rights management (DRM). For those of you who don't know what DRM is, basically it is an attempt by certain companies to digitally protect the content of their products (it is a little more complicated than this, but this is the basic concept). DRM can be found in everything from computer software (see things like "safedisc" by Macrovision) to audio compact disks. DRM is a corporate illusion as hardcore computer junkies can, and have, found ways around it or have cracked it outright.
As for the spyware as DRM, here is the story. Sony, the Japanese electronics giant, has introduced a new type of DRM on certain audio cds. The DRM is called "XCD". The idea behind it was to stem the tide of piracy that (supposedly) currently exists. XCD does this by placing a program on your computer to limit the number of times you may copy a disk (I guess Sony hasn't heard of the "fair use" clause in US copyright laws). The problem with the new XCD DRM comes in the fact that the software copied onto your system is nothing more than a "rootkit". A rootkit is a program or package of programs that can allow a hacker to break into and control your system (in simplest terms). Not only does the XCD install as a rootkit, but it also hides itself on your system so that you can't tell it is there. This leaves a potential security hole in your system for hackers to exploit. In fact there have been reports of a virus (just now coming out) designed to exploit the security hole that the DRM opens up.
Sony has release a patch that will reveal the installed program and its components, but the patch does nothing to remove the software. In order to get the patch, you must first jump through half a dozen hoops and "request" it from Sony. Then Sony will send you an email. Then you must jump thorough a few more hoops, and Sony will send you another email. The finally, you must download the patch (which includes a few undisclosed "updates"). All of this just to reveal the program! The patch does not uninstall the software. In fact, if you try to unistall the software you run the risk of not only getting a blue screen error, but you also run the risk of rendering your computer's cd player/recorder inoperable!! In other words, trying to removing this unwanted p.o.s. will break your cd-r/rw!!
Now Sony isn't entirely at fault. The company responsible for coming up with this pathetic piece of crap is a UK-based company called "First 4 Internet". They claim to be a developer of "advanced software" based in Oxfordshire. I am guessing that by "advanced software" they mean software capable of making your system do its doorstop impersonation.
The man responsible for finding this Sony screw-up is Mark Russinovich of Sysinternals. Russinovich discovered the problem while having diffculties with his own system. For those of you who have never heard of Dr. Russinovich, he is the chief software architect and co-founder of Winternals (a company that makes advanced systems software for Windows-based machines). He has a Phd from Carnegie Mellon University (just up Forbes Ave from Pitt [in the Shadyside neck of the woods]) and is generally considered to be one of the world's foremost authorities on the Windows Operating System. So, therefore, when he says he found that Sony's DRM is a rootkit, I am pretty sure that he knows what he is talking about! Dr. Russinovich's blog explains the problem in more detail and much better than I ever could. The blog is located at Mark's Sysinternals Blog.
Also, the Electronic Frontiers Foundation has a page (here) listing the signs to look for to check if you have one of these rootkit "protected" disks. They have also compiled a list of the Sony CDs containing the XCD (rootkit) protection (here). If you have recently bought a Sony CD or have a Sony CD (or any cd as Sony publishes under many names, most notably Sony and BMG) that you are not sure of, I urge you to check out both of these sites. Then check out the Sysinternals Blog for ways of dealing with it if you are infected.
Finally, in my opinion, Sony has gone to far. In resorting to installing rootkits on the computers of people who have legally bought a Sony CD, Sony has resorted to a tactic once considered to be the sole province of internet criminals. We have laws on the books dealing with this sort of thing. People who hack your computer are (under many federal and state laws) criminals. Sony has hacked your system, and the people responsible for this debacle should be held criminally liable. But, Sony being a large company, and the Federal Government being in the hip pocket of the corporations, Sony probably won't be prosecuted. And more's the pity, as Sony has set a new precedent in how companies, in the future, will protect their products. If Sony gets away with this, it will open up the door to more companies (and not just the record companies, either) protecting their product by breaking your computer. This is the equivalent of a record company thug coming to your house and saying "I don't give a damn about the law and fair use, I don't like the way you are using your cd!" and then smashing your cd player or stereo. If someone actually did that, you'd call the cops and have them arrested (if you didn't shoot them first). In this case, Sony is actually doing that, but without stepping foot onto your property. Sony also thinks that their End User Licensing Agreement (EULA) will protect them. I have bad news for Sony. Their EULA is the equivalent of someone having you (voluntarily) sign a paper saying that it is ok to shoot you. Unfortunately for the person pulling the trigger, the shooting is still a criminal act and the paper means nothing as you are prohibited by law from signing any contract that entails breaking the law as one of the conditions of fulfillment. Therefore, Sony's EULA is worthless as it requires a criminal act to fulfill the EULA. If you have been affected by one of these Sony CDs, I urge you to contact a lawyer and your states Attorney General (to see if criminal charges can be brought against Sony). If you haven't been affected, then I urge you to boycott Sony products (or at least their audio cds).
As always, I am Chuck and this has been my rant. Oh, and this entry is protected by my version of Digital Rights Management. It is digital, and I manged to write it. (And unlike Sony's DRM, it won't break your computer!)
posted by Chuck | 03:11
0 Comments:
Post a Comment
<< Home