Shostack + Friends Blog Archive

 

Sony, Respecting Their Customer

sony.jpgOver at Sysinternals, Mark posts “Sony, Rootkits and Digital Rights Management Gone Too Far.” [Update: If that doesn’t work, try Sysinternals Blog (http://www.sysinternals.com/blog/); when I checked, it was the first post.] If you’re at all technical, read it closely. If you’re not, you should at least skim it. The story is that Mark (who knows more about Windows internals than many people at Microsoft) finds evil software on his hard drive, and it turns out that Sony put it there. As you read, look at chunks like:

A look at the Services tab of its process propertieds dialog showed it contains a service named “Plug and Play Device Manager”, which is obviously an attempt to mislead the casual user that stumbles across it in the Services MMC snapin (services.msc) into thinking that it’s a core part of Windows.

Ask yourself, is this the way you want someone to be treating you? Is this the way you want to be treated, as a Sony customer?

Also, how could I have missed “Use Sony DRM, Format Your Hard Drive?”

8 comments on "Sony, Respecting Their Customer"

  • Chris Walsh says:

    404. Should more be read into this?

  • Sam says:

    Wow, while I guess this was foreseeable, I am still stunned.
    I’m 45 and a long time consumer of music. I have a large collection of Compact Discs dating back to the mid-80s. I enjoy seeking new artists matching my tastes. (Which, sadly, are increasing difficult to find.) I’ve thought for some time that the music industry’s troubles are rooted in lack of quality product rather than rampant piracy. For the past few years, my fairly sizable music budget has gone mostly unspent.
    Unfortunately, I will now never be able to purchase music on a Sony label or allow a Sony branded CD anywhere near my computer. Sony has lost me as a customer. Period. I’ll have to reconsider my acceptable brands list when I buy my next flat screen TV.
    It’s one of the only way I know how to fight back.
    Do you suppose there’s an honest enough antispyware vendor out there who will enable non-kernel-hacks such as myself to easily detect such intrusions?

  • Adam says:

    Sam,
    Good for you. I looked for a Sony product to smash and take a picture, but all I have is a 10 or 11 year old phone. And some music on actual CD that I don’t want to destroy.
    I use a Mac, and so don’t (yet) have to worry about spyware. Wikipedia has a good page on spyware at http://en.wikipedia.org/wiki/Spyware and http://spywarewarrior.com/ seems to have good info. Also, I know several folks at Webroot — they’re good people, but I’ve never used their product.

  • Sony v. their customers – who’s attacking who?

    In another story similar in spirit to the Cuthbert case, Adam points to Mark who discovers that Sony has installed malware into his Microsoft Windows OS. It’s a long technical description which will be fun for those who follow p2p, DRM, music or window…

  • Sony v. their customers – who’s attacking who?

    In another story similar in spirit to the Cuthbert case, Adam points to Mark who discovers that Sony has installed malware into his Microsoft Windows OS. It’s a long technical description which will be fun for those who follow p2p, DRM, music or window…

  • Chris Walsh says:

    I’d love to see Ben Edelman take this one on. It truly is egregious.

  • Chris Walsh says:

    Via a private mailing list, I just learned that Windows Server 2003 SP1 will blue screen when tricks like those used by this SW are attempted:
    http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/BookofSP1/9e18ab61-d4f1-4c71-bade-64ac4d8bfc62.mspx
    (commented edited by cw for clarity)

  • I am an attorney in Chicago, Illinois. Some affiliated law firms and I are investigating a possible consumer class action against Sony Music Entertainment Corp. (???Sony???) for selling “CD???-like media encoded with the XCP2 copy protection scheme, without properly disclosing XCP2 copy protection program’s nature or effects on its users’ computers.
    If you or anyone you know has purchased a compact disc with the XCP2 copy protection program (apparently most of Sony’s releases since August 2005) and played or attempted to pay the compact disc on a Windows personal computer, you may have a claim against Sony and other parties. If you would like representation in this matter, please contact me at:
    Ethan Preston
    150 South Wacker
    Suite 2600
    Chicago, IL 60606
    (312) 346-8700 ex. 108
    ep -At- eplaw.us
    LAWYER ADVERTISEMENT
    Thanks to Adam for giving permission to post this here.

Comments are closed.