×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

585 comments

hmm (5, Funny)

Tibor the Hun (143056) | more than 8 years ago | (#14051573)

looks like they owe the kid some royalties...

Stranger and stranger (4, Interesting)

sgant (178166) | more than 8 years ago | (#14051642)

This story get's weirder by the minute.

Though it wouldn't happen in a million years, I'd like to think this will bring Sony to it's knees. It won't, but someone can dream.

Not that I had anything against Sony in the first place, but since this crap they threw out there and expected everyone to just "take it", they need to be slapped and slapped often.

They haven't even apologized yet. At least I haven't seen it. Though just saying "sorry" doesn't cut it anymore as thousands of computers are now vulnerable in the world due to their greed.

Re:Stranger and stranger (5, Insightful)

BushCheney08 (917605) | more than 8 years ago | (#14051672)

Bear in mind that Sony will never say that they're responsible for it. After all, they merely licensed the copy protection scheme from First 4 Internet [xcp-aurora.com]. While we all should (rightfully) be pissed at Sony for including this on a bunch of their CDs, we should be equally as pissed (or moreso) at First 4 Internet for their (L)GPL violations and for making this product in the first place.

Re:Stranger and stranger (4, Insightful)

A beautiful mind (821714) | more than 8 years ago | (#14051736)

Isn't Sony the distributor, thus the violator of (L)GPL ?

Re:Stranger and stranger (4, Insightful)

BushCheney08 (917605) | more than 8 years ago | (#14051832)

IANAL (nor do I ever want to be), but my guess would be that F4I would count as the initial distributor and Sony would be able to claim ignorance to get out of it (which is true -- I highly doubt they had access to the source code). Not to mention, they pulled the CDs from the shelves already, which they could say coincided with the revelation of copyright violations on the discs -- ie, immediate action was action. I'm not trying to defend them or their practices at all, I'm merely looking at it from a "who can be held accountable" point of view.

Re:Stranger and stranger (0)

Anonymous Coward | more than 8 years ago | (#14051876)

So I'm alright if I distribute some script kiddies rootkit bcuase then I can blame it on someone called Anonymous?

First4Internet could be in BIG trouble. (5, Interesting)

meringuoid (568297) | more than 8 years ago | (#14051737)

The Computer Misuse Act, 1990 [opsi.gov.uk]

3.(1) A person is guilty of an offence if
(a) he does any act which causes an unauthorised modification of the contents of any computer; and
(b) at the time when he does the act he has the requisite intent and the requisite knowledge.
(2) For the purposes of subsection (1)(b) above the requisite intent is an intent to cause a modification of the contents of any computer and by so doing
(a) to impair the operation of any computer;
(b) to prevent or hinder access to any program or data held in any computer; or
(c) to impair the operation of any such program or the reliability of any such data.

I think First4Internet's little toy is designed to prevent or hinder access to programs and data held in a computer, don't you? And I really doubt that their click-through EULA constitutes authorisation to do so; it was fraudulently claimed that the Software was necessary to play the music, which was a plain lie as is shown by every Linux and Apple machine that plays it just fine without the rootkit installed.

I might add that even though these discs are not available in the UK, the Computer Misuse Act still holds [opsi.gov.uk].

Anyone know if we could possibly get Inspector Knacker to take a look at these felonious fellows?

Re:Stranger and stranger (1)

AvitarX (172628) | more than 8 years ago | (#14051745)

Sony violated the (L)GPL just as much. It is the distribution that breaks the GPL ans Sony distributed many many copies.

Re:Stranger and stranger (5, Insightful)

replicant108 (690832) | more than 8 years ago | (#14051747)

Sony will never say that they're responsible for it. After all, they merely licensed the copy protection scheme from First 4 Internet.

Actually, Sony were responsible for distributing the software.

That's why they're in trouble.

pissing contest. (2, Insightful)

leuk_he (194174) | more than 8 years ago | (#14051863)

You buy a cd from sony (or an artist...), not from some spyware compagny. And if f4internet blaimes 1 roque employee, will you accept that as a defense?

