Forgot your password?
typodupeerror
Sony Businesses Apple

Sony Music CD's Contain Mac DRM Software Too 399

Posted by CowboyNeal
from the no-one-is-safe dept.
brjndr writes "A MacInTouch poster has found that certain Sony CD's also contain a smaller extra partition for 'enhanced' content. Running one of the applications found within this partition installs kernel extensions containing DRM software by SunnComm. In Sony's defense you're told what is being installed within a EULA which pops up when the program is loaded. Thankfully we all read our EULAs completely."
This discussion has been archived. No new comments can be posted.

Sony Music CD's Contain Mac DRM Software Too

Comments Filter:
  • Think different... (Score:5, Interesting)

    by Space cowboy (13680) * on Friday November 11, 2005 @02:45AM (#14005593) Journal
    [See my journal entry [slashdot.org] for my previous comments on this]

    To summarise: it's impossible to protect against truly clueless users without severely inconveniencing everyone else, but Mac OS X at least lets you know something dodgy is going on (a request for administration rights, just to play a CD, say what ? No *other* CD's needed that!) I guess it helps to have gorms, though...

    THM: It's a difference in attitude. It *does* make a difference.

    Simon
    • After a short while, typing in your password becomes as much of an unconscious acticity as pressing "OK" on a dialog box. I think we need blinking lights, horns, mandatory timers, and permission from your sysadmin before you can do anything stupid.
      • by Space cowboy (13680) * on Friday November 11, 2005 @02:50AM (#14005622) Journal
        Maybe there ought to be a question when you set up your mac - "rate yourself on a scale of 1-10 on how good you are with computers, and we'll adjust the system alerts accordingly"...

        I'm not *so* sure about the after-a-while thing though - I'm struggling to remember any time I had to type in the sysadmin password when I wasn't installing software. If I equate that action with installing stuff, and all I've done is put a CD in to play the damn thing, I'd be pretty curious as to why... Maybe that's just cynical old me, though...

        Simon
        • by SnowZero (92219) on Friday November 11, 2005 @03:21AM (#14005741)
          Maybe there ought to be a question when you set up your mac - "rate yourself on a scale of 1-10 on how good you are with computers, and we'll adjust the system alerts accordingly"...

          You'd have to make it more of a quiz. After all, there's a lot of people that think they know everything but who really don't have a clue (Go to your local computer shop if you don't believe me). It could be pretty funny:

          (1) what does RAM stand for?
          (2) what is 0xF?
          ...
        • Memories... (Score:4, Funny)

          by way2trivial (601132) on Friday November 11, 2005 @03:23AM (#14005748) Homepage Journal
          Oh christ, you just reminded me of something-- a great recollection....

          My original //e had some lame-ass program to "meet the machine", it had routines to deal with typists who cheated by using l's for ones s and o's for zeros... if you did this, it went into this little diatrabe about how "to a computer, a 0 and an o are very different things"
            Snort...
          • Re:Memories... (Score:5, Interesting)

            by cvdwl (642180) <cvdwl someplace around yahoo> on Friday November 11, 2005 @04:28AM (#14005975)
            My original //e had some lame-ass program to "meet the machine", it had routines to deal with typists who cheated by using l's for ones s and o's for zeros...
            Cheated, hell! My first ... TYPEWRITER (yes, mechanical, yes, really, no power cord... no "correction paper", either) ... didn't have a "1" or "0" key, it expected you to use l and O. I remember being confused by this the very first time I tried to type on it.

            I'd really like to get my hands on one of those now. I sort of miss slapping it upside the carriage every time you were finishing a line. And a typo at the end of a page REALLY hurt.

        • by ryanr (30917) * <ryan@thievco.com> on Friday November 11, 2005 @03:30AM (#14005767) Homepage Journal
          I'm struggling to remember any time I had to type in the sysadmin password when I wasn't installing software.

          That's the problem. Clueless mac user is probably expecting to be installing software about then. The CD told them they need a player to see the dancing pigs, for example.
          • by @madeus (24818) <slashdot_24818@mac.com> on Friday November 11, 2005 @04:30AM (#14005984)
            That's the problem. Clueless mac user is probably expecting to be installing software about then. The CD told them they need a player to see the dancing pigs, for example.

