- Forums
- Cross Site
- The Asylum
- top 10 reasons why it's bad to include a rootkit in your CD.
top 10 reasons why it's bad to include a rootkit in your CD.Follow
becaye I have all the EQ and EQ2 disks, and after several deep level scans, they all came up clean.
Arch Duke Kaolian Drachensborn, lvl 95 Ranger, Unrest Server
Tech support forum | FAQ (Support) | Mobile Zam: http://m.zam.com (Premium only)
Forum Rules
Tech support forum | FAQ (Support) | Mobile Zam: http://m.zam.com (Premium only)
Forum Rules
those are not the only games that sony has been involved in...
im being extreemly sarcastic here if you did not notice :D
im being extreemly sarcastic here if you did not notice :D
i suppose better late then never:
MS finnaly gets into the frey and waits for the legal action to be taken FIRST before it does anything, but sadly most users will not have any kind of help from MS until December:
http://news.bbc.co.uk/2/hi/technology/4434852.stm
one of the few true things MS has said in the past 10 years:
so now Sony is caught in a big lie and this leads more power to those behind the legal action to win and win big.
MS finnaly gets into the frey and waits for the legal action to be taken FIRST before it does anything, but sadly most users will not have any kind of help from MS until December:
http://news.bbc.co.uk/2/hi/technology/4434852.stm
one of the few true things MS has said in the past 10 years:
Quote:
Writing in the blog, Jason Garms, one of the senior managers in the anti-malware team, said the XCP software qualified as spyware under the "objective criteria" Microsoft uses to assess potentially malicious programs.
so now Sony is caught in a big lie and this leads more power to those behind the legal action to win and win big.
I love it when they try to tell me I have to buy my own software.
Pshhhhhhhhh.
The only thing I pay for is FFXI. You think I bought Windows 64-bit Pro?
Ha!
Pshhhhhhhhh.
The only thing I pay for is FFXI. You think I bought Windows 64-bit Pro?
Ha!
as much as i like to see MS get the shaft, i do not like pirating software. that is an other reason i like linux. it is FREE as in free beer. that also means i can take that $150 i would of spent on a new license from MS and put it towards hardware or towards my family.
http://news.bbc.co.uk/2/hi/technology/4441928.stm
that is todays write up on the BBC. Sony is finaly doing something about this blasted rootkit they are installing against the law on computers.
they still have not admited any wrong, but it is so good to see that sony has not changed, and odds are they never will until a new panel of officers is running the company or they go belly up.
that is todays write up on the BBC. Sony is finaly doing something about this blasted rootkit they are installing against the law on computers.
they still have not admited any wrong, but it is so good to see that sony has not changed, and odds are they never will until a new panel of officers is running the company or they go belly up.
Quote:
but it is so good to see that sony has not changed, and odds are they never will until a new panel of officers is running the company or they go belly up.
Sony? Change?
I spent a large amount of time last semester doing a research project on the Stax Record Company and why it went bankrupt when it had been enjoying large amounts of sucess as an independent label with artists such as Otis Redding, Sam & Dave, and in particular, Issac Hayes. There were theories circulating that because it was an integrated company in the south (Memphis, TN) at a time when segregation was the norm, certain events, such as the assassination of Dr. Martin Luther King, in Memphis, caused rifts between the artists that they couldn't overcome.
Anyway. After a long series of events, one of the owners decides he wants out, and the other owner needs the money to pay him off. In a moment of stupidity he looked to Sony/BMG for the money. An interesting sidenote in all of this is that certain people running sony's music division at the time had been thought of as even racist for their lack of presence in the African American music scene. Someone at the music division commisioned the Harvard Business school to find out how profitable it might be if they decided to go into the area of African American music. The Harvard Report said that it would be quite profitable for them. So, they do a business deal with Stax. They knew there was no way they could have Motown, and probably not even Atlantic. Stax was the way to go. And they didn't want a "deal" with Stax, they -wanted- Stax. Stax didn't understand this, and when Stax didn't cooperate with them, they systematically put them out of business. It is so odd when you read about it, it is almost like they are pissed off because Stax isn't cooperating with their grand scheme, so they just make them bankrupt because they can.