No this is far beyond a "vote with your wallet" story. sony BMG broke some laws they though were important for their business model, and now they should bleed for it.

Re:Stranger and stranger (4, Insightful)

harrkev (623093) | more than 8 years ago | (#14051763)

I am not sure that I would come down too hard on Sony for this...

The GPL violations lie firmly on the shoulders of F4I. If Sony did not disassemble the code or inspect the source, they had no way of knowing.

We certainly CAN blame Sony for throwing crap DRM at us in the first place, and we can criticize their PR response to this whole mess. But we cannot blame them for GPL stuff.

And as far as the uninstall fiasco goes, Sony did not write the software, so I am sure that they do not know how to remove it. They have to rely on F4I to supply the uninstall software. But, once again, it IS their fault that they did not pull the uninstall program earlier once the security holes had been found. But Sony is a corporation, with probably 1,000 layers of management, so even that is understandable.

Nice link, guys. (3, Funny)

RandoX (828285) | more than 8 years ago | (#14051577)

That's what I get for actually trying to RTFA, I guess.

Re:Nice link, guys. (0)

Anonymous Coward | more than 8 years ago | (#14051619)

C'mon, Wikipedia is a perfectly cromulent link.

Yeah! (-1, Redundant)

Anonymous Coward | more than 8 years ago | (#14051585)

Third post from the Sun!

I'm suprised that the execs at Sony...... (4, Funny)

8127972 (73495) | more than 8 years ago | (#14051588)

.... still have feet after shooting themselves in the foot so often.

Re:I'm suprised that the execs at Sony...... (1)

Fred Or Alive (738779) | more than 8 years ago | (#14051692)

This isn't Sony though is it? It's the company who provided Sony with the DRM stuff. Although Sony did shoot themselves in the foot by buying the software in the first place...

Re:I'm suprised that the execs at Sony...... (5, Insightful)

'nother poster (700681) | more than 8 years ago | (#14051896)

They are both to blame. Comapany A says "Since a lot of companies want DRM, we'll give them some DRM. Who cares if it's a stupid and possibly illeagal implimentation, it will make us a buttload of cash." Company B comes along and says, "That's just what weve been looking for! We have no idea how it really works, and we don't care, but you buy a great lunch and the presentation used all of our required buzzwords."

"First 4 Internet" are idiots for thinking they were more clever than several million computer geeks around the world. Sony are idiots for not throughly researching exactly what the software they licensed did, and how it did it, as well as thinking they had some right to do as they wish with someone elses property.

Re:I'm suprised that the execs at Sony...... (0)

Anonymous Coward | more than 8 years ago | (#14051762)

Lamest. Joke. Evar.

lol @ sony (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#14051590)

lol @ sony

they really managed to screw themselves over.. .

ugh (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14051591)

ugh!!!

A share of profits? (5, Interesting)

RobinH (124750) | more than 8 years ago | (#14051593)

This is GPL'd code, not LGPL'd, right?

Anyway, DVD John can actually sue Sony for all *revenue* that Sony made from the sale of the CDs, if I'm not mistaken (not just profits). That would grab them where it hurts!

Re:A share of profits? (1)

HerculesMO (693085) | more than 8 years ago | (#14051650)

And then he could reinvest THAT money to fight DRM in his usual fashion.

Hopefully the CDs sold a LOT of copies so he gets a LOT of money and thus fuels the fight against DRM, and pushes for cheaper prices on music as a whole.

Either that or he can buy hookers and booze. I imagine with all that coding he might get a little bored.

Re:A share of profits? (4, Insightful)

RobinH (124750) | more than 8 years ago | (#14051669)

Actually I might be thinking patent infringement there. Seems like in a copyright case they could sue for statutory or actual damages if the material has been registered with the copyright office. The statutory damages might be $750 to $30,000 per infringement, but a judge can go above or below those numbers. Actual damages requires you to prove loss of income, which would be difficult in this case, since the code is distributed freely (in the sense of beer).

