Archive for the ‘Information Technology’ Category

I am writing a new blogging client that works with multiple blogging platforms.

If you are reading this, it means everything is working, thus far.

While EMI denies they have scrapped DRM altogether, they have not manufactured any new disks with DRM for months. It’s about time someone started waking up.

EMI Group Plc said on Monday it was reviewing its use of the controversial content protection technology used on CDs, known as digital rights management (DRM), but has not scrapped it altogether.

Music companies launched DRM in a bid to curb piracy but the software means that the discs are incompatible with the iPod, the market-leading digital music player made by Apple Computer Inc.

Critics also argue that the system has not worked as consumers could be driven to illegal sites to download music to the popular iPod instead.

A spokeswoman for EMI said it had not manufactured any new disks with DRM, which restricts consumers from making copies of songs and films they have purchased legally, for the last few months.

Ford Motor Co. unveiled on Saturday a new entertainment and communication system running on software from Microsoft Corp. that aims to bring the connectivity of a computer to the car.

The “Sync” system allows drivers to make hands-free phone calls, listen to music on digital media players, including Apple Computer Inc.’s iPod, and have cell phone text messages read aloud.

Ford and Microsoft announced Sync on the eve of the Consumer Electronics Show in Las Vegas and the North American International Auto Show in Detroit.

What happens when it crashes? No, not the car, the “entertainment and communication system”? If it does crash, do you have to pull over and turn off the car, wait a few moments, and start it again? Can you imagine the calls to Onstar when this hits the market?

OnStar call center: “Onstar, what’s your emergency?”

You: “My car just crashed and all I have now is a blue Ford of death!”

[Long pause]

You: “Hello? Hello?”

I can hardly wait to see how you apply patches and bug fixes.

A very important boardmember like myself should never have to log into their instant messenger and find stuff added to their contact list without their permission. However, that’s exactly what happened this morning as AOL decided, in its infinite wisdom, to add two contacts to the buddy list of every single user this morning. They’re some of AOL’s “bots” which let you send questions to an automated attendant who responds back for you.

The problem is nobody agreed to let AOL add these users, if they were added by AOL, it means they weren’t on your buddy list already, and the only “out” they give you is a notice that basically says, “Oh sure, we added a few buddies because, well heck, we’re AOL. But if you really want to, you can delete these buddies without consequence.”

If that’s the only out they give, that it’s easy enough to undo what they had no right to do to begin with, then they deserve some heat for it. Whether or not your software is provided for free is irrelevant. I have to look at ads when I use AIM just like everyone else (although, truthfully, I use Trillian because I’m cool like that), so why should I have you ramming your services (MovieFone and AOL Shopping) down my throat?

Things must not be well down there in Virginia if they’re trying to hook you into their services that surreptitiously.

Technorati Tags: AOL, bots, AIM, Trillian, MovieFone, AOL Shopping

When the other members of the board and myself sit in our wonderfully expensive board room sipping lattes, sometimes a bad decision comes out. We rarely ever actually admit to it being a bad decision, but we do know it was bad to begin with. I imagine the same thing happened with Microsoft, when they made the decision to not include backward compatibility by default in the Xbox 360, their new flagship game console which should be arriving in stores shortly:

Microsoft has posted a list of 212 Xbox games that are backward-compatible with the Xbox 360 – but only next-generation consoles with a hard drive.

The list, which you can view here, contains all the best-known Xbox titles. Games not present on the list will not run on the 360.
Click Here

Unlike other console makers, Microsoft has chosen to implement backward compatibility in software. The downloadable app converts Intel x86 processor instructions from the original Xbox into their PowerPC equivalents, in the process compensating for the different ways the two CPU types store numbers larger than 255.

Microsoft said the emulation software would be made available to Xbox Live subscribers, from the Xbox.com website – as a downloadable disk image to burn to CD – or direct from Microsoft on CD. Presumably it’s then installed on the 360’s hard drive, though the website doesn’t make this clear.

That leaves anyone who buys the cheaper Xbox 360 Core System out in the cold – it doesn’t ship with the 20GB HDD that’s part of the standard package.

If you don’t buy the higher-end Xbox 360 package that ships with a hard disk, you’re out of luck, folks. Someone at Microsoft has obviously determined that most people who are going to buy an Xbox 360 (many of whom are probably Xbox owners) won’t mind either leaving their entire game collection behind or keeping both units hooked up. Smart move, Microsoft.

The Register rightly points out that Sony’s PlayStation 2 was a very attractive console because it could play older games without any special tweaking. Apparently obvious history tends to get lost on some of these fine-suited individuals. Advice to Sony: Don’t make this mistake when the PS3 releases. If it takes a little longer, so be it. While Microsoft crammed the Xbox 360 out the door in time for Christmas, learn from that big mistake.

