"sony rootkit"

A curiously incomplete history of the early years of DRM

Ernie Smith's Motherboard article on the early years of DRM gets into some fascinating stories about things like IBM's Cryptolope and Xerox PARC's Contentguard (which became a patent troll), Intertrust's belief that it is "developing the basis for a civil society in cyberspace" and the DeCSS fight. Read the rest

It's been ten years since Sony Music infected the world with its rootkit

Oct 31 2005: Security researcher Mark Russinovich blows the whistle on Sony-BMG, whose latest "audio CDs" were actually multi-session data-discs, deliberately designed to covertly infect Windows computers when inserted into their optical drives. Read the rest

Copyfighting, jailbreaking legend Ed Felten is the White House's new deputy CTO

He'll serve under the brilliant Megan Smith, the CTO. Read the rest

Music industry hates anti-spam laws

Michael Geist sez,

The business opposition to Canada's anti-spam and spyware legislation has added an unlikely supporter: the Canadian Recording Industry Association, now known as Music Canada. The organization has launched an advocacy campaign against the law, claiming that it "will particularly hurt indie labels, start-ups, and bands struggling to build a base and a career." Music Canada is urging people to tweet at Canadian Heritage Minister James Moore to ask him to help bands who it says will suffer from anti-spam legislation.

Yet Music Canada's specific examples mislead its members about the impact of the legislation. It wrongly claims that bands and labels won't be able to contact venues or stay in contact with fans. To top it off, the industry that introduced lawsuits against individuals for file sharing (CRIA members first commenced such actions in 2004) and brought us the Sony Rootkit debacle is now concerned with lawsuits against its own members for failing to abide by an anti-spam and spyware law.

Is the Road to Music Success Paved with Spam? Canada's Music Lobby Apparently Thinks So

spam,copyfight,corruption,canada,corporatism Read the rest

Canadian businesses lobby for the right to infect peoples' computers with viruses and rootkits

Michael Geist sez,

A coalition of Canadian industry groups, including the Canadian Chamber of Commerce, the Canadian Marketing Association, the Canadian Wireless Telecommunications Association and the Entertainment Software Association of Canada, are demanding legalized spyware for private enforcement purposes. The demand comes as part of a review of anti-spam and spyware legislation in Canada.

The potential scope of coverage is breathtaking: a software program secretly installed by an entertainment software company designed to detect or investigate alleged copyright infringement would be covered by this exception. This exception could potentially cover programs designed to block access to certain websites (preventing the contravention of a law as would have been the case with SOPA), attempts to access wireless networks without authorization, or even keylogger programs tracking unsuspecting users (detection and investigation).

Sony Rootkit Redux: Canadian Business Groups Lobby For Right To Install Spyware on Your Computer Read the rest

Sony considered harmful to makers, innovators and hackers

Make magazine's Phil Torrone has had enough of Sony. Provoked by Sony's lawsuits and raids against makers who reverse engineered the Playstation 3, Phil has composed a top-seven list of Sony's most egregious and corrupt uses of the law to fight makers. Phil starts with Sony's legal threats against security researchers who discovered that Sony-BMG had deliberately (and illegally) infected millions of computers with a rootkit as part of a DRM scheme, and goes all the way through to the latest round of PS3 action. He finishes with the irony of ironies: Sony's eight-year fight for consumer rights when it introduced the Betamax VCR and was sued by the Hollywood studios -- an era when the company's slogan was "experience the freedom of total control."

In this article, we'll explore Sony's long history of going after legitimate innovation, hobbyists, and competition. Sony, we've been keeping score. We're tired of you picking on people who want to program their robot dogs to dance. We're tired of you suing people who want to run their own software on something they bought. Sony has made so many mistakes with technology choices (Memory Stick, Magic Gate, UMD!), perhaps they'll end themselves soon enough, but we'd like to think there's at least someone there would wants to avoid Sony spending its last days sending DMCAs to anyone who tweets "46DCEAD317FE45D80923EB97E4956410D4CDB2C2″.

I couldn't find one location that documented Sony's all-out war on makers, hackers, and innovators, so I started my own (and it isn't pretty). The talented artists, designers, and engineers who work at Sony deserve better, and their customers deserve better.

