Sony BMG And The Art Of Too Little, Too Late: Finally Agrees To Pull Rootkit CDs
from the really-want-to-stop-writing-about-this-story dept
The Sony BMG rootkit fiasco gets worse every day. However, the latest shows how badly Sony continues to react to the problem. When it first was noticed they didn't do much until the outcry got loud enough -- and then defiantly said it didn't cause a security problem while offering a very minimal patch that actually made the situation worse. Basically, they did as little as possible, while hoping that by saying they released a patch and telling everyone not to worry, the story would blow over. It didn't. And, as things continued to get worse and Sony BMG looked more and more ridiculous, the company again did as little as possible: saying they would stop putting out new CDs with the rootkit, but not apologizing, not pulling the rootkitted CDs from store shelves, and not offering any way to return the problem CDs. Instead, they just offered a removal tool, that we learned earlier today is actually a serious security hole on its own. So what does Sony BMG do now that the heat still hasn't gone away? They finally agree to pull the CDs from stores and offer a swap for people who bought the problematic CDs. All along, the pattern has been the same. Deny as much as possible. Never actually apologize. Do as little as possible to fix the problem and hope that the attention dies down. The move that they're doing now is what they should have done from the very beginning (with an apology), but instead they tried to do everything to deny there was a problem and stonewall.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Sony could learn something from the yakuza...
[no, I only watched KILL, BILL VOL 1]
[ link to this | view in chronology ]
Spread the Message.
I am, and I'm contacting my Senator and letting him know how horribly Sony dealt with this problem and how nobody likes the way the RIAA and Hollywood is treating all of us. I'll also tell him that if it does stop we won't do business with these groups anymore.
If all of us of voting age did this watch what happens with the RIAA and Hollywood. The almighty dollar talks, and if their revenue is treatened because we won't take it anymore just watch how fast they cave in.
[ link to this | view in chronology ]
Re: Spread the Message.
[ link to this | view in chronology ]
graphic
[ link to this | view in chronology ]
Re: graphic
[ link to this | view in chronology ]
No Subject Given
[ link to this | view in chronology ]
they probably anticipated the expose
Part of the problem may be a lack of net-savvy people in the upper ranks of the media companies. These guys are network programmers, lawyers and financial people. For instance this guy:
http://www.usatoday.com/educate/college/careers/CEOs/6-13-05b.htm
[ link to this | view in chronology ]
No Subject Given
Too bad, Bruce. Your label has just lost you a lot of sales.
Jim
[ link to this | view in chronology ]
No Subject Given
[ link to this | view in chronology ]
what are the sony email addy's
[ link to this | view in chronology ]
Re: what are the sony email addy's
Who gives a shit? It's not important enough for me to clue Sony in to the way customers should be treated. They had the chance to do the right thing, and they fucked it up big time. They will find out that I'm not buying the products when they see the sales dip this Xmas.
[ link to this | view in chronology ]
Re: what are the sony email addy's
If you really want to make yourself heard, send a snail mail letter and copy your state's politicians on it. And do it properly, not internet flame style - that will just get your letter filed to the trash by an intern :) There are plenty of form letters out there that you can find about how to effectively file a complaint.
[ link to this | view in chronology ]
Re: what are the sony email addy's
(1) Don't mail your letter(s) until the day after you write them; then check them again first.
(2) Be very polite.
[ link to this | view in chronology ]
MS to remove rootkit...
[ link to this | view in chronology ]
No Subject Given
[ link to this | view in chronology ]
Using Sony's own rootkit to DDoS them
[ link to this | view in chronology ]
Rootkit
I feel so sorry for the artists you have now. Their sales are about to take a major hit. Way to think about them when you were saying you did nothing wrong. I hope you weren't planning me buying a PS3.
[ link to this | view in chronology ]
Re: Rootkit
I will stick with an Xbox 360.
[ link to this | view in chronology ]
hmmm interesting...
Anyone ever had a shitty relationship with a person fitting these characteristics? Sounds like immaturity to me...
[ link to this | view in chronology ]
Boycott Sony.
[ link to this | view in chronology ]
shift key
[ link to this | view in chronology ]
Sony MediaMax spyware damages DVD writer functiona
when I tried to alert them to the problem caused by MediaMax software being
totally incompatible with Windows XP Media Center on their Sony VAIO desktop
'puter. The idiots had the nerve to speculate that I might have a defective
music CD from their own plant. What yahoos!!!!!
Dan
----- Original Message -----
From: "SOS"
To:
Sent: Monday, November 21, 2005 7:45 AM
Subject: Re: VGC-RA820G (KMM15618491I21924L0KM)
> Daniel Talbot,
>
> Thank you for contacting Sony Online Support.