            You don't need to authenticate to install applications on Mac OS X. Installing applications - like Microsoft Office - involves just dragging the application (or the folder it's in) from the CD into the Applications folder on your hard disk. Even things like Real One Player and Windows Media Player work this way.

            When you do actually get a dialog, Mac OS X also tells you what permissions are being requested on the password dialog (e.g. full admin access, or just permission to modify a specific system setting, etc) as well as which application is requesting the permission. In reality, most of the time people see a dialog in Mac OS X which requires authentication, it's because of an interaction with the OS itself (such as changing a system setting) that the user has just performed.

            If a users sees an Application (including plugins) requesting this sort of permission that should really ring alarm bells. Only things like new drivers (e.g. for that new camera you just bought) should be asking for things like that.

            It's fair to say here is room for some improvement in the dialog in that it should better reflect this (perhaps rasing a more severe looking alert when it's anything other than the OS or bundled Application requesting any sort of privileged access, which explains something along the lines of the previous sentence).

            On the subject, it could do with some means of forgery protection (things like an embedded image in the window have been suggested) so that you can better trust it's an authentic authentication dialog. If your paranoid.

            Technically Windows allows for roughly this sort of behaviour too (that is, you should never need admin permissions to install a regular application) but the large number of badly written installers - combined with the lack of a K.I.S.S. approach in the OS - seem to have conspired to make admin level access madatory for even the most mundane tasks.

            I bet if vendors (and I include both Apple and Microsoft in that) implimented privilage dialogs that were scary and intimidating enough to users (perhaps with a default action of 'deny') 3rd party application developers wouldn't ask for them unless they really needed those permissions.

            • I bet if vendors (and I include both Apple and Microsoft in that) implimented privilage dialogs that were scary and intimidating enough to users (perhaps with a default action of 'deny') 3rd party application developers wouldn't ask for them unless they really needed those permissions.

              Still, that'll never solve the problem of the user getting used to it. "WARNING: Email attachments may contain viruses! Are you sure you want to download nakedjlo.exe??????" "Duuuh...well it must be OK, my friend sent it t

            • by arminw (717974)
              ....involves just dragging the application (or the folder it's in) from the CD into the Applications folder ....

              For an ordinary user, the Mac ALWAYS asks for an admin password in order to make any change to the Applications folder. If the user is dumb enough to be logged in as an admin, then it does not. Making every user only a standard user goes a long way towards preventing a messed up system. A regular user can still install some, but not all programs in their own user space. However such installs will
              • by @madeus (24818)
                For an ordinary user, the Mac ALWAYS asks for an admin password in order to make any change to the Applications folder.

                This somewhat misses the point that if your dragging an Application into the "Applications" folder and your asked for a password, it's absolutely clear why the system (note: not the application) is asking you for a password. A kernel driver or global startup item can't somehow magically install itself when your only dragging a folder.

                As already pointed out, having admin privilages on your a
            • by vertinox (846076) on Friday November 11, 2005 @10:48AM (#14007760)
              You don't need to authenticate to install applications on Mac OS X. Installing applications - like Microsoft Office - involves just dragging the application (or the folder it's in) from the CD into the Applications folder on your hard disk. Even things like Real One Player and Windows Media Player work this way.

              I would also like to point out that even when you are dragging and droping apps into the Apps folder it will prompt you once to say "You are about to run (application name) for the first time. Are you sure you want to do this?" which is a pretty good fail safe for programs that are trying to run silently.
        • by Anonymous Coward
          Maybe there ought to be a question when you set up your mac - "rate yourself on a scale of 1-10 on how good you are with computers, and we'll adjust the system alerts accordingly"...

          The full details would have to always be readily available, if behind a "Scary Computer Words" button. If novices have a problem, they should be able to give all the information to a sysadmin or tech support, even if they don't understand it.

        • by josephdrivein (924831) on Friday November 11, 2005 @04:05AM (#14005889)
          "rate yourself on a scale of 1-10 on how good you are with computers, and we'll adjust the system alerts accordingly"...

