Sony, can you get any more STUPID?
Wednesday, 25. October 2006, 03:44:38
Posts tagged with "malware"
Spammity spam spam spam!
Tuesday, 2. May 2006, 04:30:45
Lately, there's been a spambot going around the Opera Community blogs.
The spambot has been spreading because of Opera Community's decision to disable "captchas" - images of distorted words that are meant to be easily read by humans, but almost impossible for machines to read. Captchas do present an extreme challenge to those who cannot view images - such as those using text-mode browsers, or those who are blind.
They have been replaced with a different type of Turing test - a yes/no question. So, a spambot has a 50/50 shot of getting it right. Not only that, but WillYum found out that the Turing test doesn't even work!
So, it's impossible to get wrong!
I personally feel that the captchas should be re-enabled - the accessibility issues can be worked around - for example, by providing a contact e-mail address for new accounts in which the user cannot read the captcha.
Several prominent members here have either had to disable comments, or disable anonymous comments, because of this. I personally have left ALL commenting enabled. Keep in mind, however, that spam will still be deleted.
If you see spam on ANY blog's comments (or, for that matter, a spam blog), report it in this forum thread.
The spambot has been spreading because of Opera Community's decision to disable "captchas" - images of distorted words that are meant to be easily read by humans, but almost impossible for machines to read. Captchas do present an extreme challenge to those who cannot view images - such as those using text-mode browsers, or those who are blind.They have been replaced with a different type of Turing test - a yes/no question. So, a spambot has a 50/50 shot of getting it right. Not only that, but WillYum found out that the Turing test doesn't even work!
So, it's impossible to get wrong!I personally feel that the captchas should be re-enabled - the accessibility issues can be worked around - for example, by providing a contact e-mail address for new accounts in which the user cannot read the captcha.
Several prominent members here have either had to disable comments, or disable anonymous comments, because of this. I personally have left ALL commenting enabled. Keep in mind, however, that spam will still be deleted.
If you see spam on ANY blog's comments (or, for that matter, a spam blog), report it in this forum thread.
Where's the rootkit cleaner?
Friday, 11. November 2005, 16:05:50
Hmm... I have a memo ready to fire off to every staff member at my school, and I've got one problem.
I don't have a URL for a quick, easy, start one program and go rootkit cleaner.
CA added the ability to remove the rootkit to PestPatrol, but that's not freeware, and it's not a single tool.
Sony has a form to uninstall the rootkit, but you have to give them your name, address, why you want to get rid of it, your firstborn, and your DNA to get access to the uninstaller. Oh, and it's tied to the one system that you filled out the form on. That's a total pain in the ass.
I need to get a way to get rid of this NOW, before the two trojans that exploit the rootkit infect systems that are under my control.
WHERE IS A SIMPLE TOOL TO REMOVE THE ROOTKIT?!?!?
Edit: I was attempting to explain that I was looking for a removal tool ala the tools that Symantec distributes to nuke specific viruses, when I realized something. I hadn't checked whether Symantec had a tool for this one.
Guess what? They do. Search over.
I don't have a URL for a quick, easy, start one program and go rootkit cleaner.
CA added the ability to remove the rootkit to PestPatrol, but that's not freeware, and it's not a single tool.
Sony has a form to uninstall the rootkit, but you have to give them your name, address, why you want to get rid of it, your firstborn, and your DNA to get access to the uninstaller. Oh, and it's tied to the one system that you filled out the form on. That's a total pain in the ass.
I need to get a way to get rid of this NOW, before the two trojans that exploit the rootkit infect systems that are under my control.
WHERE IS A SIMPLE TOOL TO REMOVE THE ROOTKIT?!?!?
Edit: I was attempting to explain that I was looking for a removal tool ala the tools that Symantec distributes to nuke specific viruses, when I realized something. I hadn't checked whether Symantec had a tool for this one.
Guess what? They do. Search over.
Ah, Sony, you're FUCKED!
Thursday, 10. November 2005, 14:53:59
First off, Computer Associates has added the Sony rootkit to the blacklist in their eTrust PestPatrol anti-spyware app. "eTrust", you ask? eTrust is the security suite that almost every major cable and DSL ISP in the USA gives away for free.
Now, there's lawsuits flying around, as well.
Slashdot is reporting that a group in California is going to try and nail Sony.
There are reports that a group in New York, which may be exempt from parts of the EULA, is also going to try and nail Sony.
In addition, the Associazione per la Libertà nella Comunicazione Elettronica Interattiva, or ALCEI (the Italian counterpart to the EFF) is going after Sony (bring a translator - I didn't actually read it).
Sony, prepare to rename yourself to $sys$Sony.
Now, there's lawsuits flying around, as well.
Slashdot is reporting that a group in California is going to try and nail Sony.
There are reports that a group in New York, which may be exempt from parts of the EULA, is also going to try and nail Sony.
