BEWARE - Sony CD installs Mac OS X kernel extensions!!
Super Spinner
computers. Looks like they install kernel extensions on Macs too.
>From the 2005.11.10 MacInTouch "Notes and Tips":
http://www.macintouch.com/#tips.2005.11.10
"Darren Dittrich followed up on the discovery that Sony was playing a
dirty trick on its customers, secretly installing a malware-style "root
kit" on their computers via audio CDs:
I recently purchased Imogen Heap's new CD (Speak for Yourself), an RCA
Victor release, but with distribution credited to Sony/BMG. Reading
recent reports of a Sony rootkit, I decided to poke around. In addition
to the standard volume for AIFF files, there's a smaller extra
partition for "enhanced" content. I was surprised to find a "Start.app"
Mac application in addition to the expected Windows-related files.
Running this app brings up a long legal agreement, clicking Continue
prompts you for your username/password (uh-oh!), and then promptly
exits. Digging around a bit, I find that Start.app actually installs 2
files: PhoenixNub1.kext and PhoenixNub12.kext.
Personally, I'm not a big fan of anyone installing kernel extensions
on my Mac. In Sony's defense, upon closer reading of the EULA, they
essentially tell you that they will be installing software. Also, this
is apparently not the same technology used in the recent Windows
rootkits (made by XCP), but rather a DRM codebase developed by
SunnComm, who promotes their Mac-aware DRM technology on their site. "
ZnU
"Super Spinner" <Pepe....@gmail.com> wrote:
> You've likely heard about Sony CDs installing rootkits on Windows
> computers. Looks like they install kernel extensions on Macs too.
[snip]
For anyone who doesn't realize what a horrible idea this is:
http://developer.apple.com/documentation/Darwin/Conceptual/ShouldYou.html
"Software that resides in the kernel tends to be expensive. Kernel code
is "wired" into physical memory and thus cannot be paged out by the
virtual memory system. As more code is put into the kernel, less
physical memory is available to user-space processes. Consequently,
paging activity will probably intensify, thereby degrading system
performance.
Kernel code is also inherently destabilizing, much more so than
application code. The kernel environment is a single process, and this
means that there is no memory protection between your extension or
driver and anything else in the kernel. Access memory in the wrong place
and -boom- the entire system can grind to a halt, a victim of a kernel
panic. Moreover, because kernel code usually provides services to
numerous user-space clients, any inefficiencies in the code can be
propagated to those clients, thereby affecting the system globally."
--
"It's in our country's interests to find those who would do harm to us and get
them out of harm's way."
-- George W. Bush in Washington, D.C., April 28, 2005
Peter Hayes
What happens if you decline their generous offer?
Does the CD fail to play?
Moral - don't purchase anything from Sony, hardware or software, ie, run
the bastards out of business.
--
Peter
Lefty Bigfoot
(in article
<1131685864.9...@f14g2000cwb.googlegroups.com>):
> Running this app brings up a long legal agreement, clicking Continue
> prompts you for your username/password (uh-oh!), and then promptly
> exits. Digging around a bit, I find that Start.app actually installs 2
> files: PhoenixNub1.kext and PhoenixNub12.kext.
Gee, I warned about this problem (asking for a password and you
giving it) not too long ago in a discussion about security and
malware on the Mac. Sony is hereby banned from the household
from this point forward.
--
_ __ _
| | ___ / _| |_ _ _
| | / _ \ |_| __| | | |
| |__| __/ _| |_| |_| |
|_____\___|_| \__|\__, |
|___/
All of God's creatures have a place..........
.........right next to the potatoes and gravy.
Edwin
So the Mac has got some malware now. Funny how you guys didn't just
come out and admit to that directly.
Steve Carroll
"Edwin" <thor...@juno.com> wrote:
I'll admit to it, providing it's true... but it's certainly news to me.
Realistically, it can only be a matter of time, right? Josh McKee has
some list of reasons that he's unwilling to share as to why OSX has no
malware. If this is true he'll have to rethink things.
--
"I would not be a good liar, being that I have little if any practice." - Snit
Buzz
I also bought Imogen Heap's new album, but I bought it from iTMS. So, I
didn't get the extra code that he got.
What I don't understand from what he wrote is, whether this code was
installed automatically, or if it was only installed when he installed it.
--
[iTunes was playing "Loose Ends" by Imogen Heap while I was writing
this.]
Peter Hayes
Steady on - I've spent weeks trying to persuade Oxford, primarily, that
OS X isn't immune to exploits.
--
Peter
Edwin
Okay, I'll take your word for that.
Still, you didn't respond to the thread with a direct "the Mac has got
malware now," as I did.
Edwin
Indeed.
All those who believe Macs are secure simply by virtue of being Macs
will have to "rethink things."
All those who believe a system is poorly designed simply because
malicious people have found a way to sabotage it will also have to
"rethink things."
Buzz
I guess it depends on how you define malware and exploits.
In this case, the package was marked as to what it contains.
In this case, the exploit was accompanied by a EULA.
Only after presenting you with the license agreement, does the software
install. And that installation requires an administrator username/password.
Do most Windows exploits follow these rules?
Edwin
IOW, you're going to redefine malware and exploits to let the Mac off
the hook?
> In this case, the package was marked as to what it contains.
The package was marked as containing spyware that robs your system of
resources? You're sure about that?
> In this case, the exploit was accompanied by a EULA.
How many people read those?
> Only after presenting you with the license agreement, does the software
> install. And that installation requires an administrator username/password.
>
> Do most Windows exploits follow these rules?