Read the rest

Dane who ripped his DVDs demands to be arrested under DRM law

In Denmark, it's legal to make copies of commercial videos for backup or other private purposes. It's also illegal to break the DRM that restricts copying of DVDs. Deciding to find out which law mattered, Henrik Anderson reported himself for 100 violations of the DRM-breaking law (he ripped his DVD collection to his computer) and demanded that the Danish anti-piracy Antipiratgruppen do something about. They promised him a response, then didn't respond. So now he's reporting himself to the police. He wants a trial, so that the legality of the DRM-breaking law can be tested in court.

However, in the period up to today, Henrik heard nothing from Antipiratgruppen, although their lawyer Thomas Schlüter did speak to the Danish press, saying that it was a political matter but had nevertheless reported the issue to the Association of Danish Videodistributors for consideration. In response, their chairman, Poul Dylov, said they would have a meeting to decide whether to report the matter to the police.

Antipiratgruppen said it would reply to Henrik by they date he requested. It seems they have broken their promise and strangely are insisting that they never received the email that Henrik sent them on the issue...

Henrik told us: "But who should I follow? Those that determine the laws in this country? Or those who are lawyers for the companies that i'm committing a crime against?"

But Henrik has a solution to their inaction.

"I decided to try to see if I can report myself directly to the police, for the case must be resolved," he told us.

Read the rest

Warner to sell no-DRM MP3s on Amazon

Warner Music has announced that it will begin to sell non-DRM'ed MP3 music files on Amazon, making it the third (of four) major labels to sign up for DRM-free distribution of their music, Universal and EMI being the other two. Only Sony BMG have held out -- and that's the same label that gave us the infamous Sony Rootkit, a dangerous hacker-tool that Sony infected millions of PCs with in a failed bid to prevent copying of its music.

Warner will not sell its music in DRM-free form on iTunes, which is in keeping with the general tenor of the move to DRM-free music. Apple's dominance in online music sales has been reinforced by the fact that nearly all the music it has sold is locked to Apple's players with a DRM scheme called FairPlay. Thanks to laws like the Digital Millennium Copyright Act, it's illegal for competitors of Apple to break this DRM and offer competing products that will play the music you bought from Apple. This lock-in gives Apple a Wal-Mart-like degree of control over the business-practices of the labels, since Apple customers who make a substantial investment in iTunes music face the prospect of losing their money should they switch to competing players.

The only way to maneuver around this is by offering DRM-free MP3 tracks, which can be played on iPods and their competitors. Apple CEO Steve Jobs called on the labels to deliver DRM-free music last year, even as several European nations were considering legislation, regulation or court action to force Apple to open up its DRM to competitors. Read the rest

iTunes Store will sell ENTIRE EMI CATALOG DRM-free!!11!1ONE!

Hallelujah! Apple and EMI just announced that they will be selling DRM-free Apple songs through the iTunes Music Store. The songs will cost 130 percent of the price of the existing crippled songs, and you'll get to choose. Weirdly, Apple seems to have sold this move to EMI by saying that the DRM-free version will be a "premium" offering for audiophiles who want higher-quality music. I think that audiophiles are probably the people who have the least trouble keeping up with the latest tips for efficiently ripping the DRM off of their music -- the people who really need DRM-free music are the punters who can't even spell DRM.

This is some of the best news I've heard all year. DefectiveByDesign is soliciting ideas for a thank-you gift to Steve Jobs. This may just be a sneaky way of hiking music prices, but hell, it's a whole lot more than I thought we'd get. What's more, Apple pricing DRM-free music at $1.29 means that the $0.79-0.99 DRM-free MP3s from competing indie music stores will get a huge price advantage.

I could not be happier right now. I really hope Apple decides to make a web-based version of the iTunes store so that I can buy iTunes tracks in the future using Ubuntu Linux (I know, it's been ages and I still haven't written my "switching to Linux" article, it's in the pipe, but here's the story: I switched, it's awesome, I love it).

Jobs, who stressed the need for higher-quality music with the rise of high-fidelity home speaker systems, called EMI's move "the next big step forward in the digital-music revolution--the movement to completely interoperable DRM-free music." He added that "Apple will reach out to all the major and independent labels to give them the same opportunity" and suggested that half of iTunes' music tracks will be available in both DRM-loaded and DRM-free form by the end of 2007.

