Archive for the 'Rootkit' Category

The only surprise is that it wasn’t Number 1

Wednesday, January 3rd, 2007

PC World: The 25 Worst Tech Products of All Time. The article covers 50 tech products that were so egregiously bad that they made the Hall of Shame for all time. Our favorite—Sony BMG music CDs—hit at number 5 on the list, behind AOL, the 1999 version of RealPlayer, Syncronys SoftRAM, and Windows ME. PC […]

And Florida

Wednesday, January 4th, 2006

Another investigation launched on the heels of Sony BMG’s settlement with the EFF and the New York class action suit: Charlie Crist, Florida’s attorney general, announces the opening of an investigation into the surreptitious installation of Sony BMG’s DRM software. The investigation number is L05-3-1157; no lawsuit … yet. Via Boing Boing.

Eliot Spitzer to Sony BMG: “Unacceptable”

Tuesday, November 29th, 2005

Also in Business Week Online today: New York Attorney General Eliot Spitzer is following up on reports that the XCP-infected discs are still widely available in retailers, and is sending a message to Sony BMG and to retailers that the discs need to be removed from shelves immediately. The article also suggests that Sony BMG […]

Post mortem of a screwup: what happened before Oct 31

Tuesday, November 29th, 2005

Business Week just posted an account of the internal communications among Sony BMG and First4Internet that sheds more light on the XCP rootkit foul-up, including the revelation that F-Secure warned Sony BMG in September that the rootkit existed and described the risk of exploits two weeks before Mark Russinovich went public. This is one of […]

Security through obscurity: First4Internet’s website offline

Friday, November 25th, 2005

Boing Boing: Rootkit arms-dealer takes website down. Remember that great website that the makers of XCP used to have that showed all the information about their product, including all those wonderful braggy press releases? All gone. In fact, no mention of XCP at all on the revised site, just contact information.
Hmm. Does this mean there […]

Buyer beware: XCP titles still on store shelves

Friday, November 25th, 2005

Chicago Tribune: Copy-protected Sony CDs still in stores despite recall. I was afraid this would happen, and said as much during my radio interview last week. It’s one thing to make a statement that you’re doing a recall, quite another to actually put the effort into ensuring that the channel gets the discs returned. Net: […]

Parody: I ♥ Rootkit

Tuesday, November 22nd, 2005

Are you thrilled to pieces with what Sony BMG has done to your computer? Do you like the thought of shredding your installed device drivers with uninstallable DRM that hides itself from you when you pop that Neil Diamond disc in your Windows XP box? Do you, for one, welcome your new corporate overlords? Well, […]

More stolen code in the XCP DRM

Thursday, November 17th, 2005

Slashdot: DVD Jon’s code in Sony’s Rootkit? This just keeps getting better. The previous stories that portions of the LGPL’d LAME code appeared in the XCP software from First4Internet, which Sony BMG has been forced to publicly disown and apologize for, appear to be the tip of the iceberg. There is new evidence (via Muzzy […]

Sony apologizes, withdraws uninstaller, not before shooting self in foot

Thursday, November 17th, 2005

I am starting to know what it must feel like to be in Sony’s PR department. Every time I think that this colossal shambling nightmare of Sony DRM has gone away, and that I can afford to take a morning without monitoring Google News for new developments, a half dozen things pop up.
Today it’s the […]

Running as Admin

Wednesday, November 16th, 2005

Mike makes an excellent suggestion in the comments for an often overlooked security measure. I’m going to reprint it verbatim:
The “what you should do” list… is a good idea. May I suggest a further item… “make sure anyone else using your machine uses a non-admin account.”
This malware won’t install on XP on a non-admin […]