Sony BMG And The Art Of Too Little, Too Late: Finally Agrees To Pull Rootkit CDs
from the really-want-to-stop-writing-about-this-story dept
The Sony BMG rootkit fiasco gets worse every day. However, the latest shows how badly Sony continues to react to the problem. When it first was noticed they didn't do much until the outcry got loud enough -- and then defiantly said it didn't cause a security problem while offering a very minimal patch that actually made the situation worse. Basically, they did as little as possible, while hoping that by saying they released a patch and telling everyone not to worry, the story would blow over. It didn't. And, as things continued to get worse and Sony BMG looked more and more ridiculous, the company again did as little as possible: saying they would stop putting out new CDs with the rootkit, but not apologizing, not pulling the rootkitted CDs from store shelves, and not offering any way to return the problem CDs. Instead, they just offered a removal tool, that we learned earlier today is actually a serious security hole on its own. So what does Sony BMG do now that the heat still hasn't gone away? They finally agree to pull the CDs from stores and offer a swap for people who bought the problematic CDs. All along, the pattern has been the same. Deny as much as possible. Never actually apologize. Do as little as possible to fix the problem and hope that the attention dies down. The move that they're doing now is what they should have done from the very beginning (with an apology), but instead they tried to do everything to deny there was a problem and stonewall.
Reader Comments (rss)
(Flattened / Threaded)
Sony could learn something from the yakuza... by Michael Vilain on Nov 14th, 2005 @ 11:42pm
Just have every senior-level VP involved--hell, why not all of them--cut off their pinkies. Any with no pinkies left comits sepuku or kills their first born or spouse or watches both these events and is killed afterward.
[no, I only watched KILL, BILL VOL 1]
(reply to this comment) (link to this comment)
graphic by Boo on Nov 15th, 2005 @ 12:51am
you guys are going to have to come up with a new graphic / topic heading just for this sony saga. I suggest the sony logo spelt wrong ;p
(reply to this comment) (link to this comment)
Spread the Message. by Michael "TheZorch" Haney on Nov 15th, 2005 @ 12:57am
Spread the message, let the RIAA know that we aren't taking their crap anymore. Let them know we're tried of being treated like criminals or that as their customers we don't matter. Let them know we are tired of them violating our rights.
I am, and I'm contacting my Senator and letting him know how horribly Sony dealt with this problem and how nobody likes the way the RIAA and Hollywood is treating all of us. I'll also tell him that if it does stop we won't do business with these groups anymore.
If all of us of voting age did this watch what happens with the RIAA and Hollywood. The almighty dollar talks, and if their revenue is treatened because we won't take it anymore just watch how fast they cave in.
(reply to this comment) (link to this comment)
Re: Spread the Message. by Boo on Nov 15th, 2005 @ 3:10am
I've stopped being angry; I dont care anymore because they are all ultimately doomed anyway unless they change their industry model... there is no room for a third party when artists can deliver directly over the net. The future is open licence music / media with alternative revenue streams. copy protection is not ever going to work. it will continue as a cat and mouse game (actually more like cat and very slow bug game)while open licence media silently overtakes the traditional model.
(reply to this comment) (link to this comment)
No Subject Given by Bob3000 on Nov 15th, 2005 @ 4:31am
It will intesreting to know if Sony's retail numbers will this down this Xmas season and by how much.
(reply to this comment) (link to this comment)
they probably anticipated the expose by nonuser on Nov 15th, 2005 @ 5:00am
when they decided to go with the rootkit approach, but thought they could bully their way out of it. "We're defending our IP", etc.
Part of the problem may be a lack of net-savvy people in the upper ranks of the media companies. These guys are network programmers, lawyers and financial people. For instance this guy:
http://www.usatoday.com/educate/college/careers/CEOs/6-13-05b.htm
(reply to this comment) (link to this comment)
No Subject Given by Jim Beam on Nov 15th, 2005 @ 5:16am
This certainly makes me want to go out and buy CD's, Sony.
Too bad, Bruce. Your label has just lost you a lot of sales.
Jim
(reply to this comment) (link to this comment)
No Subject Given by Anonymous Coward on Nov 15th, 2005 @ 5:49am
I have a Sony Laptop. I used to like the company, but I am now certain that I will never buy anything from Sony anymore
(reply to this comment) (link to this comment)
what are the sony email addy's by sent them a message on Nov 15th, 2005 @ 6:26am
I went to the Sony/BMG site and the names of the executives are easy to find but not an email address. It's all well and good to say that we are not going to buy another Sony product but I'd like to tell that to ANDREW LACK the CEO of Sony/BMG. I've googled Mr. Lack (fill in joke about LACK of scruples here) with nothing that showed an email address. I'm flummoxed, can anyone find the email address of the executives of this division or maybe the email of the CEO of Sony itself. They NEED TO HEAR FROM ALL OF US. How about one of the authors who write these stories, little help....
