Sony DRM malware

[mhendo]

kanicbird:

Windows is designed to have the registry changed by programs, the rootkit, ok my terms may be a bit off here, but to my understanding places itself between the OS and the hardware, and in this case prevents windows from running as designed - this position is the place for the OS, not just a program (perhaps a driver could fit this too, but I see a difference)

Even if every single thing you say here is true, i still want to know how this constitutes a violation of copyright.

Do you even know what copyright is? Because your posts on this topic suggest that you might not.

kanicbird:

You want to see bullshit, then just wait till you try to update your Sony DRM OS with the next windows update and it goes unstable. Let me say you will have to go through loads of bullshit then.

Again, even if you are correct about this—and i’m not conceding that until i see some proof—i still don’t see how it constitutes a copyright violation.

kanicbird:

Well more sounding off out of anger at this tactic, and would love to see this whole thing blow up in Sony’s face in a really big way. Perhaps it would be safer to say that MS may have a case against Sony for addtional costs of tech support including the removal tools that are being created.

Ah, so your copyright comment was just you talking out your ass.

And now that you have moved from copyright issues to more general tort issues, could you give us some of your brilliant insight into exactly what tortious claim Microsoft (as opposed to the individual owners of the computers) might make against Sony?

As i’ve made clear, i also hope this blows up in Sony’s face. But your unsubstantiated claims about copyrights and torts does little to illuminate the issue.

[Watcher_of_the_Skies]

This is totally wrong, appalling, offensive, and basically unacceptable. Is there any possible way to get the whole mess out of your system without having to be a programmer?

[Watcher_of_the_Skies]

One more thing. This may be an overly simplistic analysis but isn’t Microsoft equally responsible for this by constructing an OS that makes manipulation like this possible (spyware & malware too).

This makes me think that the only real way to be rid of it is to save your data, wipe your drive totally, then reinstall windows from scratch. Sounds extreme but this is making me crazy.

[gazpacho]

Watcher of the Skies:

One more thing. This may be an overly simplistic analysis but isn’t Microsoft equally responsible for this by constructing an OS that makes manipulation like this possible (spyware & malware too).

This makes me think that the only real way to be rid of it is to save your data, wipe your drive totally, then reinstall windows from scratch. Sounds extreme but this is making me crazy.

Microsoft is not responsible for this problem. You agree to install the program. Apart from having some authority sign all programs you install on your computer there is not much you can do about this sort of thing.

[Go_You_Big_Red_Fire_Engine]

Watcher of the Skies:

One more thing. This may be an overly simplistic analysis but isn’t Microsoft equally responsible for this by constructing an OS that makes manipulation like this possible (spyware & malware too).

This makes me think that the only real way to be rid of it is to save your data, wipe your drive totally, then reinstall windows from scratch. Sounds extreme but this is making me crazy.

Ok, so the first part of your post claims that perhaps Microsoft should be held responsible. The second part states that you may perhaps be rid of Microsoft (Yay!) but then just re-install it.
People reformat their drives all the time. People also switch operating systems all the time. Neither is extreme, and if you’re really that worried, that latter makes more sense.

[World_Eater]

Raygun99:

That won’t help you.

If autorun is disabled, then the Summcomm software is out of luck.

[Tusculan]

Tabby_Cat:

Well, then, I bought it with the express intent to pirate it. Does that matter? No.

With software, within copyright there is the right to make copies, or to make derivative works. Clearly, by installing it, you have to make a copy of it, or at least a derivative work. If you do not have a licence from the copyright owner, or ARE the copyright owner, then you are infringing on copyright when you do so.

Now, they phrase it as a “right to use”. I’ve never seen this right in UK law before, and my textbooks make no mention of it, however, I believe making derivative works is enough to cover this particular issue of installing software. Perhaps even performance rights. I’ll look it up some more if you’re not satisfied.

Now, you may argue that you should be given this “licence to use” together with the physical media. Well, there may be a moral argument for that. However, there is currently no legal reason for you to do so. For example, I can sell you the script for a play. You can do whatever you want with this script and the paper it’s written on, but if I don’t grant you a licence to PERFORM the play, all you can do is read it.

With respect to UK Law this statement is incorrect. There is a right to use for the person who lawfullyi acquired a physical copy of the program, as the UK has to follow EU law on this matter. See Council Directive 91/250/EEC of 14 May 1991 on the legal protection of computer programs, art. 5(1):

Article 5 Exceptions to the restricted acts

1. In the absence of specific contractual provisions, the acts referred to in Article 4 (a) and (b) shall not require authorization by the rightholder where they are necessary for the use of the computer program by the lawful acquirer in accordance with its intended purpose, including for error correction.

The lawful acquirer is the person legally obtaining a physical copy of the program. This is apparent from the Proposal for the Driective (89/C91/05), COM(88) 816 final - SYN 183, Publ C 91/4 of 12 April 1989, par. 3.5, and cf. comment on art. 4(c) and 5(1). See also the authorative comment by Czarnota/Hart, Legal Protection of Computer Programs in Europa, p. 64.

See also Report on the implementation and effects of Directive 91/250/EEC on the legal protection of computer programs, COM(2000) 199 final, par. 5(a)

(a) Normal use by the lawful acquirer and error correction (Article 5 (1)) This provision stipulates that in the absence of specific contractual provisions, the restricted acts, with the exception of distribution and rental, shall not require authorisation by the rightholder where they are necessary for the use of the computer program by the lawful acquirer in accordance with its intended purpose, including error correction.
(…)
The Commission shares the view of some commentators that ‘lawful acquirer” did in fact mean a purchaser, licensee, renter or a person authorised to use the program on behalf of one of the above. This argument also draws from Articles 6 and 8 of the database Directive (Directive 96/9/EC) which use the term “lawful user” and which were modelled along the lines of Article 5 (1) of the computer programs Directive.