Read the rest

Sony's rootkit disables CD drives when combined with AOL software

The Texas Attorney General has been testing XCP, the rootkit that Sony BMG infected its customers' computers with last year (they were trying to stop their customers from making copies of the CDs they purchased). The AG's office has determined that the Sony rootkit, when combined with standard AOL software, could disable your CD drive entirely:

A glitch in the XCP DRM technology meant that anti-spyware features in AOL's Safety and Security Centre software and PestPatrol software could have tried to disable the CD-ROM's configuration.

The bug has been found by Texas attorney general's office who have been testing the XCP copy-protection technology as part of the state's lawsuit against Sony.

Link Read the rest

UK Parliament report damns DRM, calls for reins on crippleware

The UK All Party Parliamentary Internet Group has published a paper on DRM today that makes a number of very progressive recommendations on DRM in British law. The APPIG solicited public comments, and the UK Open Rights Group submitted a long, detailed set of recommendations on how to make Britain safe from copy-restriction technology. Many of the best recommendations in the APPIG mirror the ORG proposals, which suggests that Parliament is really listening to tech activists on DRM questions.

Specifically, the group recommended:

* Mandatory DRM labeling, explaining what you lose when you buy DRM technology

* Further, labeling should include information on how you'd be hurt if the DRM vendor goes out of business or if you buy new technology

* A promise of criminal prosecution the next time a Sony Rootkit DRM-style scandal crops up

* A call for investigation into the ways that DRM is used for illegal price-discrimination within the EU (e.g., charging different amounts for the same iTunes song depending on which European country you live in)

* A ban on future DRM mandates

* Action to ensure that DRM doesn't interfere with use by visually disabled people

* A promise that future DRM rules include activists and public interest groups, not just entertainment companies and DRM arms-merchants

* A rule allowing academics and security researchers to crack DRM and publish the details of their work

* Investigation into depositing non-DRM media with the nation's libraries

These reccos certainly could have gone farther, but hoo boy, would you look at that? Read the rest

DMCA revision proposal will jail Americans for "attempting" infringment

A new proposed set of amendments to the US's loathsome DMCA -- the 1998 copyright that paves the way to censorship, arresting security researchers, and creating monopolies for entertainment and DRM companies -- will make the law even worse. The Department of Justice has proposed the amendments to Congress, and IPac and others have action-pages up that will help you fight them. Texas's Lamar Smith sponsored a bill to pass the amendments into law. If you have the poser to campaign for Smith's opponent, the 2006 elections would be a good time to do so -- that guy's evidently so deep in Hollywood's pockets that he'll send Americans to jail for downloading music.

The new law would send you to prison for attempting to infringe copyright. It would make it even more illegal to own tools that could be used to remove copy-restrictions, like DVD-ripping software -- it could even bust Symantec for making software that removed the Sony rootkit malicious software that the company distributed with its CDs last year:

This is a concerted effort to escalate Hollywood's war on America by creating a generation of criminals and sending them off to jail. That's right: the "Intellectual Property Protection Act of 2006" (IPPA) would double the authorized prison terms for existing copyright infringement, create a host of new offenses, and establish a division within the FBI to hunt down infringers. The Members of Congress in the pockets of the Hollywood cartels want to divert $20 million a year and FBI agents from fighting real criminals so they can go after people without computers.

Read the rest

Sony DRM Debacle roundup Part VI

Here's the sixth installment of the Sony DRM Debacle, tracing the history of all the misdeeds committed by Sony when it covertly installed malicious software on millions of music fans' PCs in order to restrict their ability to make lawful copies of their music. See the bottom of the post for links to the previous five installments of this story:

December 26, 2005: Sony store still selling rootkit CDs A Consumerist reader discovers Sony rootkit CDs still on sale at the Sony Store in Westchester, NY, despite Sony's assurance that it has withdrawn the CDs.

December 30, 2005: EFF and Sony BMG Reach Preliminary Settlement on rootkit

EFF brings Sony to heel on its illegal practice of sneaking malicious software onto your PC.

January 1, 2006: Sony may be liable on federal criminal statutes

Ed Felten has posted about the question that must scare Sony the most: have they committed a criminal act by distributing music CDs with spyware and rootkits on them?

January 1, 2006: Texas sues Sony over spyware as well as rootkits

Texas's Attorney General has announced that he will expand his existing lawsuit against Sony to include damages for CDs infected with Sunncomm's MediaMax spyware.

January 4, 2006: Florida may sue Sony, too

Florida's attorney general opens an investigation into Sony's DRM shenanigans.