So, there is a story about the music industry, big business, and Sony. Interesting, anyway.
interesting, but not supprising.
true, but installing anything onto someones computer without their permision, should be, against the law.
it is malware without a doubt hands down and should be treated the same way a virus is treated with the same legal ramifications to go along with that type of code.
it is malware without a doubt hands down and should be treated the same way a virus is treated with the same legal ramifications to go along with that type of code.
Howsabout we all pitch in together and buy a hitman or two? Yeah, that's illegal, too, but it'd send the right message:
Install malware on my PC and I'll pay someone to cut your fuc[/i]king skull open and use a soldering iron to burn the word as[/i]shole across your frontal lobes. Who's laughing now, rootkit boy? Who's laughing now?
Or we could just post on internet message boards about how they're jerks for doing it. We could do that. Punch and pie.
Install malware on my PC and I'll pay someone to cut your fuc[/i]king skull open and use a soldering iron to burn the word as[/i]shole across your frontal lobes. Who's laughing now, rootkit boy? Who's laughing now?
Or we could just post on internet message boards about how they're jerks for doing it. We could do that. Punch and pie.
TStephens wrote:
Howsabout we all pitch in together and buy a hitman or two? Yeah, that's illegal, too, but it'd send the right message:
Install malware on my PC and I'll pay someone to cut your fuc[/i]king skull open and use a soldering iron to burn the word as[/i]shole across your frontal lobes. Who's laughing now, rootkit boy? Who's laughing now?
Or we could just post on internet message boards about how they're jerks for doing it. We could do that. Punch and pie.
Install malware on my PC and I'll pay someone to cut your fuc[/i]king skull open and use a soldering iron to burn the word as[/i]shole across your frontal lobes. Who's laughing now, rootkit boy? Who's laughing now?
Or we could just post on internet message boards about how they're jerks for doing it. We could do that. Punch and pie.
well there are a few things that can be done legally about this.
1. if you own one of the CDs that has the rootkit and you run a MS OS at your home, then you can try to join the many class action suits against Sony Corp.
2. you can boycot any and all Sony Products. this is something that everyone is able to do.
3. you can write letters, not e-mails but real pen to paper or printed letters, to your congressional representative, state governor, and to the President of the USA. not that Bush will do much, but i can tell you from personal experiance that your local rep. and congressman WILL listen to a well written letter that is mailed of faxed to their office.
http://www.congress.org/congressorg/directory/congdir.tt?command=congdir
go there and enter your zip code to find your local rep.
4. send letter directly to Sony Corp. this is most likely a wiast of paper and or stamps, but you never know. if they get a few hundred thousand of these letter it might get someones attention, but again this is Sony we are talking about. the company that ignores the public and does what they want until they are caught or enough public speak out or threaten Sony corps. back pocket at that time they do something about it. more then not it is to little to late in most peoples eyes.
then again most people are ignorant and soon forget how horrid sony treats the customer and go back to buying their products and putting money back in the pockets of a company who cares nothing about consumer rights or needs.
for me it will be sending letters to my congressman complaining about the way that Sony is treating the customer and ask for law changes to make what sony did 100% against the law in the USA, not just on a state by state setting. not much more i can do.
Quote:
not much more i can do.
I'm willing to hold the hitman money for you. Just so you know it's, umm, safe. That way you can feel that you're doing all you can to send a serious message.
I do boycott Sony already, but it has nothing to do with rootkits. It has to do with paying $12-15 for 12 songs, 2 of which you prefer to listen to over having your fingernails ripped off with pliers. Sony just happens to be one of the companies that makes music CDs. I can count the music CDs I've bought in my life on one hand.
Installing malware on your PC isn't the dealbreaker for me. Sh1tty music CDs did that already when I was a kid.
Yes I'm bitter.
TStephens wrote:
Quote:
not much more i can do.
