Announcement

Collapse
No announcement yet.

The Sony Rootkits Story Continues in Court.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    If anyone has run the official XCP uninstaller

    If anyone has run the official XCP uninstaller:
    UPDATE: If youre technically sophisticated, and you have run the XCP uninstaller on your computer, you may be able to help us in our investigations. It wont take long. Please contact Alex to volunteer. Thanks.
    webpage url:
    freedom-to-tinker.com/?p=926
    Last edited by Underheaven; 15.11.2005, 08:42.
    the modern world:
    net helpmsg 4006

    Comment


    • #17
      XCP sucks, because it can intendedly make corrupted CDs so that your PC can't recognise them!!!

      There's already a web site that has declared some CDs as corrupted, because of being unreadable in PC CD drives.

      Comment


      • #18
        Sony has started to recall the cds with the protection.
        BBC, News, BBC News, news online, world, uk, international, foreign, british, online, service

        Comment


        • #19
          Originally Posted by al1uk
          Sony has started to recall the cds with the protection.
          http://news.bbc.co.uk/1/hi/technology/4441928.stm
          hehe, sonys loseing big with all of this DRM buil S***... Serves them right..

          Comment


          • #20
            ...

            Well it seems Sony requires you to install an ActiveX program before starting the uninstall.
            1. You fill out an uninstall request on Sony’s web site.

            2. Sony sends you an email with a link to a second request form. When you follow this link, Sony’s site automatically installs a piece of software–an ActiveX control created by First4Internet–called CodeSupport.

            3. After delay, Sony sends another email with a link to a third web page that removes the copy protection software. However, the CodeSupport component remains on your computer indefinitely.

            Due to a serious design flaw, the CodeSupport component allows any web site you visit to download and run software on your computer. A malicious web site author can write an evil program, package up that program appropriately, put the packaged code at some URL, and then write a web page that causes CodeSupport to download and run code from that URL.
            webpage url:
            Earlier today Ed Felten and I reported a serious security hole opened by the uninstaller that Sony provides to users who want to remove the First4Internet copy protection software. Further testing has confirmed that computers remain vulnerable even after the uninstall process is complete. Sony's web-based uninstaller is a three step process: You fill out an uninstall request on Sony's web site. Sony sends you an email with a link to a second request form. When you follow this link, Sony's site automatically installs a piece of software–an ActiveX control created by First4Internet–called CodeSupport. After delay, Sony sends another email with a link to a third web page that removes the copy protection software. However, the CodeSupport component remains on your computer indefinitely. Due to a serious design flaw, the CodeSupport component allows any web site you visit to download and run software on your computer. A malicious web site author can write an evil program, package up that program appropriately, put the packaged code at some URL, and then write a web page that causes CodeSupport to download and run code from that URL. If you visit that web page with Internet Explorer, and you have previously performed at least step 2 of Sony's uninstall process, then the evil program will be downloaded, installed, and run on your computer, immediately and automatically. Your goose will be cooked. You can tell whether you are vulnerable by visiting our CodeSupport detector page. If the component is installed, you should try to remove it using the instructions from our earlier post. However, this may not be enough to prevent the software from being installed again, depending on your security settings. If you have been exposed, the safest thing to do is to avoid using Internet Explorer until you receive a fix from Sony and First4Internet. Firefox should be a safe alternative. UPDATE (11/16, 2am): Sony has removed the initial uninstaller request form (step 1, above). In its place is the following message: November 15th, 2005 - We currently are working on a new tool to uninstall First4Internet XCP software. In the meantime, we have temporarily suspended distribution of the existing uninstall tool for this software. We encourage you to return to this site over the next few days. Thank you for your patience and understanding. This is a positive step that will help prevent additional users from being exposed to the flawed component, but customers who already used the web-based uninstaller remain at risk.
            the modern world:
            net helpmsg 4006

            Comment


            • #21
              Stop bashing this company just because some morons
              have made a stupid mistake (probably out of mere ignorance as well)

              Im not a Sony Fanboy or nothing but this company has
              brought many new things to the people that we all love and
              use or used in the past and they are not in a good financial
              situation too...i hope this wont break their neck what a
              stupid way to fuck up a such great name as sony.
              Guys vote for the threads you read to give
              the rating system a place to live ^^

              Comment


              • #22
                The new version of AnyDVD tackles Sony DRM Rootkit.
                Look at slysoft.com.
                I havn't tested it, yet.
                Heaven Can Wait -- My Band-Page

                Comment


                • #23
                  Sabrehawk you're right about being mean to sony. If I uploaded a picture of my electronics stack near my TV you'd see a lot of sony. I do like the company.
                  the modern world:
                  net helpmsg 4006

                  Comment


                  • #24
                    Originally Posted by Sabrehawk
                    Stop bashing this company just because some morons
                    have made a stupid mistake (probably out of mere ignorance as well)

                    Im not a Sony Fanboy or nothing but this company has
                    brought many new things to the people that we all love and
                    use or used in the past and they are not in a good financial
                    situation too...i hope this wont break their neck what a
                    stupid way to fuck up a such great name as sony.
                    we never ment to bash the sony name, we just are pointing out how some ways to gain control of profit leaks are bad and hurt the corporation in the long run. Also as far as I can see sonys still in the green, they however will be in the red next year because they are going to lose so much on the PS3... a current estimate of $599 probly wont go over too well with most consumers, and they also need to buy games as well...

                    Comment


                    • #25
                      Maybe you guys will find this link interesting..... (think... easily bypassing sonys rootkit drm method )
                      Last edited by AmphetaMarinE; 16.04.2006, 18:10.
                      SpeedLabs Inc. - Welcome to the real world...

                      Comment


                      • #26
                        Originally Posted by AmphetaMarinE
                        Maybe you guys will find this link interesting..... (think... easily bypassing sonys rootkit drm method )
                        LOL. sticky tape... dont think Im going to try that in my drive but hey all the power to the people with this one...

                        Comment

                        Working...
                        X