Originally posted by drewhiggins:Anything else other than Sony? I think I'll wait until a better brand comes up with something.
Originally posted by vanquish:[..]
Lol, don't let Gerard hear you.
Originally posted by germcevoy:[..]
I have a PS3 and thats all. No fanboy here
Extended Copy Protection (XCP) is a software package developed by the British company First 4 Internet, (which on 20 November 2006, changed its name to Fortium Technologies Ltd - see links below), and sold as a copy protection or digital rights management (DRM) scheme for compact discs. It was used on some CDs distributed by Sony BMG and sparked the 2005 Sony BMG CD copy protection scandal; in that context it is also known as the Sony rootkit.
Security researchers beginning with Mark Russinovich in October 2005 have described the program as functionally identical to a rootkit: a software program used by computer hackers to conceal unauthorised activities on a computer system. Russinovich broke the story on his Sysinternals blog, where it gained attention from the media and other researchers. The publicity, which grew to include a civil lawsuit and criminal investigations, soon forced Sony to discontinue use of the system.
While Sony eventually recalled the CDs that contained the XCP system, the web-based uninstaller was investigated by noted security researchers Ed Felten and J. Alex Halderman, who discovered that the ActiveX component used for removing the software exposed users to far more significant security risks, including arbitrary code execution from any site on the internet.
The version of this software used in Sony CDs is the one marketed as "XCP-Aurora". The first time a user attempts to play such a CD on a Windows system, a program will be installed even before a dialog box prompts the user to accept a license agreement. The EULA did not mention that it installed hidden software. The software will then remain resident in the user's system, intercepting all accesses of the CD drive to prevent any media player or ripper software other than the one included with XCP-Aurora from accessing the music tracks of the Sony CD. No obvious way to uninstall the program is provided. Attempting to remove the software by deleting the associated files manually will render the CD drive inoperable due to registry settings that the program has altered.
The included player software will play the songs and allow only a limited degree of other actions such as burning the music onto a certain number of other CDs or loading it onto certain DRM-protected devices such as a few portable music players. The popular iPod, sold by Sony competitor Apple Computer, does not support their DRM format and they could not use Apple's FairPlay.
XCP conceals itself from the user by installing a patch to the Windows operating system. This patch stops ordinary system tools from displaying processes, registry entries, or files whose names begin with $sys$. Other XCP components include "Plug and Play Device Manager", which continuously monitors all other programs being run on the computer.
Shortly after independent researchers broke the story, security software vendors followed up, releasing detailed descriptions of the components of XCP — as well as software to remove the $sys$* cloaking component of it. On the other hand, no software has yet been released to remove the CD-ROM filter driver component. Computer Associates, makers of the PestPatrol anti-spyware software, characterize the XCP software as both a trojan horse and a root kit[3]:
Rootkit installs a DRM executable as a Windows service, but misleadingly names this service "Plug and Play Device Manager", employing a technique commonly used by malware authors to fool everyday users into believing this is a part of Windows. Approximately every 1.5 seconds this service queries the primary executables associated with all processes running on the machine, resulting in nearly continuous read attempts on the hard drive. This has been shown to shorten the drive's lifespan.
Furthermore, XCP.Sony. Rootkit installs a device driver, specifically a CD-ROM filter driver, which intercepts calls to the CD-ROM drive. If any process other than the included Music Player (player.exe) attempts to read the audio section of the CD, the filter driver inserts seemingly random noise into the returned data making the music unlistenable.
Rootkit loads a system filter driver which intercepts all calls for process, directory or registry listings, even those unrelated to the Sony BMG application. This rootkit driver modifies what information is visible to the operating system in order to cloak the Sony BMG software. This is commonly referred to as rootkit technology. Furthermore, the rootkit does not only affect XCP.Sony. Rootkit's files. This rootkit hides every file, process, or registry key beginning with $sys$. This represents a vulnerability, which has already been exploited to hide World of Warcraft RING0 hacks as of the time of this writing, and could potentially hide an attacker's files and processes once access to an infected system had been gained.