I'm willing to hold the hitman money for you. Just so you know it's, umm, safe. That way you can feel that you're doing all you can to send a serious message.
Quote:
I do boycott Sony already, but it has nothing to do with rootkits. It has to do with paying $12-15 for 12 songs, 2 of which you prefer to listen to over having your fingernails ripped off with pliers. Sony just happens to be one of the companies that makes music CDs. I can count the music CDs I've bought in my life on one hand.
Installing malware on your PC isn't the dealbreaker for me. Sh1tty music CDs did that already when I was a kid.
Yes I'm bitter.
yes i have been on a sony boycot for about a 2 years now. long history with multiple divisions of sony corp not just their music industry. as for buying CDs, i do not mind, but that last CD i bought was metalicas S&M, but i knew exactly what i was getting with that. for the most part i pay my $0.99 for mp3 i want and im happy with that.
so the "rootkit" CDs were not sold outside of the US, then why are there more computers in Japan that are infected with the rootkit then in the US?
http://www.nbr.co.nz/home/column_article.asp?id=13511&cid=3&cname=Technology
Mr Kaminsky's data show computers communicating through at least 568,200 nameservers around the world have been compromised by the trojan, with Japan (217,296), the US (130,519) and the UK (44,421) being the hardest hit.
and to top it off the uninstaller provided by Sony is worse then the rootkit it self:
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1145344,00.html
just a fast heads up, ActiveX means you must use IE you can not use the more secure web browsers on the market
created by Sony's British technology partner, First4 Internet.
* CodeSupport remains on the user's system after they leave Sony's Web site, and it is marked as safe for scripting, "so any Web page can ask CodeSupport to do things," the researchers said
very self explanitory here. if you use the sony uninstaller you will be installing more malware on your system
* Among other things, CodeSupport can be told to download and install code from Web sites. "Unfortunately, CodeSupport doesn't verify that the downloaded code actually came from Sony or First4 Internet," the researchers said. "This means any Web page can make CodeSupport download and install code from any URL without asking the user's permission."
In other words, Felten and Halderman said, "The consequences of the flaw are severe. It allows any Web page you visit to download, install, and run any code it likes on your computer… That's about as serious as a security flaw can get."
They recommended users take the following protective measures:
* Don't accept the installation of any software delivered over the Internet from First4 Internet. That will keep CodeSupport off the user's machine, if it's not already there.
in other words do not trust Sony to clean up after them self without doing more damage to your system!
like normal users know enough about computers to figure this out on their own... stupid sony /rude
"This is not an ideal solution -- depending on your security settings, it may not prevent the software from installing again -- but it's better than nothing," Felten and Halderman said. "We'll have to wait for First4 Internet to develop a complete patch."
Security experts have roundly criticized Sony since researcher Mark Russinovich, chief software architect and co-founder of Winternals Software in Austin, Texas, found the company's rootkit on his own machine and wrote an analysis of it on his blog at Sysinternals.com, setting off the controversy.
Experts said Sony was playing with fire by using a rootkit-based digital rights management (DRM) system to prevent CD copying and that the company's move could trigger a variety of dangerous exploits.
the more i learn, the more i am devoted to writting my congressman about getting something done to prevent sony or any other company from doing anything like this again and making sony pay millions in restoration to ALL windows networks that have to deal with the security issue created by their virus.
http://www.nbr.co.nz/home/column_article.asp?id=13511&cid=3&cname=Technology
Quote:
Mr Kaminsky's data show computers communicating through at least 568,200 nameservers around the world have been compromised by the trojan, with Japan (217,296), the US (130,519) and the UK (44,421) being the hardest hit.
and to top it off the uninstaller provided by Sony is worse then the rootkit it self:
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1145344,00.html
Quote:
The security risk created by Sony BMG Music Entertainment Inc.'s rootkit-based copy protection software may be nothing compared to a flaw that appears when someone tries to use the tool Sony made available to uninstall it.
Researchers at Princeton University said they've taken a "detailed" look at the Web-based uninstaller software and confirmed claims from a Finnish researcher that malicious Web sites could exploit a flaw in the software to install and run code on victims' computers.