          Think what a hell would become the customer support: everytime something happens the system may respond to the user in 10 different ways.

          And if a user logs into another mac (at Internet café, library, university etc..), she well have to know if it's configured for dummies or super-geeks or whatever. I may even add that as she gets used to her mac she will want to try to step to the next level, but the user has to learn again how the system behaves.
          And so on.

          It has been proposed more than once, but I doubt it will be ever implemented, as it is a usability nightmare.
      • by npietraniec (519210) <npietran.resistive@net> on Friday November 11, 2005 @03:10AM (#14005707) Homepage
        If you use a mac, you'll find that you type in your password far less than you might think you would. I don't do it that often, I don't think I'm that desensitized... I don't do it that often on my linux boxes either. My roommate however tried to set up a non-admin account on his windows computer and found it impossible to get any work done without changing over to admin all the time... Worse yet, things would fail mysteriously without any inidication of what the problem was "why can't I delete my documents on my external harddrive?!?!" He was just complaining about that today.
        • by Jezza (39441) on Friday November 11, 2005 @04:17AM (#14005934)
          This is very true - very little Windows software can cope like this, now Windows Vista (aka Longhorn) will work like this by default, so I expect LOTS of software to fail for this reason alone. Hopefully once everything get updated for Vista we can run our XP boxes in this mode too (which will be much better.

          Someone was saying that you get so used to typing your admin password on OS X that you just do it as a reflex - that hasn't been my experience. This simple change represents a great improvement over Windows XP.

          In the case of the Sony DRM I think it quite likely that Mac OS X users will find the request for their admin password "odd" - and hopefully a significant number would refuse to give it.

          Of course some will as we all tend to trust "big names", maybe that's the real lesson here - Sony can be as evil/stupid as anyone else. And if you can't trust Sony, who can you trust?
          • Jezza, this is not intended to be a personal slam on you. It's more of a general comment.

            This is very true - very little Windows software can cope like this, now Windows Vista (aka Longhorn) will work like this by default, so I expect LOTS of software to fail for this reason alone. Hopefully once everything get updated for Vista we can run our XP boxes in this mode too (which will be much better.

            Hope seems to spring eternal in the MS windows world. I've been hearing people say essentially the same th

            • by Phisbut (761268)
              Hope seems to spring eternal in the MS windows world. I've been hearing people say essentially the same thing since NT3.5. It hasn't happened yet, and unfortunately I don't believe it's going to happen with "vista" either.

              And the reason why it's not going to happen is games. Any game that is available today will simply not run in user mode, be it XP or Vista, simply because their copy-protection schemes require access to some files and registers that a regular user should never have access to. When people

        • by onlyjoking (536550)
          Exactly. Doze software often won't work unless run from an Admin account. I recently installed a Belkin wireless card for a client and it wouldn't work when the user accounts were set to Limited User. Changed to Admin and everything ran fine. Another machine with Limited User accounts gave popup error messages at login generated by a USB webcam. Switched the account to Admin and all was fine. It's ****ing madness. You have software developers who seem not to be aware of the basic architecture of the platfor
      • by tm2b (42473) on Friday November 11, 2005 @04:07AM (#14005892) Journal
        No, it doesn't.

        You are not often challenged for your password in Mac OS X. The default installation location is /Applications, which is mode 775 (meaning users can create items in the directory, but not alter files owned by someone else, including root). Most installs you simply drag an item into the Applications folder.

        If something's asking you for your password and isn't (a) your security manager wanting to fetch your keychain for a website, or (b) something that should be installing drivers, be very worried and don't type your password until you understand exactly what it's doing. My mother has to type her password so infrequently on Mac OS X that she can never remember what it is.

        Even Microsoft Office is a drag-and-drop-to-install application (as well as being a drag), ferchrisakes.

