--- begin forwarded text
Delivered-To: [EMAIL PROTECTED] Date: Wed, 16 Nov 2005 12:55:50 -0500 To: Philodox Clips List <[EMAIL PROTECTED]> From: "R. A. Hettinga" <[EMAIL PROTECTED]> Subject: [Clips] Sony DRM infection removal vulnerability uncovered Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] <http://www.theinquirer.net/print.aspx?article=27714&print=1> The Inquirer Sony DRM infection removal vulnerability uncovered Tool is worse than original infection By: Charlie Demerjian Tuesday 15 November 2005, 20:45 SONY PULLS OFF ANOTHER blatant stupidity in the 'cure is worse than the disease' category. No, not the DRM infection itself, not the security compromising removal agreement, but the removal tool itself. Yes, this one appears to put you in MORE danger than the original rootkit. Silly Sony, no cookie. According to Freedon To Tinker, the web based installer is a worse vulnerability than the original rootkit. More on the story here, FTT goes into detail. It seems the 'cure' from Sony involves downloading an ActiveX control called CodeSupport. This is a signed control that lets just about anyone download, install and execute arbitrary code on your machine. See a problem? See a big problem? To make matters even funnier, the uninstaller, supposedly anyway, leaves this control on your machine. So, the Sony uninstaller is not a total uninstaller, it leaves a hole you can drive a truck through on your system, silently of course. The more disturbing part is that it appears the control is signed. I wonder who at MS approved this, and how this blatant security hole got through the barest minimum of QC? Moral, if you bought Sony products, you are screwed. If it causes you problems, you are screwed more. If you uninstall, you are screwed yet harder. If you uninstall it yourself, you are a criminal under the DMCA. If you use an antivirus program to uninstall it, you spent money to fix Sony's problems, and you are still a criminal. That's what you get for buying music.ยต -- ----------------- R. A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list [EMAIL PROTECTED] http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