>
> You have reached the Sony Electronics product support team. Unfortunately
> we do not have the resources required to assist with Sony Music BMG
> Entertainment products. We would recommend you contact the division of
> Sony BMG responsible for providing the support for your product. Their
> contact information will be printed on the Jewel case insert of your CD.
>
> TIP: If you believe you have faulty CD media, please contact
> their quality team for replacement at: 800-255-7514.
>
> Sony Music / BMG
> 550 Madison Ave.
> New York, NY 10022
> http://www.sonymusic.com/feedback
>
> Thank You,
>
> Your Sony Email Response Team
> CC2S
> Mike
>
>
> This message and any attachments are solely for the use of intended
> recipients. They may contain privileged and/or confidential information.
> If you are not the intended recipient, you are hereby notified that you
> received this email in error, and that any review, dissemination,
> distribution or copying of this email and any attachment is strictly
> prohibited. If you receive this email in error please contact the sender
> and delete the message and any attachments associated therewith from your
> computer. Your cooperation in this matter is appreciated.
>
> Original Message Follows:
> ------------------------
> Email Address: ttechcorp@earthlink.net
> Recip : sos
> Future Mail : No
> Name : Talbot, Daniel
> Address : 1 Dean Street
> :
> : Hudson, MA 01749
> Phone : 978-562-5820
> Model/SN : VGC-RA820G / 3000614
> OS : Windows XP
> Hardware : DVD/DVDRW Drives
> Issue : Compatibility With Another Sony Product
> Type : Support
> :
> Message : Microsoft defines SunnComm's MediaMax software as
> "Malware". MAL for malformed (or for malicious, take your pick).
> Microsoft is planning a removal tool to find and delete this module.
> Trend Micro's Anti-Spyware (and many others) does NOT find this problem
> code. This piece of "malware" or spyware is insidious because it is so
> poorly written that although it is not intended to be a virus, hackers can
> find it and exploit it to cause havoc on your computer.
>
> It has caused my corporate computer to intermittently lock up. The
> symptom is the DVD writer drive light comes on and stays on periodically,
> preventing any use of the computer while this is happening. I should sue
> SONY and SunnComm (MediaMax). There is plenty of info to support a
> lawsuit if I could find the time. Want to know where this code comes
> from? You buy a PAID copy of a Sony CD. You want to listen to it on your
> computer, so you insert it into a CD or DVD drive. Before you can give
> your consent, it installs a small program to "phone home" whenever you
> play a copyrighted CD or DVD (assuming you're a pirate, even though you
> PAID for the stupid thing!). Fine, except that this violates law. You
> haven't consented to the installation (so the subsequent EULA,
> "end-user-license-agreement" is probably non-binding). And it hides
> itself in your system folder.
>
> In my case, I was convinced the problem was hardwaare, and called tech
> support for my computer, which is, guess what, a SONY !!!! They agreed
> with my bad diagnosis that it was my DVD drive at fault, and sent a repair
> person out here to replace it, which he did. For one day, I thought the
> problem was fixed, but the next day it resurfaced. Then I remembered
> having played a CD from SONY which autoloaded something on my screen. So
> I found that CD, looked more carefully at what the messages were, and it
> said "MediaMax" proudly displayed at the top of the menu. Go do a Google
> seaarch on this and you will be horrified. The only way to completely
> un-install it is to reformat the hard drive, but you can cripple it by
> deleting some files from your system.
>
> The irony of this is the fact that SONY's own tech support for its VAIO
> computer line was unaware of this malware, and so it spent internal money
> trying to fix a problem which another division of its bloated organization
> caused !!! Don't say I didn't send you a valuable warning. Be careful
> about inserting any SONY or RCA/BMG CD or DVD's into your machine unless
> you have time to burn trying to salvage proper functioning of your 'puter.
>
> Regards,
> Dan Talbot, President
> Talbot Technology (T-TECH) Corp
> 1 Dean Street / PO Box 151
> Hudson, MA 01749
>
> electronics engineering consultants
>
> web: www.ttechcorp.com
> web: www.talbtech.com
>
> phone: (978) 562-5820
>
>
[ link to this | view in chronology ]
e invented a new portable nintendo thing!!!!!!!
i have invented the PSTS it is a Play Station Touch Screen!if u give my your mail address i can give you pictures of it for you!so can you email me back and give me your mail address i can send you some pictures of it in the mail!!!!you don't have to create it this year.if you decide games for them could i have THESE GAMES,nintendogs,super mario 64,animal crossing,mariokart,harvest moon,underground and
dogz! if you invent it could send me one with nintendogs and mariokart please!i'm not saying you have to invent it i'm just saying i would love it if you did!!!!!!!!!
please could you try to invent it!!!!!!!
taylor
[ link to this | view in chronology ]