"Over the weekend a Finnish researcher named Muzzy noticed a potential vulnerability in the Web-based uninstaller that Sony offers to users who want to remove the First4 Internet XCP copy protection software," Ed Felten, a professor of computer science and public affairs at Princeton University, wrote in his Freedom to Tinker blog along with Alex Halderman, a Ph.D student at the university. "We took a detailed look at the software and discovered that it is indeed possible for an attacker to exploit this weakness. For affected users, this represents a far greater security risk than even the original Sony rootkit."
According to Felten and Halderman, a "serious" design flaw in the uninstaller puts users at risk under the following circumstances:
* When the user fills out Sony's form to request a copy of the uninstaller, the request form downloads and installs an ActiveX control called CodeSupport,
Researchers at Princeton University said they've taken a "detailed" look at the Web-based uninstaller software and confirmed claims from a Finnish researcher that malicious Web sites could exploit a flaw in the software to install and run code on victims' computers.
"Over the weekend a Finnish researcher named Muzzy noticed a potential vulnerability in the Web-based uninstaller that Sony offers to users who want to remove the First4 Internet XCP copy protection software," Ed Felten, a professor of computer science and public affairs at Princeton University, wrote in his Freedom to Tinker blog along with Alex Halderman, a Ph.D student at the university. "We took a detailed look at the software and discovered that it is indeed possible for an attacker to exploit this weakness. For affected users, this represents a far greater security risk than even the original Sony rootkit."
According to Felten and Halderman, a "serious" design flaw in the uninstaller puts users at risk under the following circumstances:
* When the user fills out Sony's form to request a copy of the uninstaller, the request form downloads and installs an ActiveX control called CodeSupport,
just a fast heads up, ActiveX means you must use IE you can not use the more secure web browsers on the market
Quote:
created by Sony's British technology partner, First4 Internet.
* CodeSupport remains on the user's system after they leave Sony's Web site, and it is marked as safe for scripting, "so any Web page can ask CodeSupport to do things," the researchers said
very self explanitory here. if you use the sony uninstaller you will be installing more malware on your system
Quote:
* Among other things, CodeSupport can be told to download and install code from Web sites. "Unfortunately, CodeSupport doesn't verify that the downloaded code actually came from Sony or First4 Internet," the researchers said. "This means any Web page can make CodeSupport download and install code from any URL without asking the user's permission."
In other words, Felten and Halderman said, "The consequences of the flaw are severe. It allows any Web page you visit to download, install, and run any code it likes on your computer… That's about as serious as a security flaw can get."
They recommended users take the following protective measures:
* Don't accept the installation of any software delivered over the Internet from First4 Internet. That will keep CodeSupport off the user's machine, if it's not already there.
in other words do not trust Sony to clean up after them self without doing more damage to your system!
Quote:
* Users can check their machines to see if CodeSupport is installed by trying Muzzy's reboot demonstration link. "If CodeSupport isn't on your machine, the link will do nothing, beyond displaying a message in your browser window. But if you have CodeSupport and are therefore vulnerable, then the link will reboot your machine," the researchers said. They warned, however, that Muzzy's demo "might sometimes make things worse" and that "We'll develop a safer variant and post it [on the Freedom to Tinker blog]."
* If the machine is vulnerable, delete the CodeSupport component. From the start menu, choose "Run." In the box that pops up, type (on a single line) cmd /k del "%windir%downloaded program filescodesupport.*
* If the machine is vulnerable, delete the CodeSupport component. From the start menu, choose "Run." In the box that pops up, type (on a single line) cmd /k del "%windir%downloaded program filescodesupport.*
like normal users know enough about computers to figure this out on their own... stupid sony /rude
Quote:
"This is not an ideal solution -- depending on your security settings, it may not prevent the software from installing again -- but it's better than nothing," Felten and Halderman said. "We'll have to wait for First4 Internet to develop a complete patch."