        (and mods, please mod parent down for using Andrew Tanenbaum's [wikipedia.org] name).
        • by tricorn (199664)

          In 10.3, the group for /Applications is admin, so only user accounts that are set to be Administrators can install or remove applications. Maybe they changed this in Tiger. All of the applications I looked at are also modifiable by group admin. That's why I tell people that they should set up an administrator account, and disable it for themselves. The obvious user name, admin, is blocked by Apple's account administration routines, though (you can create it as your initial user in 10.3, but they stopped

          • by hunterx11 (778171)
            On OS X, an administrator may modify files in /Applications and /Library and may sudo as root for any command. That's pretty much the long and short of it. There is no reason not to use an administrator account for day-to-day use, nor is there any reason to disable it. You probably shouldn't login as root, but root login is disabled by default anyway.
            • by tricorn (199664)

              All of the applications in /Applications are writable by group admin. That's a huge security problem.

              /Library and a lot of stuff underneath it is writable by group admin. That's Internet plug-ins, printers, trusted certificates, help files, scripts, some frameworks, stuff in Application Support - a lot of stuff points things at executables, or has scripting capabilities, or is otherwise assumed to be trusted.

              Much of the stuff in /Developer is writable by admin. That means something could do a sneak att

      • by arminw (717974) on Friday November 11, 2005 @07:49AM (#14006718)
        .....After a short while, typing in your password becomes as much of an unconscious acticity as pressing "OK".....

        That's why most users around here don't KNOW the admin password. When we set up brand new Macs for others, we always make at least two accounts. One for administration and the others for everyday normal users. Users who must be given the admin password are admonished NEVER to give that password unless they are expecting to be asked for it when installing or upgrading software. So far, none of them has been hit with any shady programming because of this. Unlike our Windows users, the Mac users can do everything they need to without even knowing the admin password.

        This should work in most homes, where the parents are the only one who know the master password. That way the kids can't so easily mess up the whole computer. ALL games even work just fine without the master password, once they are properly set up.
        • by Mr Guy (547690)
          This should work in most homes, where the parents are the only one who know the master password. That way the kids can't so easily mess up the whole computer. ALL games even work just fine without the master password, once they are properly set up.

          I realize that since you are in IT, you probably do some kind of drugs, but this statement seems over the top. Maybe you accidentally reversed it, because on the last informal survey I've done, it's often kids who need to keep their parents away from trying

      • After a short while, typing in your password becomes as much of an unconscious acticity as pressing "OK" on a dialog box. I think we need blinking lights, horns, mandatory timers, and permission from your sysadmin before you can do anything stupid.


        This is why I still use su instead of sudo. There's just something about typing in the root password and handing over the keys to my box that makes my sphincter pucker.
  • by jx100 (453615) on Friday November 11, 2005 @02:45AM (#14005594)
    I think the fact that it asks for your password on install should throw up *some* sort of red flag. And tosses in a rather easy way to get past the DRM.
  • a request for administration rights Oh, yeah I love to have to be root to play a CD...
    • by Bananatree3 (872975) * on Friday November 11, 2005 @02:57AM (#14005658)
      YOU may not even consider such an idea, but not everyone is so tech-savvy. Think of all the Joe users out there...

      Joe user: What's this I see? I have to enter my password to play a music CD? Oh no biggy, its just a music CD. What harm could it do?

      That is my concern. The average user sees it comes from Sony, a "trustable" company, and doesn't give it a second thought. A very lethal combo
  • by radicalskeptic (644346) <tritone AT gmail DOT com> on Friday November 11, 2005 @02:47AM (#14005607)
    According to the comments on the linked page, you have to type in your name/password after agreeing to the EULA. This is really non-standard and hopefully will set off alarms in people's heads when they wonder why they have to do that (OS X doesn't ask for your password often). But something tells me most users will just go ahead and give the app free reign anyway. Not that I blame them, you'd expect to be able to trust Sony, a freaking huge "legitimate" corporation for Pete's sake.
    • Well, there are bound to be users that will do exactly that, but with the recent publicity that Sony's rootkit has received, I think people will more than likely think twice before typing in their password after they pop in a Sony CD to be played. I think the media coverage (not to mention the lawsuit) has made people very wary of Sony and Sony CD's in general. While there's likely a good number of Mac users that switched from Windows to avoid the security problems of the latter, and really are no better th
  • Make a fortune (Score:2, Interesting)

    by ReformedExCon (897248)
    Business idea:

    Customers buy DRM CDs and hand them over to you. You give them back a copy of the CD with the DRM removed, for the cost of the blank CD and a small service fee. Hold onto the original CD with customer records as evidence that the customer bought the CD and has the right to copy for personal use.