January 5, 2006: Law student files rootkit small-claim against Sony

Mark Lyon, the law student who runs SonySuit.com has filed a personal small claim against Sony for the damage done to his PC when he played one of the company's audio discs. Read the rest

Canadians suing Sony some more for infecting music CDs

Canadians whose PCs were infected by the malicious software Sony deliberately included on its music CDs have launched another class-action suit against the company.

Sony BMG was outed on October 31, 2005, for including anti-copying software that employed "rootkits," a technique that made it impossible for users to uninstall without damaging their Windows installation, and which opened them to new security vulnerabilities. Subsequently, Sony was also outed for using a piece of spyware called MediaMax, from SunnComm, which also created security vulnerabilities.

One class action suit in the US has been settled, while other suits and government legal actions are pending in several US states, Ireland, Canada and Italy. It's not known yet whether Sony will face legal reprisals from the US government for the military and government computers that were infected with its software.

* Sony released at least 34 titles in Canada with sales of approximately 120,000 CDs

* Sony waited two extra weeks to begin recalling CDs in Canada as compared to the United States

* Sony did not do enough to remove the CDs from store shelves. One of the named complainants purchased the CD on Boxing Day, weeks after the recall was announced and the complaint alleges that the CDs are still being sold.

Second, the complaint includes considerable analysis of Sony's alleged violation of both consumer protection and national privacy legislation. Given the analysis, the question that immediately comes to mind is whether the Privacy Commissioner of Canada and the Competition Bureau have launched investigations into the Sony rootkit incident.

Read the rest

99-word essay explains Fair Use

Norm sez, "I am in the midst of a 'haiku essay' project: each essay is exactly 99 words long, plus one for the title. With the Sony Rootkit, ubiquitous DRM and plugging the analog hole on everyone's minds, I took this opportunity to make the fair use case in 99 words."

I love music, movies, and books. I also love technology. I want to use technology to deliver the media I love anywhere, anywhen, with anyone.

This is fair use: I bought it, let me use it. I will tell all my friends about my favorite music. I might play it for them or even give them a digital version of a song. This is evangelism, not theft. This is advertising you cannot buy.

Restrictive copyright is like a vegetarian knife. You bought the knife, but if you cut meat with it, we'll sue you. Excuse me? Let's think again.

Link

(Thanks, Norm!) Read the rest

Canadian RIAA's copyright poll asks the wrong questions

CRIA, the Canadian equivalent of the RIAA has produced a push-poll on copyright for the Canadian election. Michael Geist expertly deconstructs it in his latest blog post:

The more interesting (or headline grabbing) data will involve the views on stronger copyright laws. The data here illustrates why it is difficult to get parties to turn their attention to copyright, since notwithstanding CRIA's emphasis on the 32 percent who say they would vote for parties who favour stronger copyright laws, nearly half of the those polled say it makes no difference, while almost one in five see it as a negative.

What is most important about this poll, however, is what it doesn't ask. What percentage of Canadians would say that the law should protect consumers against the secret installation of copy protection programs that threaten the security on their computer? What percentage of Canadians would say they should be entitled to view a store-bought DVD in their homes regardless of where it is purchased? What percentage of Canadians would say that they should be entitled to make a copy of their CDs to listen to on their iPod? What percentage of Canadians are aware of the $140 million that has been collected under the private copying system, the majority of which goes to Canadian artists? These are the sorts of questions that must be asked for this poll to have any real credibility since my guess is that the numbers would be even higher. Canadians are deeply troubled by issues such as the Sony Rootkit, DVD regional coding, and the shortcomings of the private copying system and copyright policy must take these issues into account.

Read the rest

Xeni on NPR: 2005 Tech News Hall of Shame

On today's edition of the NPR News program "Day to Day," I spoke with host Farai Chideya about the most shameful moments in technology news this past year.

Many of those low points will be familar to Boing Boing readers: Yahoo's role in the imprisonment of Chinese journalist Shi Tao, the Sony rootkit debacle extended dance remix, and Apple versus bloggers, to name but three.

Link to segment details and archived audio, Link to Day to Day website. Previous "Xeni Tech" segments on NPR here.

See also Kevin Poulsen's terrific year-end roundup for Wired News, "Worst Tech Moments of 2005." Link. Read the rest

Next page

:)