Wednesday, December 07, 2005
Even Killer Bob agrees: Sony is the Debbil!
So it's not enough that Sony vandalizes your computer with it's feeble DRM malware. Now they are leaving Guest account access open on any computer foolish enough to have a Sony/BMG disc inserted into it.
I don't think it's enough that the state of Texas has brought suit. Any company that reckless with it's customers personal property does not deserve to be in business.
Let me add my voice to those that say F!ck Sony and the horse they rode in on.
So it's not enough that Sony vandalizes your computer with it's feeble DRM malware. Now they are leaving Guest account access open on any computer foolish enough to have a Sony/BMG disc inserted into it.I don't think it's enough that the state of Texas has brought suit. Any company that reckless with it's customers personal property does not deserve to be in business.
Let me add my voice to those that say F!ck Sony and the horse they rode in on.
¶ 3:04 PM
iWon News: "A computer security firm working with EFF discovered the security issue with the MediaMax Version 5 CDs and how it affects computers running Microsoft Corp. (MSFT)'s Windows operating system.
Windows allows for different levels of access to a computer. The copy-protection software installs a file folder in the computer that could allow a guest user to gain unauthorized access to the computer.
'It's a privileged escalation attack,' said Kurt Opsahl, an EFF staff attorney. 'On Windows you can have users with different privileges, and because of security weakness in the permissions of a folder, it allows a low-ranked user to act as a high-ranked user.'
The problem is commonly found on many computer programs, said Robert Horton, director of NGS Software, which tested SunnComm's software fix for the record company.
The MediaMax problem differs from the security hole discovered last month with the so-called XCP technology by First 4 Internet Ltd. of Oxfordshire, United Kingdom, that Sony BMG placed on more than 50 other CD titles. That copy-protection effort was found to leave computers vulnerable to hackers.
'The main distinction is, with XCP, it was hiding itself so you wouldn't know that it was there,' Opsahl said.
This one is not hidden, he said, but the average user wouldn't know to look for it unless it was brought to their attention.
Sony BMG recalled the discs with XCP last month and released a way to remove the software from users' computers.
Opsahl said the MediaMax patch addresses the problem, but the EFF, which has a lawsuit pending in California against Sony BMG over its use of copy-protection technology, is continuing to investigate.
'We can't say that the software is now secure,' Opsahl said. 'We're going to continue to raise these issues with Sony.'"