Re:A share of profits? (2, Insightful)

AvitarX (172628) | more than 8 years ago | (#14051779)

Except if there was a price he was willing to sell the code for rights to use in a closed source app that price would be the damages, no matter how crazy the price was, since it is in a closed source app and he got nothing.

Re:A share of profits? (2, Funny)

arootbeer (808234) | more than 8 years ago | (#14051788)

So he could sue them for loss of income in beer terms?

"Your honor, the actions of the defendant cost my client over 31,423 kegs, 3 cases, 2 20 oz cans, and 1.3 12 oz cans of lost beer. We are requesting monetary compensation of $1,000,000 in order that my client can recreate that stash. We have not asked for damages regarding lost time as we feel that, had my client actually had the aforementioned amount of beer, he likely would have done less work in the interim, not more."

Re:A share of profits? (1)

ZachPruckowski (918562) | more than 8 years ago | (#14051790)

Well, there are at least 20+ infringements. And if this gets before a jury, said jury will hear "Sony is breaking your computer with stuff they stole from me that wasn't supposed to do that." And hand over the dough. But if he only gets 30k a pop, there are at least 20 CDs, so that's only $600k.

Re:A share of profits? (1)

RobinH (124750) | more than 8 years ago | (#14051856)

That's interesting. IANAL, so is it one infringement per album, or one per CD sold? It seems to me that if it's one per album, then he's better off claiming actual damages (like a previous poster said), and suing them for some reasonable licensing fee that he would have been paid if he had decided sell licenses.

On top of that, this means first 4 internet needs to publish the entire source code of their product to remain compliant under the GPL, or they could be sued for the revenues they got from Sony too.

Re:A share of profits? (2, Interesting)

daviddennis (10926) | more than 8 years ago | (#14051860)

The damages are near limitless.

$30,000 per infringement means $30,000 per sale of each CD. This is how they got to such huge damage claims in the peer to peer wars.

Sony's in genuine trouble on this one, and no matter what they look like hypocrites.

I have the strangest feeling DVD Jon's current boss knows a few good lawyers, so this won't be swept under the rug.

D

Re:A share of profits? (1, Insightful)

Professor_UNIX (867045) | more than 8 years ago | (#14051711)

Anyway, DVD John can actually sue Sony for all *revenue* that Sony made from the sale of the CDs, if I'm not mistaken (not just profits). That would grab them where it hurts!

I think Sony already got the message since they're recalling all those CDs. I wouldn't blame Sony too much since they're just trying to stop pirates from copying their music, but they should've done a more thorough job of investigating the technology that First 4 Internet uses to accomplish that.

Re:A share of profits? (5, Insightful)

Anubis350 (772791) | more than 8 years ago | (#14051857)

I wouldn't blame Sony too much since they're just trying to stop pirates from copying their music

*I* would. Are you seriously saying that if they committed copyright infringement to prevent copyright infringement it's ok because they're preventing copyright infringement? And that rootkitting thousands of machines worldwide is perfectly fine because "they're just trying to stop pirates"? wow! I want what you're smoking!

Re:A share of profits? (5, Interesting)

Alchemar (720449) | more than 8 years ago | (#14051739)

If it is GPL code then wouldn't it make the EULA unenforcable under the cannot add other restrictions clause?

Let it be and Sony will reign in the RIAA (1, Interesting)

Anonymous Coward | more than 8 years ago | (#14051749)

If I were Jon, I'd see this as a simple question of aquiring legal immunity. When Sony (a member of RIAA) knows that they're going to face a multi-million dollar lawsuit the very minute the RIAA trespasses onto him again, they'll make sure that it won't happen. Jon can live forever happily in the knowledge that he can code whatever the hell pleases him, and Sony gets to walk away (somewhat) unblemished.

Re:A share of profits? (0)

Anonymous Coward | more than 8 years ago | (#14051828)

I hope all the DVD Jon will do is ask Sony to stop distributing the thing. Or, if they insist on distributing it, that they should make source code available.

