domingo, novembro 06, 2005

Boycott SONY?

See just this Post & Comments / 2 Comments so far / Post a Comment /   Home
Up, Down, Thread Ahead: Surviving Bad Software, Thread Back: let them eat HTML.

Sunday, November 13
Microsoft to Zap Sony DRM 'Rootkit'

That was fast too! I hope the developers, First 4 Internet, got paid up front in cash and not some kind of per infection royalty.

Saturday, November 12
Sony stops making anti-piracy CDs

So they have backed down for now, but:

Nought's had, all's spent,
Where our desire is got without content:
'Tis safer to be that which we destroy
Than by destruction dwell in doubtful joy.
(Lady Macbeth)

We have scotch'd the snake, not kill'd it:
She'll close and be herself, whilst our poor malice
Remains in danger of her former tooth.

SONY is not alone in this; all of them are wondering what to do and simple silly greed, properly called cupidity, seems to be having the day. Is their sales slump entirely the result of Napster and the P2P boys? I don't think so. Theft may be part of it but I think it is also the result of pandering to the lowest common denominator of taste - you could call it the Monkees syndrome. They attempt to mould and determine culture instead of simply purveying it. Simplicity is the watchword, because the answer too is simple, maybe too simple for them. (ai ai what a sentence!)

Provide excellent service and charge for it appropriately. Make iPod conversion easy and get a share of the hardware end. Get imaginative with the marketing and distribution of files over hardcopy. Implement some kind of feedback loop - there is less tendency to steal from something you are a part of. Put a small team on the copyright case and when you find a particlarly egregious example, prosecute it to the full extent of both the law and the media. Most people are still basically honest and relate to the artists they like with respect. Very few will countenance outright stealing. If the underclass continue to pilfer - accept it as a cultural subsidy with the exception noted above.

If you want to be cynical about it then realize that at the point where commerce is made impossible by theft it will fail whatever you do, or at least it will stop being anything related to art.

And if you really have to develop something, put some money into writing a program that will actually play music on a computer, and keep it sorted, and such like functionality - all of the ones I have tried: Windows Media Player, Realplayer, iTunes - have user interfaces worthy of the inquisition.

Friday, November 11
BBC - Viruses use Sony anti-piracy CDs

That was fast! My goodness those evil hackers were quick! But the article doesn't mention that these viruses were found in the wild. Is the conclusion that the evil hackers and the good defenders are the same people? And are they are all drinking champagne at the expense of SONY and Microsoft?

Thursday, November 10
Reuters - Suit targets Sony BMG anti-piracy technology
TechWeb - Sony Copy Protection Called Spyware
(Text is in Comments.)

Sunday, November 6
Ai ai ai - SONY has unleashed a DRM (Digital Rights Management) virus. I say 'virus'; it is really more like mal-ware maybe; the techies call it a `Root Kit` (maybe SONY needs a root canal?); but, for me, 'virus' will do for now.

You can check it out at CNET; there is technical bumph at SysInternals; some general DRM information at Giant Steps; and, beyond DRM to CPRM at The Register.

Greed and power, power and greed; Contempt for consumers (quite naturally, since consumers qua consumers are generally concupiscent, slothful, and incontinent) and manipulation of consumers (again naturally, because they are so ... well ... tractable). The obvious response is a boycott - but that will so be painful. For me personally, it looks like SONY has got control of Bob Dylan - which would mean giving up the Search the Lyrics feature that I use very regularly. And a quick look at Wikipedia showed me that SONY has got very large ... HUGE ... chunks of the entertainment industry, which I do use - and often. Haha, here's a thought - I wonder how much of Google they own?

Maybe SONY will back down. Maybe the big retailers, Amazon, Barnes & Noble, and the like will have a word with them in the back room. But none of that seems very likely does it? They continue to purvey 'Regionally Coded' DVDs which amount to about the same thing, no?

The best I can say for now is that, hopefully, the hackers and the Spyware preventers will swing into action quickly and provide us with remedies.

