Yet another reason to buy vinyl instead of CDs

Waiting for the first worm to exploit this and the wave of lawsuits against sony for the damages

If enough big businesses do this, we have the potential for a legal DDoS against Sony.

Is there secondary confirmation on this story yet?

The story has been all over the place, and the source doesn't seem to an unreliable one. The guy is one of the programmers for sysinternals. The original article can be found here:
http://www.sysinternals.com/blog/200...al-rights.html

-zac

i waver in my opinion on this, but at the moment i feel that anybody careless enough to allow a mere audio CD to auto-run code or execute anything from a data session track without their say-so deserves whatever havoc they get.

it's NOT HARD to bypass ALL on-disc protections, people. for a CD to be playable in all units it has to have data on it that is red book compliant.* that alone gives you the ability to pop it into ANY computer and (with proper settings) just view the audio data tracks.

no matter how advanced a protection is, you still have to execute a binary file for it to be loaded on a computer. this is like saying "there's a new pizza security device that will chop off the hands of anyone who didn't tip their delivery driver" and it amounts to a bear trap that comes in a second box, on top of the box with the pizza you ordered. sure, the jaws can be strong steel and the teeth sharp and the spring bar amazingly powerful... but you still have to open that second box and start fucking around with the contents for it to get you. any sane person would simply throw the top box aside, open the bottom one and help themself to a slice. Any introduction of the bear-trap security into the actual pie itself would make it no longer a pizza. Audio CD protections work the same way.

feel free to point out where i am wrong in my thoughts and/or how silly or delicious you found my analogy.

* i know that certain manufacturers were shipping discs a while back that were not, technically, red book compliant audio CDs. don't recall if they got slapped by the standards board (there was talk that they shouldn't be allowed to mark the discs with the "Compact Disc Digital Audio" logo) but i think this technique disappeared since the discs weren't playable in a wide variety of units

Update: I called Sony of American Music Division yesterday and first off asked for this conversation to be recorded then be given a reference number for future reference. I then requested to speak to someone in management that would have knowledge of Music Content and Packaging features. Kudos to Sony reps as I spoke with someone who not only spoke English but also was able to direct me to the right person the first time. My question to the manager (I was directed to) was whether or not that Sony Music was aware of the implications of packaging root kits in their music. The manager who was polite the entire time responded that it was in the best interest of Sony Music to do so and when queried about the potential to install hazardous code which could harm the machine She said she did not know enough about the subject to accurately give me Sony's position on the matter however she did say she would put in a customer complaint to their tech department about the matter. I asked her as a final question whether or not they had received many calls about this and after a sec she said yes. I then thanked her for her time and hung up.

Now I am wondering when the first lawsuit from this comes around will Sony claim Plausible Deniability or that their actions were in fact justified.

Maybe their CDs need to list minimum system standards required before we place them into our PCs. Usually software vendors so this so we won't whine when Server 2003 won't load with 4MB of RAM. I would very much like to know what software this may conflict with.

/. has a collection of responses posted where there appears to be a Sony-provided uninstaller for this:

By publishing an uninstaller, they may be partly admitting their software to be a problem, or they may be helping to build a legal defense. ...
(hypotheical)
"We can't be blamed. The EULA requires they use it, and we have an uninstaller if they decide they don't want it. They get to decide if they really want our product,"

http://www.securityfocus.com/brief/34

WoW users have confirmed that by using the rootkit capability of Sony's DRM, they can bypass "The Warden" features on WoW.

Dance puppets, dance!

The irony in that would be if Sony owns Blizzard who makes Warcraft.

This is like many securities: it will stop the people who wouldn't/didn't have the ability to abuse the original product- but not stop the people who would have abused the product anyway (to a certain extent anyway)-

I don't think you'll see *that much* of a net change in the copying/piracy/LEGAL BACKUP of your own stuff from this type of approach to the technology.

LosT

You are correct in this, my friend.. but remember.. grandma does not know to do this, nor does the average computer user. I can see how they would fall into this trap. Either way.. the fact that a company is installing sofware to 0wn someone's computer is outrageous..

That depends on whom they are attempting to curtail. If you consider the "enemy" to be the people who share their music collection with the entire world via the Internet, then Deviant is correct and this technology is impotent. If you consider the "enemy" to be the people who burn a copy or two for their friends and family members, then the technology is likely to be extremely effective. (Note that I ignore the fact that in the long view such technology ultimately drives people to seek a better product such as the free, burnable songs available from the first crowd.)

(If I remember correctly) It wasn't actually an uninstaller, it just makes the hidden files visable again, which doesn't fix the "break your computer if you remove them" problem.

From http://www.betanews.com/article/Sony...it/1130965475:
-zac