Re:A share of profits? (1)

Pakaran2 (138209) | more than 8 years ago | (#14051854)

Would the artists then get nothing? Or would Sony have to pay them out of other income? Unfortunately, knowing the executives involved, I wouldn't be too surprised if DVD Jon dies in a tragic accident in the next couple weeks.

Who guessed it? (5, Interesting)

OxygenPenguin (785248) | more than 8 years ago | (#14051594)

I said right off the bat, that the Sony DRM package would be full of other's code. Seems to me that Sony hired some blackhats to get the job done for them. Violating the GPL is definitely the least of their worries, but just another strike against what is becoming an increasingly corrupt music giant.

Re:Who guessed it? (0)

Anonymous Coward | more than 8 years ago | (#14051643)

im not sure how more increasingly corrupt you could be than working with the devil.
but more obviously corrupt? (or do i mean overtly?) so corrupt that they just cant keep it a secret any longer?

Re:Who guessed it? (1)

ObsessiveMathsFreak (773371) | more than 8 years ago | (#14051746)

Seems to me that Sony hired some blackhats to get the job done for them.

Given how this has affected sony, I think it's more likely these were whitehats in disguise!

Re:Who guessed it? (2, Funny)

PhineusJWhoopee (926130) | more than 8 years ago | (#14051805)

Seems to me that Sony hired some blackhats to get the job done for them.

You misspelled "asshats". Hope this helps.
ed

Are there no depths... (1)

Billosaur (927319) | more than 8 years ago | (#14051615)

...to which Sony will sink. Can you say "lawsuit?" Can you say "royalties?"

But again, just goes to show that protected software and software patents and such are all nonsense. Doesn't matter who it is, hacker or corporation, people are out there using other people's work without just compensation or recognition. It's only going to get worse.

PS3 vs. XBOX360 (1, Troll)

Work Account (900793) | more than 8 years ago | (#14051616)

WOW, I can't believe how much Sony has screwed themselves here with this rootkit.

Just out of curiousity, please reply to this comment stating which game console you are going to buy and if this rootkit has changed your decision.

I initially was going to wait for PS3 but now I am boycotting Sony and will be getting a 360 in a week or so.

Re:PS3 vs. XBOX360 (4, Funny)

meringuoid (568297) | more than 8 years ago | (#14051640)

I initially was going to wait for PS3 but now I am boycotting Sony and will be getting a 360 in a week or so.

Dumping PS3 in favour of 360 because you think Sony's evil is kind of similar to dumping Saruman in favour of Sauron.

Personally, I'm rather taken with that nifty new controller they're putting on the Revolution...

I'll wait for the ps3 (1)

serverleader (718422) | more than 8 years ago | (#14051680)

there is no reason for me to boycott sony music.... since the ps3 is not made by them. i'll just wait.... for my ps3 .... fuc* M$ the have done worst!!! I'm so not getting a 360....

Re:PS3 vs. XBOX360 (1)

tomstdenis (446163) | more than 8 years ago | (#14051698)

Sony Music != SCEA.

They're different companies owned by Sony of Japan.

And for the record, MS is just as "evil" as Sony. So the news about this particular stupidity is nothing beyond what MSFT is capable of.

I'll buy the PS3 and the 360 because I have a "job" and can afford to do things like that. :-)

Tom

Re:PS3 vs. XBOX360 (0)

Anonymous Coward | more than 8 years ago | (#14051883)

Seems you have a "job" but no "girlfriend" or "life".

Tom

Re:PS3 vs. XBOX360 (1, Interesting)

Anonymous Coward | more than 8 years ago | (#14051723)

That's completely retarded. The people responsible for the PS3 most likely have absolutely nothing to do with any of this. You might as well boycott all companies based in Japan since Sony is based in Japan. Or better yet, boycott all companies everywhere since buying anything could potentially improve the economy, which would help out Sony.