In addition, the Associazione per la Libertà nella Comunicazione Elettronica Interattiva, or ALCEI (the Italian counterpart to the EFF) is going after Sony (bring a translator - I didn't actually read it).
Sony, prepare to rename yourself to $sys$Sony.
Even More Sony Stuff
Monday, 7. November 2005, 12:30:09
Hmm, I'm writing about evil Sony a lot...
Anyway, there's an updated post by Mark Russinovich. VERY interesting read. Especially the comments.
Now, for some more stuff...
Scary, isn't it?
Edit: Matti Nikki posted this update over on Slashdot:
Anyway, there's an updated post by Mark Russinovich. VERY interesting read. Especially the comments.
Originally posted by Matti Nikki:
Ohyea, another thing. This DRM system uses a blacklist to filter out what applications can and what can't read the CD. So, this doesn't protect the CD, but rather intends to break the listed software. To verify, use your hexeditor and you can locate the following list yourself:Interesting... the rootkit is dumb enough that you can use it to hide ripping software from it...
http://hack.fi/~muzzy/sony-drm-magic-list.txt
If you want a more concrete proof, try to rename your favourite ripping software as $sys$whatever.exe and then run it again. You'll notice that the DRM system can no longer detect it, and thus you'll get good copy of the track you try to rip instead of one filled with noise.
Now, for some more stuff...
Originally posted by "geek27":
Yet more PCs have been disabled as a result of malware. I wonder if this was the early work of F4I:
Brown Sugar [Copy Protected CD] [CONTENT/COPY-PROTECTED CD] [CONTENT/COPY-PROTECTED CD]
Various Artists
Copy protection VERY problematic, May 27, 2003
Reviewer: Joanne "Reader" (NY USA) - See all my reviews
I knew I wouldn't be able to copy selected songs to my PDA for my own private use when I purchased this CD so I have no complaints about that aspect of the copy-protection. I didn't expect to have a hard time playing it on a computer, however. The 'player' that's supposed to launch when you insert the CD into your drive is adequate *when* it plays. It took awhile to get the player and CD to do their thing the first time but it did eventually play. I had to restart my computer in order to use my standard player for other CDs and no CD is worth that much trouble. When I tried a second time the CD just plain wasn't recognized so I tried it on another computer and that CD drive completely disappeared from 'My Computer', the CD never loaded and now I'm wondering what kind of re-configuring I have to do there. And, guess what - it also proves occasionally problematic on my new CD player which supports mp3s. I'm not a computer newbie and it's not a matter of my not understanding. This is way beyond a minor inconvenience.
The copy protection has so soured me on this soundtrack I kinda loathe it and shy away from attempting to play it. From what I've heard, it's pretty good, maybe worth a 3.
source url:
http://www.amazon.com/exec/obidos/tg/detail/-/B00006JKCG/qid=1131294192/sr=1-1/ref=sr_1_1/103-1243566-0680626?v=glance&s=music
Originally posted by "CindyRilla":
@ Geek27 That "Brown Sugar" CD found on the Amazon link with that review you posted just bugged me as the record LABEL is MCA and this CD was released in Sept. 2002 – the reviewer wrote that in MAY 2003 (link: http://www.amazon.com/exec/obidos/tg/detail/-/B00006JKCG/qid=1131294192/sr=1-1/ref=sr_1_1/103-1243566-0680626?v=glance&s=music )
As I dug a bit deeper, I found this bit: "In 1995, Seagram Company Ltd. acquired 80% of MCA INC. and the following year the new owners dropped the MCA name; the company became Universal Studios, Inc. and it's music division, MCA Music Entertainment Group, was renamed Universal Music Group." (link: http://en.wikipedia.org/wiki/MCA_Records )
And in connecting the dots, First4Internet was founded in 1999 , and their clients include not only Sony but First4Internet's other clients - include Universal Music Group , Warner Music Group and EMI - using the technology. (link: http://www.whatsthedownload.com/music_news/archive58/index.aspx )
So I guess not only should we be concerned with SONY Labels and all it’s other record labels as posted by Gnomalarta earlier here,
but ANY company and their record labels of various names that has ANY involvement with First4Internet!
Scary, isn't it?
Edit: Matti Nikki posted this update over on Slashdot:
Originally posted by muzzy:
Just my luck, when I make it to slashdot it's something I've analyzed wrong. I tested to rename my ripping software to begin with $sys$ and it ripped it fine, but apparently something else was the deciding factor. I can't reproduce that effect!Hmm... interesting...
