Page 1 of 3
Sony's Rootkit BS
Posted: Sat Nov 05, 2005 4:00 pm
by pewterdragn
http://www.sysinternals.com/blog/2005/1 ... ights.html
How would you like Sony to remotely control your computer?
This has been cheesing me off all week so I thought I'd post it. If you aren't upset after you read this you should be.
Posted: Sat Nov 05, 2005 4:04 pm
by pewterdragn
Posted: Sat Nov 05, 2005 4:05 pm
by =A!M=NuGe
Seen it posted on ACDC forums as well. Very disturbing indeed.
Posted: Sat Nov 05, 2005 5:03 pm
by law.of.averages
So did you run a scan Dragon?
Posted: Sat Nov 05, 2005 6:20 pm
by pewterdragn
law.of.averages wrote:So did you run a scan Dragon?
I'm good. I don't run any software off music CDs and autoplay stuff is disabled on the Windows boxes. Linux is safe
Posted: Sun Nov 06, 2005 10:37 am
by pewterdragn
Posted: Mon Nov 07, 2005 1:32 pm
by law.of.averages
Dear Senator,
I’m writing you to express my concerns about the recent revelation regarding ‘root kit’ software that is being secretly installed on users’ computers when they agree to a misleading End User License Agreement from Sony / BMG.
According to recent research, said software uses the same techniques used by hackers to camouflage viruses, and other forms of mal-ware. Not only that, this software is so poorly written as to open the host system up to other, potentially more damaging attacks.
I work as both a software developer and network administrator for a Central Florida based company which creates applications used by the banking industry. Network security, and software security is an important part of my day to day thinking.
I want you to understand that the security vulnerabilities that Sony / BMG have inadvertently created are the kind that any competent hacker can fly a virtual 747 into.
I hope that you will urge the senate to look into this matter, but more importantly I hope that you will see the need for stronger and clearer legislation to protect users from companies that would use such underhanded techniques.
I urge you to read Mark Russinovich’s web-log entries regarding this software, and take heed his expert opinion on this matter.
Here are links to the relevant entries.
http://www.sysinternals.com/blog/2005/1 ... ights.html
http://www.sysinternals.com/blog/2005/1 ... aking.html
http://www.sysinternals.com/blog/2005/1 ... ernet.html
I thank you very much for your time and cooperation.
Sincerely,
Posted: Mon Nov 07, 2005 2:25 pm
by Houdini
Nice. Now did Mr. Senator hear from Nick Fiorello or was it the Law of Averages calling?
Posted: Mon Nov 07, 2005 3:20 pm
by Ace
Nice post, Law.of.helping.Senators.remove..their.heads.from.their.butts.
Next to asshats on the server, nothing pisses me off more then crap like this. Bottom line for me, that is no different then a virus, and everybody involved should have charges filed against them. Not only the people wrote that crap, but the ties who approved and came up with the idea for doing it.
I've bought Sony stuff in the past, but won't anymore just based on shaddy practices like this, their music division bully tactics, and their BS push for blue-ray. F'em.
On a side note though, I'm LOL'ing at them because instead of jumping on the MP3 wagon, they spent all their time fighting it, they jacked themselves completely out of that market. They got pwned by an almost down and out software company.
Posted: Mon Nov 07, 2005 5:10 pm
by law.of.averages
Houdini wrote:Nice. Now did Mr. Senator hear from Nick Fiorello or was it the Law of Averages calling?
I sent it as a registered voter... And I hope everyone here will do the same... (though you can leave out the part about working in Central Florida)
Posted: Mon Nov 07, 2005 7:59 pm
by pewterdragn
The good news is an Italian lawyer (equivalent to EFF here) is already filing suit against Sony!
Posted: Mon Nov 07, 2005 8:28 pm
by Houdini
law.of.averages wrote:Houdini wrote:Nice. Now did Mr. Senator hear from Nick Fiorello or was it the Law of Averages calling?
I sent it as a registered voter... And I hope everyone here will do the same... (though you can leave out the part about working in Central Florida)
Will do Law man.
Posted: Mon Nov 07, 2005 11:39 pm
by BeerNut
What a mess... And to top it off, apparently you can use the Sony's rootkit to hack online games:
http://www.theregister.co.uk/2005/11/04/secfocus_wow_bot/
Posted: Tue Nov 08, 2005 6:45 am
by law.of.averages
Yep... i'd hazard a guess it would work against anti-tcc as well...
Posted: Tue Nov 08, 2005 7:51 am
by Houdini
Holy crap I thought you were kidding BEERnUT! Well now that this dumb program is out there in the wild people have taken it apart and can write their own versions right? So I hope the anti cheat code guys are making this top of there lists or we are all going to see anoying asshats pwning people by bunnyhopping around with their LG's hitting shots like they are Stryfe playing a noob level bot thats out of ammo.