Re:PS3 vs. XBOX360 (1)

thouth (815259) | more than 8 years ago | (#14051800)

Just out of curiousity, please reply to this comment stating which game console you are going to buy and if this rootkit has changed your decision. I initially was going to wait for PS3 but now I am boycotting Sony and will be getting a 360 in a week or so.

Oh definatly get a 360. Microsoft has such a flawless history.

Re:PS3 vs. XBOX360 (1)

Xugumad (39311) | more than 8 years ago | (#14051816)

Certainly, not buying a PS3 this side of Sony showing an understanding that backstabbing their customers is a bad idea. I'm specifically not going to say that I won't buy a PS3, because that would leave Sony no motivation to change (after all, if they can't get more money by convincing me they've changed, why would they?). To respond to various other messages I've seen on this subject:

Sure the PS3 is made by a while different branch, but clearly this kit has the backing of the higher ups, or we'd have seen "Oh, sorry, err, rogue guy in music, we'll make sure it doesn't happen again" articles shortly after this was found.

Microsoft may not be any less evil per se, but at least they're open about DRMing you senseless - I don't feel like I'm going to get any sudden nasty shocks from their stuff, y'know? I'd go Nintendo, but am just not terribly interested in the games they tend to have, however I'm certainly willing to reconsider if they do start releasing more games that appeal to me.

Re:PS3 vs. XBOX360 (1)

mikael_j (106439) | more than 8 years ago | (#14051853)

I was considering buying a Nintendo Revolution, and this whole thing has just made me decide to not under any circumstances buy a Playstation 3 (or a PSP).

/Mikael

Re:PS3 vs. XBOX360 (0)

Anonymous Coward | more than 8 years ago | (#14051855)

Well, I realise that the ps3 is made by a different sub division.

I want to wait to see if the ps3 or xbox360 will require some new form of display connection ... Since Blu-Ray is supposed to downsample if thrown over an unencrypted channel, it may well be a dealbreaker for me.

I don't pirate games, or mod my systems so it doesnt particularly affect me, but it is the principle of the matter I object to ... Either way the Nintendo Revolution is a definate buy, the others can wait a year or two more likely ...

DVD Jon has gone 404!!! (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14051617)

Link is broken, asswipe!

Isn't that doubly illegal? (4, Interesting)

meringuoid (568297) | more than 8 years ago | (#14051620)

They've simultaneously violated DVD Jon's copyright on his code, and (in distributing it in the USA) violated the DMCA to boot!

Sony ought to be in some severely deep shit here. Of course they're a corporation, so they're mostly above the law, but we should still be able to get something to stick.

Re:Isn't that doubly illegal? (2, Insightful)

jim_v2000 (818799) | more than 8 years ago | (#14051654)

Sony will get a slap on the finger, if even that much. CD's aren't the only thing they sell, and really, for most people the whole rootkit thing doesn't matter. Heck, you still have to be pretty tech savvy to understand what the whole thing is about. I doubt this whole thing is on the top of Sony's list of issues...at least not for the company as a whole.

Re:Isn't that doubly illegal? (4, Interesting)

Albanach (527650) | more than 8 years ago | (#14051785)

Actually if the software came from first4internet and first4internet are based in the UK then this could be interesting.

Under UK law copyright infringement is a criminal offence - in other words, report it to the police and they are obliged to investigate.

So if the copyright holder were to let the police know of their concerns and supply some evidence, the company that authored the software could have an interesting visit.

Sony isn't the only one to lambaste here (4, Insightful)

Gnascher (645346) | more than 8 years ago | (#14051628)

Rember, Sony purchased the rootkit from first4internet. They wrote the software that is abusing the GPL.

Most folks don't review the sourcecode of software they purchase to determine if its license-tree is clean.

Sony definitely made a truly dumb move by utilizing this DRM software (and several other dumb moves subsequently), but lets not let First4Internet off the hook either.

Re:Sony isn't the only one to lambaste here (5, Funny)

LiquidCoooled (634315) | more than 8 years ago | (#14051664)

1st4: "We have this super code which stops 'teh kiddies' from copying"

Sony: "Cool, lets see."

