Full Disclosure mailing list archives
RE: the "Sony/BMG" virus
From: "Todd Towles" <toddtowles () brookshires com>
Date: Fri, 11 Nov 2005 11:13:06 -0600
I'm not sure what's more scary -- whether they have no idea what the impact of a rootkit is or that they know what a rootkit is and everything has been intentional and damage control-based. In all honesty, I'm not sure how they could have done what they did without the knowledge of how a rootkit works. Which, in my mind, leaves only one option...
The PHBs over at Sony have no idea what a rootkits is or what it can do, I know that. But you would guess the Sony programmers (if they even have programmers) know what is it and how it works, right? Umm, not sure. If you are a global billion dollar record company and you need DRM software for your record..you would go to a company that knows their stuff to make it for you. Fine, that is fair. So Sony uses First4Internet in the case of the XCP. Lets just pretend that First4Internet develops this root-kit hiding technology for the DRM and names the services in a way that could mislead the normal user. Would Sony just throw the software on millions of CD and ship them out without looking over the software first? I believe they WOULD HAVE to look over the software...as a step to protect their company from danger. With that in mind, they HAD to know what it does...perhaps they don't understand the security issues connected to it...but they will soon know about those all too well...
Very true, but to be honest... I hope that this triggers a DMCA battle. It will either invalidate a portion of the DMCA or show that the DMCA actually hurts normal people rather than helping them. We all know that the DMCA is too broad, and until now it's largely only hurt researchers and entrepreneurs. So I say let's let the whole thing circle the drain. Let's force the issue. Let's bring this to its ultimate extent. Maybe then we can get some real public outcry. Maybe then, when the vaunted ideal of capitalism, the sanctity of personal property, is being trampled by the corporate sector and the government, people will realize that the man behind the curtain does not have their best intentions in mind. Until then, I don't think that one can morally accept and go along with the actions of corrupt individuals. I say that if Sophos' removal tool is struck down, the international nature of the internet must be leveraged to ensure that the removal tools themselves can never disappear. Treaties only reach so far. What Sophos has done is honorable and just. They deserve our support... as does their cause in this case. It is important for people to control what is within their realm of property. What's next? TVs with CCTV cameras in them sitting on a wall in our apartments and only a small nook to hide in ourselves?
While I may not agree with all your views on socialism, I totally agree with ya. ;) They have stepped out of line IMHO and the people has a whole must not like companies go down this road.. -Todd _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: the "Sony/BMG" virus, (continued)
- RE: the "Sony/BMG" virus Fergie (Nov 11)
- Re: the "Sony/BMG" virus xyberpix (Nov 12)
- RE: the "Sony/BMG" virus Todd Towles (Nov 11)
- Re: the "Sony/BMG" virus Kenneth Ng (Nov 11)
- Re: the "Sony/BMG" virus bkfsec (Nov 11)
- RE: the "Sony/BMG" virus Aditya Deshmukh (Nov 11)
- Re: the "Sony/BMG" virus bkfsec (Nov 12)
- Re: the "Sony/BMG" virus Kenneth Ng (Nov 11)
- Re: the "Sony/BMG" virus Buford T. Pisser (Nov 11)
- Re: the "Sony/BMG" virus Greg (Nov 11)
- RE: the "Sony/BMG" virus Fergie (Nov 11)
- Re: the "Sony/BMG" virus bkfsec (Nov 11)
- Re: the "Sony/BMG" virus Valdis . Kletnieks (Nov 11)
- Re: the "Sony/BMG" virus Greg (Nov 11)
- Re: the "Sony/BMG" virus n3td3v (Nov 11)
- Re: the "Sony/BMG" virus Scott T. Cameron (Nov 13)
- Re: the "Sony/BMG" virus n3td3v (Nov 11)
- Re: the "Sony/BMG" virus xyberpix (Nov 12)