You also have to wonder how much Microsoft’s typical strategy of “get it out now, patch it later” is going to sit with console gamers. We already know that PC users don’t like it very much. Guess we’ll have to wait and see.

Source: The Register

Far be it from us, your humble Corporate Raiders, to not bag on a product or company or CEO just because we like their products.

Yours truly has been a major fan of Electronic Arts’ sports lineup for years. Madden, NHL, and NBA Live are some great games and provide hours of entertainment, particularly when you go online and watch some 10 year old from Oklahoma bitch slap you with T-Mac shooting threes and dunkin on yo punk ass…

I digress…

EA is now assuming, much like Sony, that every customer is a potential pirate. In this case, EA is quite friendly about it, telling you how to get their games playing on your PC despite that pesky emulation software:

Question

What do you do when you get a “CD/DVD Emulation Software Detected” error?
Answer

This error is presented when active CD Emulation software is detected by the copy protection on the game CD. This software must be disabled for the game to launch properly. It is very common for CD/DVD copying software to include such software as a suite of products, so you will need to make sure that if your CD/DVD copying software includes such software that it is disabled as well. We have CD-ROM Troubleshooting steps along with information on background tasks available covering this issue to help resolve this issue but see our screenshots below for more detailed information.

Here’s a list of software that is known as, or known to include CD Emulation Software that could potentially prevent the game from playing properly:

* Fantom CD Emulator
* Alcohol 120%
* Nero Image Drive
* Phantom CD
* Clone CD
* Ark Virtual Drive

If you are unsure about how to turn off emulation settings, consult your emulation program help files. If you have emulation software not listed above that does not provide adequate information about how to turn off emulation to avoid software conflicts, and then remove the software from your machine.

It’s time to ponder the implications of this, folks. Once again, a media-producing company has assumed your only goal is to steal their product for fun or profit. To that end, EA is building their software to specifically not run on any computer where certain legal (keyword alert, folks) software is installed, even if for a legal purpose. Note, also, that the games will not function if the software is installed and not whether or not it’s being used to run EA software.

Its mere existence creates problems for them.

Shame on you, EA, for treating your customers like criminals simply for having software on their computers. This type of attitude is unacceptable from any company, including one that has built its gaming empire on the backs of the very people it refuses to trust now.

Source: Engadget and EA.com

My good friend, the illustrious Bed Burner has been warning you all of the dangers associated with Sony’s XCP copy protection. Just so you’re aware, there are even more problems with it, this time related to the uninstallation of it:

Alex Halderman and I have confirmed that Sony’s Web-based XCP uninstallation utility exposes users to serious security risk. Under at least some circumstances, running Sony’s Web-based uninstaller opens a huge security hole on your computer. We have a working demonstration exploit.

We are working furiously to nail down the details and will report our results here as soon as we can.

In the meantime, we recommend strongly against downloading or running Sony’s Web-based XCP uninstaller.

Yet again, the solution causes more problems than the actual problem. In the meantime, you may want to stay away from any kind of removal utilities until the various sources have all the issues / bugs / kinks worked out. Remember, as Sony put it, since you didn’t know about rootkits anyway, why worry about them?

Source: Freedom to Tinker via Boing Boing

Our first kook is not one person! It’s a whole damned company!

Congratulations to SONY BMG for being kooky enough to help us launch our site!

I have noticed over the course of the last week that there has been a lot of buzz in podcasts about the Sony DRM Rootkit, but there has been very little buzz in the blogosphere.

A security analyst alleged Monday that playing a Sony copy-protected CD on his PC actually installed a rootkit into his computer from a third-party rights-management package.

According to Mark Russinovich’s security blog on Sysinternals.com, the Van Zant CD Get Right With The Man contains a rootkit that was installed when the CD’s on-disc player software was installed. That software, which Russinovich traced to U.K. vendor First 4 Internet, modified the Windows registry and was configured to hide system files encoded with a “$sys$” prefix.

The CD used a version of First 4’s rights management software, called “XCP,” to protect the CD from unauthorized copying. Sony configured the software to allow two legal backups of the entire CD. Over 2 million CDs encoded with the First 4 Internet files have been shipped by Sony, according to MSNBC.

…

A “rootkit” is so named because it theoretically allows an attacker a easy way to “go root,” or to gain control of a vulnerable PC. According to Russinovich, the CD’s software patched the registry, hiding itself from security software in the process in an effort to ensure the legitimacy of the software – every two seconds. Theoretically, an attacker or virus managing to inject a file labeled with the “$sys$” prefix onto that user’s system would be able to modify it without the user’s knowledge.