Security experts have roundly criticized Sony since researcher Mark Russinovich, chief software architect and co-founder of Winternals Software in Austin, Texas, found the company's rootkit on his own machine and wrote an analysis of it on his blog at Sysinternals.com, setting off the controversy.
Experts said Sony was playing with fire by using a rootkit-based digital rights management (DRM) system to prevent CD copying and that the company's move could trigger a variety of dangerous exploits.
the more i learn, the more i am devoted to writting my congressman about getting something done to prevent sony or any other company from doing anything like this again and making sony pay millions in restoration to ALL windows networks that have to deal with the security issue created by their virus.
Sony finnally admits to over 50 titles with thier virus on the CD.
http://news.bbc.co.uk/2/hi/technology/4445550.stm
now more then 500,000 EU could be at risk of major security problems thanks to Sony's uninstaller just by browsing the web.
thank you sony for not letting me down in your continued lies and betral of the public trust.
http://news.bbc.co.uk/2/hi/technology/4445550.stm
now more then 500,000 EU could be at risk of major security problems thanks to Sony's uninstaller just by browsing the web.
thank you sony for not letting me down in your continued lies and betral of the public trust.
I'm not very tech savvy but this article seemed to sum it up nicely, and in layman's terms.
http://www.usatoday.com/tech/columnist/andrewkantor/2005-11-17-sony-rootkit_x.htm
http://www.usatoday.com/tech/columnist/andrewkantor/2005-11-17-sony-rootkit_x.htm
yup, that is very well written. there is a new writeup today on the BBC in the tech section and is an other good read.
500,000 networks can mean over 2,000,000 computers infected with this virus installed by Sony. also a large portion of US Military networks seem to also be infected. WTG Sony create a security problem with the Military will get you nothing but more trouble then you already are in.
500,000 networks can mean over 2,000,000 computers infected with this virus installed by Sony. also a large portion of US Military networks seem to also be infected. WTG Sony create a security problem with the Military will get you nothing but more trouble then you already are in.
***** Iraq, Let's invade Sony!
dadada da da da dadadadada...
We interupt this program to bring you this news update:
Here we are at the McO'gills Turkey farm, where in the early hours today, the bodies of Mr and Mrs McO'gill were found. At this time, investigators aren't saying much about the slaying except to say that it was brutal. On Sherrif's Deputy stated that it was the most disgusting thing he'd ever seen. Most of the other deputies we attempted to interview were busy vomiting.
Also of note is that the perpetrators of this heinous act appeared to have theft on their minds. It appears that they stole all the turkeys in the farm in addition to the brutal slayings of the farm's owners. No other property was taken, and authorities are currently mystified as to how the theft and slayings were carried out. No large vehicle tracks were found, and the farm is located in a remote area, with the only road in or out shared by the Four Yard Sandbar nuclear power plant facility. No one there saw or heard anything.
At this time authorities are still sifting through the crime scene for clues. And we'll keep you informed as we find out more...
We interupt this program to bring you this news update:
Here we are at the McO'gills Turkey farm, where in the early hours today, the bodies of Mr and Mrs McO'gill were found. At this time, investigators aren't saying much about the slaying except to say that it was brutal. On Sherrif's Deputy stated that it was the most disgusting thing he'd ever seen. Most of the other deputies we attempted to interview were busy vomiting.
Also of note is that the perpetrators of this heinous act appeared to have theft on their minds. It appears that they stole all the turkeys in the farm in addition to the brutal slayings of the farm's owners. No other property was taken, and authorities are currently mystified as to how the theft and slayings were carried out. No large vehicle tracks were found, and the farm is located in a remote area, with the only road in or out shared by the Four Yard Sandbar nuclear power plant facility. No one there saw or heard anything.
At this time authorities are still sifting through the crime scene for clues. And we'll keep you informed as we find out more...
King Nobby wrote:
More words please
Recent Visitors: 136
All times are in CST
Anonymous Guests (136)
- Forums
- Cross Site
- The Asylum
- top 10 reasons why it's bad to include a rootkit in your CD.
© 2024 Fanbyte LLC