(reply to this comment) (link to this comment)
MS to remove rootkit... by The Other Mike on Nov 15th, 2005 @ 7:28am
MSNBC.com is reporting that MS will remove the rootkit starting with the December updates. Apparently they pissed in all the wrong pots with this fiasco. When MS has to remove your crap you know you have sunk to an all-time low.
(reply to this comment) (link to this comment)
Re: what are the sony email addy's by Anonymous Coward on Nov 15th, 2005 @ 7:29am
what are the sony email addy's?
Who gives a shit? It's not important enough for me to clue Sony in to the way customers should be treated. They had the chance to do the right thing, and they fucked it up big time. They will find out that I'm not buying the products when they see the sales dip this Xmas.
(reply to this comment) (link to this comment)
Re: what are the sony email addy's by Riley on Nov 15th, 2005 @ 7:36am
Email is not the way to contact business execs... no one makes their email public these days if they actually care about what goes to the address because it gets innudated with spam. This happens to any random joe smoe when a crawler picks up your email address, let alone an exec in a major company with enemies.
If you really want to make yourself heard, send a snail mail letter and copy your state's politicians on it. And do it properly, not internet flame style - that will just get your letter filed to the trash by an intern :) There are plenty of form letters out there that you can find about how to effectively file a complaint.
(reply to this comment) (link to this comment)
No Subject Given by Joe Schmoe on Nov 15th, 2005 @ 7:56am
meh. I actually feel safer visiting a porn site now than listening to a CD.
(reply to this comment) (link to this comment)
Re: what are the sony email addy's by giafly.com on Nov 15th, 2005 @ 8:03am
Riley is right. Here's a mail address (via Slashdot).
(1) Don't mail your letter(s) until the day after you write them; then check them again first.
(2) Be very polite.
(reply to this comment) (link to this comment)
Using Sony's own rootkit to DDoS them by melancolico catrin on Nov 15th, 2005 @ 8:53am
I'm still waiting on a zombie net that will actually take down the Sony site using their own rootkit... poetic justice.
(reply to this comment) (link to this comment)
Rootkit by Jason Hartzog on Nov 15th, 2005 @ 10:02am
Hello sony,
I feel so sorry for the artists you have now. Their sales are about to take a major hit. Way to think about them when you were saying you did nothing wrong. I hope you weren't planning me buying a PS3.
(reply to this comment) (link to this comment)
Re: Rootkit by Grifter on Nov 15th, 2005 @ 11:01am
Yeah, no PS3 or any other Sony product...
I will stick with an Xbox 360.
(reply to this comment) (link to this comment)
hmmm interesting... by thatguy on Nov 15th, 2005 @ 11:02am
"All along, the pattern has been the same. Deny as much as possible. Never actually apologize. Do as little as possible to fix the problem and hope that the attention dies down."
Anyone ever had a shitty relationship with a person fitting these characteristics? Sounds like immaturity to me...
(reply to this comment) (link to this comment)
Boycott Sony. by Javi0084 on Nov 15th, 2005 @ 11:12am
I WAS going to buy a PS3 after the price went down but I am not going to do business with this company ever again. No more Sony products for me.
(reply to this comment) (link to this comment)
Re: graphic by Mike Chantry on Nov 15th, 2005 @ 11:59am
Yeah, maybe they should change the logo to just SORRY instead of SONY! As in ooopppsss, we're sorry we got caught with our pants down and we didn't do anything wrong!
(reply to this comment) (link to this comment)
shift key by mike-ish on Nov 15th, 2005 @ 11:02pm
what's really funny is that turning off AutoRun or using the infamous Shift key override will keep their software off your machine. sharpie marker not included. boycotting Sony until the end of their existence works too. Sony just handed the game console market to M$ for the foreseeable future.
(reply to this comment) (link to this comment)
Sony MediaMax spyware damages DVD writer functiona by Dan Talbot on Nov 21st, 2005 @ 6:16am
Talk about having a banana in their ear, Sony sent me the following reply
when I tried to alert them to the problem caused by MediaMax software being
totally incompatible with Windows XP Media Center on their Sony VAIO desktop
'puter. The idiots had the nerve to speculate that I might have a defective
music CD from their own plant. What yahoos!!!!!
Dan
----- Original Message -----
From: "SOS"
To:
Sent: Monday, November 21, 2005 7:45 AM
Subject: Re: VGC-RA820G (KMM15618491I21924L0KM)
> Daniel Talbot,
>
> Thank you for contacting Sony Online Support.