Computer Associates announced, on November 2005, that its anti-spyware product, PestPatrol, would be able to remove Sony's software. One month later Microsoft released an update for its Windows Malicious Software Removal Tool which could clean the F4IRootkit malware.
The somewhat slow and incomplete response of some antivirus companies has, however, been questioned by Bruce Schneier "information security expert" at Counterpane and author of security bible Secrets and Lies. In an article for Wired News, Mr. Schneier asks, "What happens when the creators of malware collude with the very companies we hire to protect us from that malware?" His answer is that "users lose... A dangerous and damaging rootkit gets introduced into the wild, and half a million computers get infected before anyone does anything."
There is much speculation to what extent the actions taken by this software are a violation of various laws against unauthorized tampering with computers, or laws regarding invasion of privacy by "spyware", and how they subject Sony and First 4 Internet to legal liability. The States of California, New York, and Texas, as well as Italy, have already taken legal action against both companies and more class action lawsuits are likely. However, the mere act of attempting to view or remove this software in order to determine or prevent its alteration of Windows would theoretically constitute a civil or criminal offense under certain anti-circumvention legislation such as the controversial Digital Millennium Copyright Act in the USA.
The Electronic Frontier Foundation's Fred von Lohmann also heavily criticised the XCP EULA, shown for acceptance before the software installation, naming it the legalese rootkit.
One of the primary reasons for the XCP experiment lies in the issue of adding on DRM to a legacy standard. These problems are explored by Professor Randal Picker, Professor of Law for the University of Chicago School of Law, in his article, "Mistrust-Based Digital Rights Management", published in Volume 5 of the Journal on Telecommunications and High Technology Law. CDs by themselves are incapable of updating legacy hardware such as stand-alone CD players, and lack the ability to change or upgrade the firmware in order to read DRM. Thus the DRM must be added on so as not to interfere with the function of the legacy players but still work when the same CD is placed in a computer. Professor Picker analyzes the four main issues with add-on DRM.
The first problem, as demonstrated in the XCP example, is that capable consumers can simply by-pass the DRM. Turning off autorun prevented the rootkit installation and thus invalidated the DRM scheme.
The second problem is consumer reaction. Adding DRM to a legacy product like music CDs, which traditionally had no rights management scheme, will infuriate consumers. Professor Picker points out that in the wake of the negative publicity surrounding the Sony add-on DRM, Amazon.com began alerting customers as to which Sony CDs contained XCP. Customers could avoid the DRM entirely, negating the effectiveness.
The third problem lies in the legal response. The EFF, as well as state attorneys general, investigated and brought suit against Sony for the XCP program. Professor Picker does not analyze the legal merits of such suits, but the cost of litigation potentially outweighs the benefit of attempting to add-on DRM.
The fourth and final problem lies in the End User License Agreement attempted to be enforced by the add-on DRM. The ability to actually enforce these agreements on add-on DRM is limited by the mere fact that without active registration and tracking of the CDs, the company will have no one to enforce against. Thus, the benefit, enforcing the EULA against violators, is non-existent; the costs, however, of implementing the add-on DRM scheme, in the form of state and federal investigations, private lawsuits, negative publicity, consumer backlash and the technical limitations, far outweighs the benefits.
Originally posted by vanquish:Oh Sony can be annoying, try customer service, where they keep telling you to call one of the other department's as it's not an issue with the other Sony device, and vice versa.
And they also lie a lot in their marketing, which always annoys me. But they make good electronics (mostly) even if they charge you an arm and a leg.
Originally posted by djrlewis:^^^
Originally posted by djrlewis:^^^
Was hoping for that budget laptop. Still not payin 700 for the standard MacBook (even though it would probably be worth it). Ill keep waiting. . . .
Originally posted by drewhiggins:I know, I know. No need to say.
[..]
...and waiting, waiting...you're wasting your time.