    Not workable?
    • Re:Make a fortune (Score:5, Interesting)

      by gcatullus (810326) on Friday November 11, 2005 @02:56AM (#14005653)
      Reasonable, yes, but legally workable not really, at least according to Sony. The sony eula says you must destroy any and all fair use copies of the music you possess, if you are no longer in possession of the actual cd. What a concept, your car gets robbed, you get cds stolen and then SONY makes you delete any copies you may have. I'd love to see it in court.
      • It's not just the EULA- it's always been upheld, for all forms of media, that you do not have the right to retain a copy of media you gave up through a commercial transaction. This is a far more reasonable doctrine that would protect you in the car theft example, but you couldn't make a business out of copying CDs as the GP suggested even if the EULA was struck down or not present.
      • by sr180 (700526) on Friday November 11, 2005 @09:33AM (#14007211) Journal
        Hows this..
        A mate installs a Windows XP OEM version onto a PC. Activates it and everything is sweet. A few days later his pc is stolen. So he buys a new PC, because he still has the Windows XP CD, the manual, the license and all the little stickers, he goes to install it on the new PC. It wont activate. He rings Microsoft. They refuse to activate the software since its been activated on another pc, and that violates the OEM license. They suggest he reports it to his insurance company as stolen and they can pay for a new license.

        So they encourage him to commit insurance fraud as the software has not been stolen, because he has all the software and the licenses to run it.

  • daft... (Score:4, Insightful)

    by Phil246 (803464) on Friday November 11, 2005 @02:48AM (#14005613)
    are sony that determined to bury themselves?
    Surely, they realise that its only going to create a backlash against DRM if they continue this nonsense?
    • Re:daft... (Score:5, Insightful)

      by dorkygeek (898295) on Friday November 11, 2005 @03:01AM (#14005669) Journal
      Joe Desktop doesn't care and simply installs whatever malware is needed to listen to the cd.

      • Re:daft... (Score:3, Interesting)

        by sgant (178166)
        The thing is, Joe Desktop is getting bombarded now with this story all over the main stream press. Heck it was even in my local Podunk newspaper!

        I see this beginning to be the backlash of DRM for the average "Joe Desktop". Especially when the media is throwing in the scary worded "root kit" voodoo around.
    • With luck (Score:4, Insightful)

      by jd (1658) <.imipak. .at. .yahoo.com.> on Friday November 11, 2005 @03:02AM (#14005674) Homepage Journal
      It will not only bury Sony, but also the DMCA (which actually prohibits you from de-installing the DRM code or even detecting that it's there) and will possibly cripple the credibility of the RIAA, who have been the main driving-force for DRM and the DMCA.
    • Re:daft... (Score:3, Insightful)

      by adrianmonk (890071)
      are sony that determined to bury themselves?

      Well, they are still using Memory Stick in cameras, laptops, etc. even though it's clear that SD Card has won that battle. Sony is weird like that. The seem to have an attitude that since they are such a big electronics manufacturer that they can single-handedly define industry standards.

      (But if that were true, we'd be talking about copy-protection on Minidisc, not CD...)

  • bondage (Score:4, Funny)

    by heatdeath (217147) on Friday November 11, 2005 @02:48AM (#14005614)
    Man, actually buying online music is starting to look more and more like S&M. I can hardly wait 'till they come out with CDs that come with shackles that have to be worn while listening to the CD.
  • Jesus (Score:4, Insightful)

    by KingVance (815011) on Friday November 11, 2005 @02:50AM (#14005620)
    Boy it seems like sony is just running around pissing everybody off...

    Well, I for one pledge to no longer purchase any sony products. Nor will I buy online music from sony, purchase any games, or watch any sony movies until they stop being overbearing assholes with their stuff.

