Re: the "Sony/BMG" virus

[bkfsec <bkfsec () sdf lonestar org>]

Todd Towles wrote:

> I agree with Barry 100%. If they are allow to contiune down this road,
> then all companies will follow (not just record companies). They should
> have never used kernel hooks, it is very clear they have no idea what a
> rootkit is and they have no idea how dangerous it can be for the normal
> user. Remind me why I should give them money again?
>  
I'm not sure what's more scary -- whether they have no idea what the 
impact of a rootkit is or that they know what a rootkit is and 
everything has been intentional and damage control-based.  In all 
honesty, I'm not sure how they could have done what they did without the 
knowledge of how a rootkit works.  Which, in my mind, leaves only one 
option...

> They treat us all like cattle, as Barry said. 
>
> Does this stop a person from getting the songs off BitTorrent? No
> Does this stop a person from ripping the songs off of the CD? No, use
> linux...noobs can even use a bootable Linux CD.
>
> So who is this act really hurting? Normal CUSTOMERS that paid money to
> buy a product they offer. 
>  
Quite true. 

> This outcome of this will hurt more than normal customers, it will hurt
> companies that do everything they can to protect their employees and the
> public from the danger. There was talk that the Sophos UnMasking Tool
> may be against the DMCA. WTF?
>
> Are you kidding me....forget the RIAA, buy Indie
>
>  
Very true, but to be honest... I hope that this triggers a DMCA battle.  
It will either invalidate a portion of the DMCA or show that the DMCA 
actually hurts normal people rather than helping them.  We all know that 
the DMCA is too broad, and until now it's largely only hurt researchers 
and entrepreneurs.  So I say let's let the whole thing circle the 
drain.  Let's force the issue.  Let's bring this to its ultimate extent.

Maybe then we can get some real public outcry.  Maybe then, when the 
vaunted ideal of capitalism, the sanctity of personal property, is being 
trampled by the corporate sector and the government, people will realize 
that the man behind the curtain does not have their best intentions in mind.

Until then, I don't think that one can morally accept and go along with 
the actions of corrupt individuals.  I say that if Sophos' removal tool 
is struck down, the international nature of the internet must be 
leveraged to ensure that the removal tools themselves can never 
disappear.  Treaties only reach so far.  What Sophos has done is 
honorable and just.  They deserve our support... as does their cause in 
this case.  It is important for people to control what is within their 
realm of property.  What's next?  TVs with CCTV cameras in them sitting 
on a wall in our apartments and only a small nook to hide in ourselves?  
I see no difference between that and what Sony has done...

            -bkfsec


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/