1st4: "Its already on, go ahead try and copy it"

Sony: "Oooooooh, and they won't find it will they?"

1st4: "Never. We are teh elite blackhats."

Sony: "Ok be quiet about that one, when you you be ready to ship?"

Re:Sony isn't the only one to lambaste here (1)

Moby Cock (771358) | more than 8 years ago | (#14051694)

I'm pretty sure first4internet is a British company so they are 'safe' from the DMCA. Sony, however, probably will get a blast of shit in the US as a result. Although, I expect first4internet are in for a bit of a revenue decline in the next quarter of two. A firm 'sell'.

Re:Sony isn't the only one to lambaste here (1)

F_Scentura (250214) | more than 8 years ago | (#14051754)

"I expect first4internet are in for a bit of a revenue decline in the next quarter of two"

I'm more of a cynic than you, and believe that once they "get their act together" in the eyes of the corporate world, the can do ten times as much business as they are due to all the attention.

Re:Sony isn't the only one to lambaste here (1)

Pakaran2 (138209) | more than 8 years ago | (#14051880)

First4internet is only safe from the DMCA if they don't mind having a judge confiscate all their assets (e.g. source code) in the US and then bar them from doing business here until they pay the rest of the judgement.

Re:Sony isn't the only one to lambaste here (4, Interesting)

l2718 (514756) | more than 8 years ago | (#14051708)

Not quite true -- Sony is "distributing" the software as defined by the GPL. Moreover, the work was preformed by First4Internet as agents of Sony. These both seem to indicate they are liable. On the DMCA side, they are "trafficking" in an anti-circumvention device (assuming the software does actually activate the codepath in question).

Re:Sony isn't the only one to lambaste here (1, Informative)

schon (31600) | more than 8 years ago | (#14051773)

he work was preformed by First4Internet as agents of Sony

BZZT! Thanks for playing.

This software is First4Internet's *PRODUCT*, which they are licensing to Sony. They will license it to anyone who pays for it.

These both seem to indicate they are liable.

Liable for what, exactly?

Did Sony knowingly violate the LGPL? No.
Did Sony intend to commmit copyright infringement? No.
Is Sony still distributing the software? No.
Did the software authors register their copyright? No.

Sony is not legally liable for any copyright violation, and as they didn't know that the code wasn't First4Internet's, then they're not even in violation of the *spirit* of the LGPL, either.

Re:Sony isn't the only one to lambaste here (1)

_LORAX_ (4790) | more than 8 years ago | (#14051734)

Then SONY can sue First4Internet after they loose thier court case against the developers of the software.

Re:Sony isn't the only one to lambaste here (1)

ZachPruckowski (918562) | more than 8 years ago | (#14051751)

Of course not, First4Internet ought to get grilled too, but I think there are two factors here that focus our attention on Sony.

1) There is a complex legal term called deep pockets. Basically, it's a bad idea to go after First4Internet for money, because they probably have less of it than Sony. Therefore, the lawyers want to make Sony out to be the primarily guilty party.

2) Then there is what I would like to call the "WTF factor". We sort of expect crazy stuff from F4I, because they are after all a shady company, at least AFAIK. Sony, however, is supposed to be a "good guy". I mean, obviously we think the whole RIAA/MPAA membership thing is a cartel and Sony is lobbying to take away our rights, but we didn't think they were this bad of a company.

Re:Sony isn't the only one to lambaste here (1)

TerminaMorte (729622) | more than 8 years ago | (#14051807)

Most folks don't review the sourcecode of software they purchase to determine if its license-tree is clean.

I can't speak for all companies (and neither can you), but the company I work for DOES check to make sure the software they purchase is license-free, if they plan on redistributing it. It's less costly to have programmers and lawyers look over the code, than to get sued later on under the DMCA.
 
Sony was foolish for not doing so, and now they'll be forced (hopefully) to pay for it.