  • Illustrates why... (Score:5, Insightful)

    by rsborg (111459) on Friday November 11, 2005 @02:50AM (#14005625) Homepage
    the basic OSX security of "Administrator == sudo rights" as opposed to the Windows approach of "Administrator == anything goes" really does make a difference. In the windows portion, Sony just ignores the user and installs all sorts of crap (using autorun)... but on the Mac side, they have to play nice, or the user will not be "convinced" to enter their password to install the software.

    Who knows how evil the DRM is, once the install is made, but jeebus... talk about an issue of trust (just for the installer)!

  • I know it's off topic but google isn't helping any.

    Is there any DRM on the Star wars : episode 3 DVD? I know the movie files are encoded but i mean rootkit type DRM bullshit.

    Thanks.
    • I'm reasonably sure the answer is "no." If it did, everybody on slashdot would be constantly bitching about how they aren't going to buy it.
  • Even more thankfully (Score:5, Informative)

    by Have Blue (616) on Friday November 11, 2005 @02:52AM (#14005629) Homepage
    Autorun is turned off by default on Macs, and there's never a good reason to turn it on. There's no way this could interfere with the usual insert/launch iTunes/click Rip method most people use.
  • by fitchmicah (920679) on Friday November 11, 2005 @02:52AM (#14005632)
    This is a sign that Mac OS X has a large enough userbase for Sony to worry about Mac users stealing music.
  • by Deep Fried Geekboy (807607) on Friday November 11, 2005 @02:56AM (#14005649)
    Fuck 'em. Really. In the ass. With a chili pepper.

    In the past I've made a point of buying stuff I liked, either on CD or from an online retailer (iTunes).

    Well, Sony just lost my business. And fuck them if they think I am going to subsidize this bullshit.

    Goodbye Sony. Hello allofmp3.com.

    If you walk the corridors of Sony Music right now all you can hear is the sound of a toilet flushing.

    • Well if your going to get music online, I see no difference between getting it for free off of bittorrent or paying for it from allofmp3.com.
      Either way the Music execs get nothing (nor the artists ) and it is fairly unofficial.

      I don't think I will ever buy another Sony CD again .I want to pay for music, I don't however want to spend my time removing kernel extensions , My time costs money .Sure right now I could rip it with Linux or FreeBSD, but it is only a matter of time before they try something there
    • Goodbye Sony. Hello allofmp3.com.

      Ah, yes... Giving credit card numbers to (essentially) unknown foreign agencies that claim to be completely legal. I'm curious if there's a middle ground in there. Perhaps VISA gift cards? Set spending limit, so if they steal your number, they only get your $25 music money? Would that work?

      Now that this sort of thing is coming to the Mac, I'll start to think about it more seriously... Given the lax attitude some of us Mac fanatics take to antivirus, one rootkit and one
  • So, when is Sony finally getting that HURD module running?

  • by Anonymous Coward on Friday November 11, 2005 @02:57AM (#14005655)
    So, in effect, your computer is at less risk if you download Sony published music from peer to peer networks than if you try to play your Sony CD on your computer. Where's the value proposition?
    • So, in effect, your computer is at less risk if you download Sony published music from peer to peer networks than if you try to play your Sony CD on your computer.

      OK, here are the options you have.

      Sony CD: Contains very poorly written DRM that may forever screw up your machine.
      P2P: Spend days sifting through partial, corrupted and poorly named files to get the CD you want, risking viruses, lawsuits and your entire Saturday afternoon.
      Online music stores (iTMS, allofmp3): Cheaper than a CD, quicker and s
  • autorun (Score:4, Informative)

    by minus_273 (174041) <(moc.oohay.MAPS) (ta) (aaaaa)> on Friday November 11, 2005 @03:02AM (#14005673) Journal
    the summary fails to mention that OSX has no autorun. There is no way it can install something behind your back like windows does.
  • EULA (Score:3, Informative)

    by speeDDemon (nw) (643987) on Friday November 11, 2005 @03:03AM (#14005678) Homepage
    We may not all read our EULA's. However I have found the following software EULAlyzer [javacoolsoftware.com] really handy in highlighting important items in the EULA.

    Its not a substitute for truelly reading the whole EULA, however I find it good at helping me and my customers identify 'dodgy' software.