There's definitely something fishy going on, however, with two magic lists in the DRM system (one in installer, one in $sys$DRMServer.exe), and the drmserver scans running processes and open windows, testing them against those lists. So far I haven't figured what it does when it finds a match. The code is written in C++ and although I've found the function call, it's virtual and I need to figure which vtable is being used and it's bitchy without a debugger. I'm not going to run this crap on my development systems, and my test machine doesn't even have net access, too much work to setup debuggers on it just yet
Anyway, the lists for everyone to see:
http://hack.fi/~muzzy/sony-drm-magic-list.txt
http://hack.fi/~muzzy/sony-drm-magic-list-2.txt
The first one is from installer, the second from drmserver
More Sony Stuff
Thursday, 3. November 2005, 12:58:01
OK, update on the Sony DRM fiasco.
The Inquirer reported that Sony had released a "service pack" that removes the DRM. Good enough, right? Wrong. The Register then found out that this "service pack" simply disabled the file hiding features. However, that still means that the thing is burrowed quite deeply into Windows. L'Inq posted a follow up article, too.
I decided to Google "sony" today, and got this:
[img]http://img429.imageshack.us/img429/7020/sonydrmfirstresult5qk.th.png
Oh, and Sony is still evil!
The Inquirer reported that Sony had released a "service pack" that removes the DRM. Good enough, right? Wrong. The Register then found out that this "service pack" simply disabled the file hiding features. However, that still means that the thing is burrowed quite deeply into Windows. L'Inq posted a follow up article, too.
I decided to Google "sony" today, and got this:
[img]http://img429.imageshack.us/img429/7020/sonydrmfirstresult5qk.th.png
Oh, and Sony is still evil!
Assrape, brought to you in WEGA Color by Sony!
Wednesday, 2. November 2005, 17:44:47
Well, OK, not WEGA, but...
Take a look at this entry by Mark Russinovich of SysInternals.
Basically, Sony's using a rootkit to hide their DRM technology. However, this rootkit has been reported to cause system instability, and it also provides one hell of a loophole for other malware to get it.
It's also nearly impossible to uninstall.
I know that just about every site, whether it be a small blog like this, or a large site like Slashdot, is covering this.
Anyway, I'm going to propose two things, right now.
First, a blog attack on Sony by linking it to this blog entry.
Second, another blog attack, by linking various words to Sony. How about linking evil to Sony? Short and sweet.
Code for bulletin boards (like Opera Community, phpBB, vBulletin, IPB, and the like):
Code for web pages:
Take a look at this entry by Mark Russinovich of SysInternals.
Basically, Sony's using a rootkit to hide their DRM technology. However, this rootkit has been reported to cause system instability, and it also provides one hell of a loophole for other malware to get it.
It's also nearly impossible to uninstall.
I know that just about every site, whether it be a small blog like this, or a large site like Slashdot, is covering this.
Anyway, I'm going to propose two things, right now.
First, a blog attack on Sony by linking it to this blog entry.
Second, another blog attack, by linking various words to Sony. How about linking evil to Sony? Short and sweet.
Code for bulletin boards (like Opera Community, phpBB, vBulletin, IPB, and the like):
[url=http://my.opera.com/bhtooefr/blog/show.dml/55608|Sony[/url| is [url=http://www.sony.com|evil[/url|!(replace | with ])
Code for web pages:
<a href="http://my.opera.com/bhtooefr/blog/show.dml/55608">Sony</a> is <a href="http://www.sony.com">evil</a>!
Lance Ulanoff: WeatherBug Shill
Saturday, 22. October 2005, 03:07:46
Just read this, looking for something else:
WeatherBug Is Not Spyware
Then, read the comments, and watch as he gets pwned. Heck, the lead analyst of PC Mag's OS & Utilities team, Neil Rubenking, jumped in on the feeding frenzy.
So, a WeatherBug rep hops in, and misinforms everyone...
However, most of the people there were *JUST* smart enough to know that this guy was a total numbnut, and knew that WeatherBug sucked balls.
WeatherBug Is Not Spyware
Then, read the comments, and watch as he gets pwned. Heck, the lead analyst of PC Mag's OS & Utilities team, Neil Rubenking, jumped in on the feeding frenzy.
So, a WeatherBug rep hops in, and misinforms everyone...
However, most of the people there were *JUST* smart enough to know that this guy was a total numbnut, and knew that WeatherBug sucked balls.
Eric Rucker
Chat
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
 September 2008November 2008 | ||||||
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
Tags
- bhtooefr: updating my twitter for the sake of upda ...
bhtooefr: updating my twitter for the sake of updating my twitter
- bhtooefr: not failing any more :)
bhtooefr: not failing any more :)
- bhtooefr: and now I'm packing up the last stuff to ...
bhtooefr: and now I'm packing up the last stuff to leave... it's amazing how much you can fit in a Miata...
- bhtooefr: w0000000t can has TDIFest tomorrow!
bhtooefr: w0000000t can has TDIFest tomorrow!
- bhtooefr: sitting around doing nothing, lawl
bhtooefr: sitting around doing nothing, lawl
A proud member of the My Opera community. | Help | Disclaimer