Re:Sony isn't the only one to lambaste here (1, Informative)

Anonymous Coward | more than 8 years ago | (#14051813)

Comence email:

http://www.first4internet.co.uk/contact.aspx [first4internet.co.uk]

By Email
info@first4internet.co.uk
sales@first4internet.co.uk
webmaster@first4internet.co.uk

By Phone
Tel: +44 (0)1295 255777
Fax: +44 (0)1295 262682

Re:Sony isn't the only one to lambaste here (1)

Simonetta (207550) | more than 8 years ago | (#14051829)

When a company with 9 figures in sales buys code from a company with 5 figures in annual sales, they get to look over the source as much as they like. And 'suggest' changes. And be responsible for the results.

I'm beginning to wonder... (2, Insightful)

eth1 (94901) | more than 8 years ago | (#14051836)

...if some clever programmers at First4Internet with an agenda did this on purpose.

It was obviously a golden opportunity to bring the whole DRM BS to a head.

If that's the case, bravo!! :)

Re:Sony isn't the only one to lambaste here (1)

dfung (68701) | more than 8 years ago | (#14051843)

I'd be curious to how due dilligence is done on a product like this, especially how it would be scanned for GPL'ed code. The availability of source code or a guide to walk the reviewer through it is probably even more highly restricted when you're talking about security/DRM stuff like this. The purchaser is buying this software so they don't have to develop it internally and their internal resources are unlikely to be as expert at this as the vendor. Sony could hire another DRM firm to review it, but of course, first4 would never go for having their source reviewed by a competitor.

I don't know how big first4 is, but the problem here is the closely-related inverse of the SCO/IBM battle. There exists two worlds of code and transfers between them are dangerous grounds at this point. The big difference here is about visibility - if proprietary code has been illegally integrated into an open codebase, then that will be visible to the world. When GPL code is illegally integrated into proprietary code then it's only by happenstance that it will be uncovered as it has been here. first4 has fallen prey to the temptation of cribbing and ultimately stealing from the GPL to save some time and sought to obsfuscate to cover their tracks. How many thousands of products are like this to one extent or another today?

The way big corporations protect their own interests here is partly by having a big enough stick to have an opportunity to do a source review, perhaps with an external expert but mostly they do this by industrial-strength indemnification clauses in their contracts that are triggered by functional flaws or copyright/GPL infractions. first4 is already burnt toast on this - they easily could be sued for the full costs of the recall, legal fees. But it's the damage to the SonyBMG name that would be most costly, I think. If this is a smaller company, then Sony will torch the company and their insurers. And if turns out that they're not able to pony up, I suspect that they will start torching the chain of SonyBMG employees all the way up the chain that selected the vendor and strategy.

Wow. Just WOW. (5, Insightful)

iainl (136759) | more than 8 years ago | (#14051648)

From the Sony binary file:

"pbclevtug (p) Nccyr Pbzchgre, Vap. Nyy Evtugf Erfreirq."

ROT 13 it, and you get

"copyright (c) Apple Computer, Inc. All Rights Reserved."

You couldn't make it up, could you?

Re:Wow. Just WOW. (1)

meringuoid (568297) | more than 8 years ago | (#14051668)

Seriously?

I don't have a copy of the rootkit myself, but... wow. Just wow. First4Internet covered up their naughtiness with rot13?

That's incompetence not seen since the heyday of Wile E. Coyote.

Re:Wow. Just WOW. (5, Informative)

iainl (136759) | more than 8 years ago | (#14051696)

The string is there because it's part of DVD Jon's code for stripping the DRM out of iTunes files, but yes - it's there all right. Matti Nikki points out the relevant offset in the article.

Re:Wow. Just WOW. (0)

Anonymous Coward | more than 8 years ago | (#14051864)

Oh, shit. I laughed so hard I woke up the neighbor's dog.

Shit, oh, shit.

Contest (4, Funny)

saskboy (600063) | more than 8 years ago | (#14051678)

I think the EFF should dream up a contest, and the most crazily ironic story involving DRM, copyright, and the law would win a prize.