  • by Anonymous Coward on Friday November 11, 2005 @03:13AM (#14005721)
    Why not find the names of the individual programmers who coded these rootkits, and make sure they're unable to ever get a job ever again? It was perfectly reasonable to keep Communist sympathizers out of Hollywood and government when Senator McCarthy went on his crusade -- why not keep DRM sympathizers out of the programming industry? Treat them like shit, refuse to hire them anywhere, and make them unable to ever afford food and shelter ever again without humiliating welfare subsidies.

    Of course, criminals will always hire criminals; a thief will always have a chance at getting hired by the Mafia, so I don't expect this will completely work. Computer companies that have overgrown beyond their event horizon of personal responsibility such as Sony and Microsoft will always be a haven for crooks and guttersnipes. But every responsible company still around should outright refuse to hire anyone who's ever knowingly developed anything related to DRM; conduct background checks on every potential employee's employment history and slam the door in the face of any DRM sympathizer looking for a job.
    • .. I'd call it professionalism.

      I've never been so hungry that I would write code like that. If the ethical situation of a job makes you uncomfortable, leave it. That actually plays pretty well while interviewing for your next job. At least for any job you actually want.

      Speaking as someone who has actually done quite a bit of engineering hiring, I can say that I do filter people by where they have chosen to work before. I learned that lesson by bitter experience. People joke about "resume stains", but l
  • Linux port? (Score:5, Funny)

    by SnowZero (92219) on Friday November 11, 2005 @03:18AM (#14005735)
    When can we expect Linux support? I'd like to think that Linux is big enough now to demand proper support from Sony, just like Windows and OSX.
  • I was wondering when we will have our daily Sony DRM story!
  • by Ripper (26784) on Friday November 11, 2005 @03:45AM (#14005816)
    I just renewed my living-room home-entertainment system for almost 5000 euros. The two finalists were a all Sony set vs. Panasonic + Harman Kardon + Infinity. Guess which finalist got my money after reading up on the Sony DRM scheme... Yep, I'm a happy Panasonic+HK+Infinty owner. Added a One-for-All remote and the functionality is pretty much the same as using a complete set from the same vendor.

    And this was definitely the last time I even consider Sony. Forget the new Playstation, if I have to choose from the two bad options M$ vs. Sony my money goes to M$ in this case.

    As big a fan as I am of the Van Zant brothers, I just can't think of buying the album after all this. Luckily it was available without DRM somewhere else. It's a shame for the artists though, they didn't get thei $0.50 or whatever they make per sold CD.

    I know my 5000 doesn't bankrupt Sony but if more of us start voting with our wallets maybe they will realize they can't keep on shafting customers every chance they get.
  • by bennomatic (691188) on Friday November 11, 2005 @03:59AM (#14005865) Homepage
    ...but maybe Apple's right on the money with their "tamper-resistant software." Forget about hackers and pirates; I don't want $ony taking over my machine.

    It may sound paranoid, but once they start messing with the kernel, you really don't know what they're going to do...

  • I love how they lie (Score:3, Interesting)

    by dtd33inc (857957) on Friday November 11, 2005 @04:00AM (#14005875)

    "November 8, 2005 - This Service Pack removes the cloaking technology component that has been recently discussed in a number of articles published regarding the XCP Technology used on SONY BMG content protected CDs. This component is not malicious and does not compromise security. However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers. Please note, Service Pack 2a is a maintenance release designed to reduce the file size of Service Pack 2. It includes all previous fixes found in Service Pack 1 and Service Pack 2."

    http://cp.sonybmg.com/xcp/english/updates.html [sonybmg.com]

    HMM it does not compromise security? It installs a root kit, then it lets people hide a trojan on your computer. Who needs sony anyway, I have my game cube and X-box.
  • by MadMoses (151207) on Friday November 11, 2005 @04:35AM (#14005991) Homepage
    ...and it runs much snappier!
  • by bluelarva (185170) on Friday November 11, 2005 @06:16AM (#14006365)
    Well.. Let see... I will NOT be buying the following:

    1. Sony music CD's
    2. Sony HD TV
    3. Sony Playstation 3 and games
    4. Sony Bluray DVD player
    5. Sony Ericson phones
    6. Sony VAIO laptop
    7. Sony DVD burner
    8. Sony digital camera
    9. Sony video recorder

    The only way Sony will regain my trust is if they were to:

    1. publically admit that what they did was wrong
    2. put a link on sony.com to a page explaining what exactly happened and provide software to uninstall the rootkit
    3. recall all CD's on the shelf containing rootkit DRM
    4. offer replacement CD's to all customers
  • by bitkari (195639) on Friday November 11, 2005 @07:22AM (#14006601) Homepage
    Trey Anastasio, Shine (Columbia)
    Celine Dion, On ne Change Pas (Epic)
    Neil Diamond, 12 Songs (Columbia)
    Our Lady Peace, Healthy in Paranoid Times (Columbia)
    Chris Botti, To Love Again (Columbia)
    Van Zant, Get Right with the Man (Columbia)
    Switchfoot, Nothing is Sound (Columbia)
    The Coral, The Invisible Invasion (Columbia)
    Acceptance, Phantoms (Columbia)
    Susie Suh, Susie Suh (Epic)
    Amerie, Touch (Columbia)
    Life of Agony, Broken Valley (Epic)
    Horace Silver Quintet, Silver's Blue (Epic Legacy)
    Gerry Mulligan, Jeru (Columbia Legacy)
    Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
    The Bad Plus, Suspicious Activity (Columbia)
    The Dead 60s, The Dead 60s (Epic)
    Dion, The Essential Dion (Columbia Legacy)
    Natasha Bedingfield, Unwritten (Epic)
    Ricky Martin, Life (Columbia)

    from the eff [eff.org]

    Perhaps this DRM is your punishment for listening to Ricky Martin and Celine Dion?

  • Simplify EULAs (Score:4, Interesting)

    by mmeister (862972) on Friday November 11, 2005 @10:05AM (#14007445)
    The problem with these EULAs are that they are so verbose that any important facts are lost and I believe that is the intention.

    That is how these Spyware companies gain "permission" and certainly how Sony has gained "permission" to install anything they want. Most users aren't able to read a 5 page legal document squeezed into a tiny little box very effectively.

    We need to write our Congressmen and Senators and tell them that EULAs should be simplified, even standardized. I'd even suggest that some sort of color coding be required to indicate the severity of changes to be made. Unlike Homeland Security's approach, I suggest three simple colors: GREEN, YELLOW, RED (You might recognize these colors from your local STOPLIGHT).

    GREEN - This EULA just contains standard legal protections of the company for their software.
    YELLOW - This application will install some components to run at the same permission level as the user.
    RED - This application will install SYSTEM-LEVEL COMPONENTS.

    This may not be perfect, but the 10-pages of legal mumbo-jumbo is hard for even the paranoid to go through. For example, I installed several updates to my Mac OS X system (10.4.3, Java, Quicktime, iTunes, Airport) and EACH ONE contained an EULA that was extremely long.

    The current system is broken and, unfortunately, we need to change the law to fix it because I know that the large companies with their lawyers have no intention of fixing it.
  • by Durandal64 (658649) on Friday November 11, 2005 @12:08PM (#14008583)
    This kind of thing really illustrates Mac OS X's malware resiliency. There is no CD auto-run, so there is no way for these extensions to even be installed without the user manually double-clicking on this Start.app thing. From there, the user has to enter his administrator password, assuming he's an administrator on the machine. Only then will this DRM software get installed. So I don't expect this to cause too much trouble.

    And even after that, it's not the gigantic pain in the ass to remove that the Windows stuff is. Removal is a simple matter of unloading the kernel extensions and deleting them with administrator privileges. For some reason, Windows seems to facilitate the development of software that installs silently and is utterly impossible to remove.

    This is why it's not just the popularity factor that keeps OS X malware-free. It's a solid design based around the idea of minimal automation and least privileges needed. Even if OS X was twice as popular, any malware would still have the same hurdles to jump through.

Money is the root of all evil, and man needs roots.

Working...