According to Russinovich, the CD’s EULA license also did not notify the user that any software would be installed that could modify his system, a possible violation of the U.K.’s Computer Misuse Act and California state law, which both prohibit the unauthorized modification of the contents of a user’s computer. Gilliat-Smith, for his part, said that accepting the software was part of a “consent agreement” agreed to by the customer.

Furthermore, the player software did not offer any method of uninstalling itself, Russinovich wrote. When Russinovich tried to do so, removing the software also disabled the computer’s CD-ROM drive through a “filter”, a file dependency built into Windows.

“The entire experience was frustrating and irritating,” Russinovich wrote. “Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files.

Distributing software, of any kind, that installs itself on my computer without my knowledge should be illegal.

Sony had no right to distribute such dangerous software, and, in my opinion, violated the rights of every person who purchased a CD from them, whether or not their computer was actually compromised by the software.

Apparently, other people are thinking the same thing.

Record company Sony BMG Music Entertainment has been targeted in a class-action lawsuit in California by consumers claiming their computers have been harmed by anti-piracy software on some Sony BMG CDs.

The claim states that Sony BMG’s failed to disclose the true nature of the digital rights management system it uses on its CDs and thousands of computer users have unknowingly infected their computers, according to court documents.

The suit, filed November 1 in Los Angeles Superior Court asks the court to stop Sony BMG from selling additional CDs protected by the anti-piracy software and seeks monetary damages for California consumers who purchased them.

A spokesman for Sony BMG declined comment.

Sony BMG is a joint venture of Sony Corp. and Bertelsmann AG.

Alan Himmelfarb, the attorney for the consumers, was not available for comment.

The suit claims that around June 2005, Sony BMG began to issue some CDs that install digital rights management software that continuously monitor for rights problems, depleting a computer’s available resources. The suit says the technology cannot be removed without damage to the system and that Sony BMG does not advise consumers of the existence or true nature of the program.

Apparently, hackers are already exploiting the computers of those who have unwittingly become victim to this invasive software and anti-virus software companies are jumping to protect their customers.

Zone Labs(R), a Check Point(R) company (NASDAQ:CHKP),announced today that users of the award-winning ZoneAlarm(R) 6.0 lineof Internet security solutions have, from day one, been proactivelyprotected from the recently-reported rootkit packaged with select Sonymusic CDs and related threats, including a newly-launched Trojanattack that uses the Sony rootkit to hide within a PC.

The new Trojan, named Win32.Outsbot.V by Zone Labs antiviruspartner Computer Associates (NYSE: CA), connects the compromised PC toan Internet chat relay server where it joins a bot net — a network ofcompromised computers used by hackers to launch denial of serviceattacks and distribute spam and other malware.

Of course, with their feet pressed into the fire, and the possibilty of their checkbook developing a case of the dropsies, Sony BMG has responded by stopping production of the copy-protected CD’s.

On Friday, Sony responded to the furor and announced that it will suspend production of CDs that contain this particular copy-protection technology and take a second look at its digital rights management strategy.

While it may take months, or even years for the pending court cases to shed any light on the matter, here is some information I thought you could use. Now. Before some hacker dweeb takes control of your computer without you knowing about it.

Even if you could find the hidden copy protection components yourself, computer experts warn against trying to uninstall it without help. Trying to do remove it without official instructions could damage the computer, rendering the CD drive inoperable.

Sony’s Web site has a downloadable patch which will remove the ability of the copy protection software to hide from view, but will not uninstall it.

To uninstall the software completely, a user must fill out a separate customer service form on Sony’s Web site, asking for instructions on how to uninstall the rootkit software.

Needless to say, Sony BMG has really screwed up and it’s time for them to step up to the plate to (a) make things right with those whose systems have been comprised, and (b) make things right so those of us who might still want to purchase a CD from them wont have to worry about this in the future.

To find out more about Rootkits you can listen to the Security Now podcast, episodes 9 and 12.

UPDATE MEMO: I was sitting at the conference table with Zack (Mr. Belch to you) and he informed me of a couple of links that will help root out these rootkits.

The first is RootKit Revealer

RootkitRevealer is an advanced patent-pending root kit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don’t attempt to hide their files or registry keys). If you use it to identify the presence of a rootkit please let us know!

The second is Blacklight

Now, there is a cure, F-Secure BlackLight Rootkit Elimination Technology. And, it’s time to find out, whether your computer is infected by invisible rootkits.

Thanks Zack!

FOLLOW UP: Do not use the above mentioned products to actually remove the rootkit. Use them only for detection. You must contact SONY for the proper removal instructions.

A good way to know if you are “infected” is to create a new file on your desktop named “$sys$Canary”. If the rootkit is present, the file will suddenly disappear. If you get infected later on, it will disappear at that time.