Of course, this doesn’t apply to US Law or any other jurisdiction. However, you specifically mentioned UK law so that statement needed correction.

[Tusculan]

I should add that for other works than software the same regime in principle applies, as can be infered from the Copyright Directive 2001/29/C of May 22nd 2001, Publ. L 167 of June 22nd 2001. See art. 5(1)(b), as well as recitals 28 and 33. See with respect to UK Law the implementation of the Copyright Directive with the Copyright and Related Rights Regulations 2003 (http://www.opsi.gov.uk/si/si2003/20032498.htm). Admittedly one can debate about the interpretation of the provisions I cited; nevertheless an alternative interpretation would be inconsistent with the provisions with respect to software.

[Tabby_Cat]

I believe the key point is that from 5(1) “This provision stipulates that in the absence of specific contractual provisions, the restricted acts…”

In the CDPA 1988, s28(1). “The provisions of this Chapter specify acts which may be done in relation to copyright works notwithstanding the subsistence of copyright; they relate only to the question of infringement of copyright and do not affect any other right or obligation restricting the doing of any of the specified acts.”

I was wrong to assume that there was no right to “use” computer programs - you are correct, there is such a right, provided there are no specific contractual terms to the contrary. In this case, however, the EULA contains specific contractual terms to the contrary.

As for the 2003 regulations, they are mostly amendments to the CDPA 1988. As such, s28 is still relevant. With regards to non-computer software copyrights, however, such as “ripping” a CD, there is no permitted act “backing up the CD”, or indeed, any full copy of copyrighted material, save perhaps in the classroom.

The UK has also found that “licences for use” can be enforced, through SCE v Owen, where Owen had a licence that was limited to Japan.

“19 *303 The games are sold, as appears to be common ground, abroad with, for example, “For Japan only”. I see no reason from that to suppose that there is a licence for use outside Japan. In the end, it is for a licensee to prove his licence and I do not think any such licence is proved. Copyright is inherently territorial. You need a licence in every territory in which you wish to use a copyright work in such a way as would otherwise infringe. In the case of computer programs, you use the computer program when you load it into the machine–you reproduce the work.”

While the reproduction side of things may have been dealt with, the fact remains that the court recognises the validity of the EULA granting a licence. While this may be a rather oblique point, and the recent case of SCE v Stevens seems to overturn this judgement regarding mod chips, this particular point seems to have made it through. AFAIK, it’s never been litigated directly, but what IK isn’t very much anyway.

Also, what I have just said depends very much on the validity of an EULA, which is uncertain. If EULAs are found to be invalid, then there would be no stopping the “use” as held in 5(1). I have no doubt that companies could simply print “see http blah for terms of contract” on the front of the box, and have those be contactual terms, though, similar to current railway terms of carriage etc., and those clearly have precedent.

In short: Yes, I agree that there is a statutory right, and I was mistaken. However, manufacturers can trivially contract out of these.

[Ponder_Stibbons]

Heh. This keeps getting better and better.

“This is a surprisingly bad design from a security standpoint,” said Ed Felten, a Princeton University computer science professor …

[Merijeek]

kanicbird:

Well more sounding off out of anger at this tactic, and would love to see this whole thing blow up in Sony’s face in a really big way. Perhaps it would be safer to say that MS may have a case against Sony for addtional costs of tech support including the removal tools that are being created.

I wasn’t aware Microsoft did tech support.

-Joe

[Silentgoldfish]

Merijeek:

I wasn’t aware Microsoft did tech support.

-Joe

Well, now you are.

[Archergal]

More than half a million networks may have been infected by Sony’s DRM rootkit:

Wired New Cite

[Merijeek]

And, finally, Sony says: “Oops”

Dumbfucks.

-Joe

[sleestak]

Sony BETTER say oops. And cover their ass. Soon.

According to this there are now exploits out that use Sony’s rootkit.

I wonder if Sony can be sued over this.

Slee

[Knorf]

According to Merijeek’s link, lawsuits are afoot in California and New York.

I hope Sony is forced to pay big for this blunder.

[Revtim]

Hopefully, this will also made Sony and other companies more reluctant to make this shit.

[bouv]

Revtim:

Hopefully, this will also made Sony and other companies more reluctant to make this shit.

Unlikely. Sony’s Blu-Ray DVD format (which seems to be the more popular of the two up and coming next-gen DVD formats) has more supporters behind it, and it is LOADED with DRM crapware. That’s the reason Microsoft is against it. They say all that DRM craop makes it harder for consumers to use the products the way they should be able to use them, which is true. God, I don’t want to think about what kind of crap would get put on my computer if I tried to play a Blu-Ray DVD on my PC when they start to become available.

[Revtim]

bouv:

Unlikely. Sony’s Blu-Ray DVD format (which seems to be the more popular of the two up and coming next-gen DVD formats) has more supporters behind it, and it is LOADED with DRM crapware. That’s the reason Microsoft is against it. They say all that DRM craop makes it harder for consumers to use the products the way they should be able to use them, which is true. God, I don’t want to think about what kind of crap would get put on my computer if I tried to play a Blu-Ray DVD on my PC when they start to become available.

Wow, that’s unpleasant. But maybe thanks to this uproar they might reduce the DRM in the Blu-Ray format.

[Ponder_Stibbons]

Revtim:

Wow, that’s unpleasant. But maybe thanks to this uproar they might reduce the DRM in the Blu-Ray format.

Personally, I think this’ll just make Sony make sure their DRM is sneakier and more secure. Which is, IMHO, not a good thing.