--- begin forwarded text

 Delivered-To: [EMAIL PROTECTED]
 Date: Wed, 16 Nov 2005 12:55:50 -0500
 To: Philodox Clips List <[EMAIL PROTECTED]>
 From: "R. A. Hettinga" <[EMAIL PROTECTED]>
 Subject: [Clips] Sony DRM infection removal vulnerability uncovered
 Reply-To: [EMAIL PROTECTED]
 Sender: [EMAIL PROTECTED]

 <http://www.theinquirer.net/print.aspx?article=27714&print=1>


 The Inquirer

 Sony DRM infection removal vulnerability uncovered

 Tool is worse than original infection

 By:  Charlie Demerjian  Tuesday 15 November 2005, 20:45

 SONY PULLS OFF ANOTHER blatant stupidity in the 'cure is worse than the
 disease' category. No, not the DRM infection itself, not the security
 compromising removal agreement, but the removal tool itself. Yes, this one
 appears to put you in MORE danger than the original rootkit. Silly Sony, no
 cookie.

  According to Freedon To Tinker, the web based installer is a worse
 vulnerability than the original rootkit. More on the story here, FTT goes
 into detail. It seems the 'cure' from Sony involves downloading an ActiveX
 control called CodeSupport. This is a signed control that lets just about
 anyone download, install and execute arbitrary code on your machine.

  See a problem? See a big problem? To make matters even funnier, the
 uninstaller, supposedly anyway, leaves this control on your machine. So,
 the Sony uninstaller is not a total uninstaller, it leaves a hole you can
 drive a truck through on your system, silently of course.

  The more disturbing part is that it appears the control is signed. I
 wonder who at MS approved this, and how this blatant security hole got
 through the barest minimum of QC? Moral, if you bought Sony products, you
 are screwed. If it causes you problems, you are screwed more. If you
 uninstall, you are screwed yet harder. If you uninstall it yourself, you
 are a criminal under the DMCA. If you use an antivirus program to uninstall
 it, you spent money to fix Sony's problems, and you are still a criminal.
 That's what you get for buying music.ยต





 --
 -----------------
 R. A. Hettinga <mailto: [EMAIL PROTECTED]>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 [EMAIL PROTECTED]
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: [EMAIL PROTECTED]>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to