Oh, too late! Sony already wrote the best story, and it's actually happening before our eyes! Truth is stranger than fiction. And Sony wins many massive lawsuits. Err, I mean they lose them, the prize is they get sued.

Good news! (3, Funny)

Sam H (3979) | more than 8 years ago | (#14051752)

Not that I could not before, but I can now copy and download all the Sony CDs I want without fearing a lawsuit. They apparently don't care about intellectual property.

Weird (0, Interesting)

Anonymous Coward | more than 8 years ago | (#14051767)

It's as if the First4Internet purposely created the most vile collection of stolen snippets and sold it to Sony. How much did they get paid for this poison pill? They may have done it on purpose. Is it malice or incompetence?

I can't help, and I know I'm not the only one.... (2, Interesting)

HerculesMO (693085) | more than 8 years ago | (#14051776)

laughing my ass off. I am sitting at work reading this and busting out in laughter. Granted, I can't explain this idiocy to near anybody at work and it's a totally 'nerd' joke, but you know what... it's DAMN funny!

Is it actually using the code? (3, Insightful)

91degrees (207121) | more than 8 years ago | (#14051782)

It could just be using extracts to identify the software. I mean, why would they want LAME and DeCSS on their CDs? They have no use. We don't need an MP3 encoder because any compressed copies will be already encoded in a DRM format. They really don't need to decode iTunes songs.

If these are small segments, used for identifying and diabling the software, then the copyright defence could be fair use. And there's no way I'll say that copyright shoudl prevent this.

Is the DVD Jon code executed? (4, Interesting)

logicnazi (169418) | more than 8 years ago | (#14051804)

So I looked through the links and while one of the discoverers made it quite clear that the LAME code is not being used as data (never refereced). However, it was unclear to me if that was true for the DVD Jon code.

I mean the DVD john code seems like exactly the sort of thing one might want to search for on someone's computer to stop pirating. If indeed it is used only to identify the code it may be covered under fair use. It's an interesting legal question that I vaguely remember came up in virus/worm/spyware cases. Namely can a malware writter use some kind of simple code modification method to foul up simple hashes and then insist his copyright prevents anti-virus manufacturers from including large enough parts of the malware code to accurately detect it.

It might not be pleasent but if it's fair for the good guys to use code under fair use for detection then the bad guys get to do it as well.

Which reminds me I don't even remember the legal status of this DVD Jon code in the US. Is it illegal under the DMCA? Does this deny it copyright protection or a different measure.

Thank you, Sony! (4, Funny)

Stormwatch (703920) | more than 8 years ago | (#14051824)

This is like watching a comedy movie, except I didn't have to pay for a ticket!

(wait, does it mean MPAA will come after me?)

Soon to come (3, Funny)

Anonymous Coward | more than 8 years ago | (#14051827)

press releases here stating [xcp-aurora.com]:
* First4internet loses Sony BGM as customer
* First4internet cancels XCP development
* Due to First4Internet's huge liability claims, First4Internet closes its doors
...
* First4Internet bought by Microsoft
...
* Profit ?

Ah, but who put it there? (4, Funny)

mustafap (452510) | more than 8 years ago | (#14051837)


I assume that some grey, suited MBA type didn't put this code in. A geek did. Following on from that, they are almost certainly slashdot readers....

Does anyone have something they would like to tell us? ;o)

To understand recursion ... (4, Funny)

AnriL (657435) | more than 8 years ago | (#14051849)

... one must first understand recursion.

Sony uses rootkit to enforce DRM which incorporates code to circumflect DRM and thus can sue itself under the DMCA. C'mon! If this gets any more convoluted or self-referential, either the universe will explode (and be replaced with something even more complicated) or Sony will disappear in a puff of logic.

So let me get this straight... (3, Funny)

acidblood (247709) | more than 8 years ago | (#14051879)

When some cheapskate downloads copyrighted MP3s from a P2P network, it's `copyright infringement', but when Sony uses GPL'd code it's `stealing', right?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...