>
> You have reached the Sony Electronics product support team. Unfortunately
> we do not have the resources required to assist with Sony Music BMG
> Entertainment products. We would recommend you contact the division of
> Sony BMG responsible for providing the support for your product. Their
> contact information will be printed on the Jewel case insert of your CD.
>
> TIP: If you believe you have faulty CD media, please contact
> their quality team for replacement at: 800-255-7514.
>
> Sony Music / BMG
> 550 Madison Ave.
> New York, NY 10022
> http://www.sonymusic.com/feedback
>
> Thank You,
>
> Your Sony Email Response Team
> CC2S
> Mike
>
>
> This message and any attachments are solely for the use of intended
> recipients. They may contain privileged and/or confidential information.
> If you are not the intended recipient, you are hereby notified that you
> received this email in error, and that any review, dissemination,
> distribution or copying of this email and any attachment is strictly
> prohibited. If you receive this email in error please contact the sender
> and delete the message and any attachments associated therewith from your
> computer. Your cooperation in this matter is appreciated.
>
> Original Message Follows:
> ------------------------
> Email Address: ttechcorp@earthlink.net
> Recip : sos
> Future Mail : No
> Name : Talbot, Daniel
> Address : 1 Dean Street
> :
> : Hudson, MA 01749
> Phone : 978-562-5820
> Model/SN : VGC-RA820G / 3000614
> OS : Windows XP
> Hardware : DVD/DVDRW Drives
> Issue : Compatibility With Another Sony Product
> Type : Support
> :
> Message : Microsoft defines SunnComm's MediaMax software as
> "Malware". MAL for malformed (or for malicious, take your pick).
> Microsoft is planning a removal tool to find and delete this module.
> Trend Micro's Anti-Spyware (and many others) does NOT find this problem
> code. This piece of "malware" or spyware is insidious because it is so
> poorly written that although it is not intended to be a virus, hackers can
> find it and exploit it to cause havoc on your computer.
>
> It has caused my corporate computer to intermittently lock up. The
> symptom is the DVD writer drive light comes on and stays on periodically,
> preventing any use of the computer while this is happening. I should sue
> SONY and SunnComm (MediaMax). There is plenty of info to support a
> lawsuit if I could find the time. Want to know where this code comes
> from? You buy a PAID copy of a Sony CD. You want to listen to it on your
> computer, so you insert it into a CD or DVD drive. Before you can give
> your consent, it installs a small program to "phone home" whenever you
> play a copyrighted CD or DVD (assuming you're a pirate, even though you
> PAID for the stupid thing!). Fine, except that this violates law. You
> haven't consented to the installation (so the subsequent EULA,
> "end-user-license-agreement" is probably non-binding). And it hides
> itself in your system folder.
>
> In my case, I was convinced the problem was hardwaare, and called tech
> support for my computer, which is, guess what, a SONY !!!! They agreed
> with my bad diagnosis that it was my DVD drive at fault, and sent a repair
> person out here to replace it, which he did. For one day, I thought the
> problem was fixed, but the next day it resurfaced. Then I remembered
> having played a CD from SONY which autoloaded something on my screen. So
> I found that CD, looked more carefully at what the messages were, and it
> said "MediaMax" proudly displayed at the top of the menu. Go do a Google
> seaarch on this and you will be horrified. The only way to completely
> un-install it is to reformat the hard drive, but you can cripple it by
> deleting some files from your system.
>
> The irony of this is the fact that SONY's own tech support for its VAIO
> computer line was unaware of this malware, and so it spent internal money
> trying to fix a problem which another division of its bloated organization
> caused !!! Don't say I didn't send you a valuable warning. Be careful
> about inserting any SONY or RCA/BMG CD or DVD's into your machine unless
> you have time to burn trying to salvage proper functioning of your 'puter.
>
> Regards,
> Dan Talbot, President
> Talbot Technology (T-TECH) Corp
> 1 Dean Street / PO Box 151
> Hudson, MA 01749
>
> electronics engineering consultants
>
> web: www.ttechcorp.com
> web: www.talbtech.com
>
> phone: (978) 562-5820
>
>
(reply to this comment) (link to this comment)
e invented a new portable nintendo thing!!!!!!! by taylor on May 1st, 2006 @ 3:14pm
hi,
i have invented the PSTS it is a Play Station Touch Screen!if u give my your mail address i can give you pictures of it for you!so can you email me back and give me your mail address i can send you some pictures of it in the mail!!!!you don't have to create it this year.if you decide games for them could i have THESE GAMES,nintendogs,super mario 64,animal crossing,mariokart,harvest moon,underground and
dogz! if you invent it could send me one with nintendogs and mariokart please!i'm not saying you have to invent it i'm just saying i would love it if you did!!!!!!!!!
please could you try to invent it!!!!!!!
taylor
(reply to this comment) (link to this comment)
Add Your Comment