One of the obvious questions is: how many artists and CDs are affected? This is easier asked than answered - the Search feature on does not tell you much, doing an Advanced Google limited to the domain works a little better but of course you get big numbers of hits with no way to tell how many of them are duplicates. I counted to about 20 before I gave up; based on the number of pages that Google reported and the number that I found etc. etc. I estimate 1,000 or so CDs are out there so far on Amazon. If someone has a better way of researching questions like this I would like to hear about it.

Here is my list for what it`s worth: Pretty Willie, Anthony Hamilton, My Morning Jacket, Antony Santos, Foo Fighters, Velvet Revolver, Backstreet Boys, Switchfoot, David Gray, Chris Botti, Alicia Keys, Kings of Leon, Natasha Bedingfield, Santana, 30 Seconds to Mars, Amerie ...

Dorothy Parker painted by Luis Quintanilla as Madame Defarge, the quintessential "list keeper", from Charles Dicken`s novel, A Tale of Two Cities.

(The Octopus painting is used with the kind permission of Lara at

Posted novembro 07, 2005 2:40 PM by Blogger Lara /  

I drew the octopus - I'm glad you like it! From Lara at

Posted novembro 10, 2005 12:20 PM by Anonymous Anônimo /  

Sony Copy Protection Called Spyware
By Gregg Keizer, TechWeb News
November 08, 2005 (4:01 PM EST)

Sony BMG's woes over its CD copy protection scheme continued Tuesday as a security company accused the entertainment firm of shoving spyware onto users' PCs.

By Computer Associates' account, the XCP (eXtended Copy Protection) technology failed 8 of the 22 tests it applies to determine if software is legitimate or spyware, and so it added the programs to its Pest Patrol spyware lists.

"Sony failed several different tests, each of which would have identified it as either a Trojan [horse] or a rootkit," said Sam Curry, vice president of CA's eTrust Security group.

XCP -- which was crafted by U.K.-based First4Internet -- has serious spyware personality traits, including a lack of consent, the omission of an uninstall routine, and most egregious, a hidden "phone home" feature that sends data about the user to Sony without the user's permission.

The software retrieves lyrics and updated album art automatically, but also, claimed Curry, the user's IP address. "This could also be used to determine [music] playing habits," said Curry. "And users aren't told any of this."

Hidden features and a lack of a clear end-user licensing agreement ( EULA) are traits of spyware, pure and simple, said Curry. "People are buying CDs, thinking they're getting content, when in actuality, the CD's changing the behavior of the user's computer."

Sony's even made a mess of providing a patch designed to make the copy protection files visible to security software. That update is, in fact, classified as spyware, too. "Not only does the patch not correct the root problem, it is itself spyware because it installs without notice and permission, and it can’t be removed."

According to one of the original discoverers of the Sony rootkit, the patch also can crash Windows systems when it's installed.

Curry said that his group was also digging into Sony's process for users who request an uninstaller because that has spyware characteristics as well. "The uninstaller is an ActiveX control, which is generally considered a security problem," said Curry, "but the removal process also requires users to give up personal information." That information includes their name, e-mail address, the albums purchased, and the places of purchase.

An unknown amount of data is also sent by the ActiveX uninstaller to First4Internet, claimed Curry, and the copy protection causes the system hard drive to read so frequently that it "becomes nearly constant, and could damage the hardware," he added.

"This isn't an issue about artists' rights, it's an issue about users' rights. The computer is more than a gloried CD player."

CA recommended that users disable Windows' Autorun feature for CDs to prevent the rootkit and other files from automatically installing. Directions for doing so can be found here. Curry also promised that PestPatrol will include detection and deletion of the offending software on Nov. 12. In other news related to Sony's under-siege copy-protection, an Italian organization called the ALCEI-EFI (Association for Freedom in Electronic Interactive Communications- Electronic Frontiers Italy) filed a complaint last week with Italy's cyber-crime investigation unit. ALCEI-EFI asked the head of the unit, Colonel Umberto Rapetto of the Guardia di Finanza, to identify the author(s) of the copy-protection software, because the Sony scheme broke several Italian computer security laws.