A great many Windows exploits depend on the cooperation of the user.
One even required a password be entered aftet the file was unzipped.
Jim Polaski
"Edwin" <thor...@juno.com> wrote:
Not this one bubba, and if you think not, you haven't been paying
attention to your Windows centric world.
--
Regards,
JP
"The measure of a man is what he will do while
expecting that he will get nothing in return!"
Buzz
I wrote SunnComm about using the Imogen Heap CD with iTunes. Here is
their reply:
Your ticket xxxxxx has been Answered
Thank you for contacting us. We appreciate your purchase of the Imogen
Heap CD and will be happy to assist you with the music transfer.
Please follow the instructions below in order to move your content into
iTunes and onto an iPod:
If you have a Mac computer you can copy the songs using your iTunes
Player as you would normally do.
If you have a PC place the CD into your computer and allow the CD to
automatically start. If the CD does not automatically start, open your
Windows Explorer, locate the drive letter for your CD drive and
double-click on the LaunchCD.exe file located on your CD.
Once the application has been launched and the End User License
Agreement has been accepted, you can click the Copy Songs button on the
top menu.
Follow the instructions to copy the secure Windows Media Files (WMA) to
your PC. Make a note of where you are copying the songs to, you will
need to get to these secure Windows Media Files in the next steps.
Once the WMA files are on your PC you can open and listen to the songs
with Windows Media Player 9.0 or higher. You may also play them in any
compatible player that can play secure Windows Media files, such as
MusicMatch, RealPlayer, and Winamp, but it will require that you obtain
a license to do so. To obtain this license, from the Welcome Screen of
the user interface, click on the link below the album art that says "If
your music does not play in your preferred player, click here". Follow
the instructions to download the alternate license. PLEASE NOTE: This
license is only necessary for playing the copied songs in a media player
other than iTunes or Windows Media Player. If you are just trying to use
iTunes, simply continue with these instructions.
Using Windows Media Player only, you can then burn the songs to a CD.
Please note that in order to burn the files, you need to upgrade to or
already have Windows Media Player 9 or greater.
Once the CD has been burned, place the copied CD back into your computer
and open iTunes. iTunes can now rip the songs as you would a normal CD.
Please note an easier and more acceptable solution requires cooperation
from Apple, who we have already reached out to in hopes of addressing
this issue. To help speed this effort, we ask that you use the following
link to contact Apple and ask them to provide a solution that would
easily allow you to move content from protected CDs into iTunes or onto
your iPod rather than having to go through the additional steps above.
http://www.apple.com/feedback/ipod.html
Please let us know if we can assist you further.
Thank you,
Rob
SunnComm Tech Support
CLIENT: us...@xxx.com
Will it play in Itunes?
-----------------------------------------------------------
Powered by
SunnComm, Int'l
Visit http://www.sunncomm.com
Notice the difference between the Macintosh instructions and the Windows
instructions.
Peter Hayes
ROTFL
Play it back in any CD player and feed the audio into your PC through
your sound card - much easier. And no nasty droppings left on your hard
drive.
--
Peter
Buzz
I like the Macintosh way better. It just works.
Edwin
This one wouldn't install either if you weren't running as Admin in
Windows.
How did you negate the Mac malware aspects of this with what you wrote?
Alan Baker
That is not yet determined. For it to be malware, the software that Sony
installs must do something malicious.
--
Alan Baker
Vancouver, British Columbia
"If you raise the ceiling 4 feet, move the fireplace from that wall
to that wall, you'll still only get the full stereophonic effect
if you sit in the bottom of that cupboard."
Edwin
IOW, you're deliberately ignoring ZnU's post to this thread, and you
think it needs to be "determined" if spyware is going to "do something
malicious."
Alan Baker
"Edwin" <thor...@juno.com> wrote:
This hasn't been shown to be spyware.
Wally
1131750036.8...@o13g2000cwo.googlegroups.com, "Edwin"
<thor...@juno.com> wrote:
>
> Jim Polaski wrote:
<snip>
>> Not this one bubba, and if you think not, you haven't been paying
>> attention to your Windows centric world.
>
> This one wouldn't install either if you weren't running as Admin in
> Windows.
>
> How did you negate the Mac malware aspects of this with what you wrote?
I must have missed where "malware" has been redefined! is it no longer...
"(mal´wăr) (n.) Short for malicious software, software designed specifically
to damage or disrupt a system, such as a virus or a Trojan horse."
If it has not been redefined could you explain what is "malicious" about
this Sony thing Edwin?
--
"What I remember Maccies saying is what I remember Maccis saying, regardless
of what posts anyone can find (or not find)."- Edwin
Edwin
Yes it has. It does the same thing as does the Windows version.
You're still ignoring ZnU's post too.
Edwin
Wally wrote:
> On 12/11/05 7:00 AM, in article
> 1131750036.8...@o13g2000cwo.googlegroups.com, "Edwin"
> <thor...@juno.com> wrote:
>
> >
> > Jim Polaski wrote:
>
> <snip>
>
> >> Not this one bubba, and if you think not, you haven't been paying
> >> attention to your Windows centric world.
> >
> > This one wouldn't install either if you weren't running as Admin in
> > Windows.
> >
> > How did you negate the Mac malware aspects of this with what you wrote?
>
> I must have missed where "malware" has been redefined! is it no longer...
>
> to damage or disrupt a system, such as a virus or a Trojan horse."
Funny how you gave no reference to that quote. Was that because you
had to trim the defininiton to get it to come out the way you want?
Even if you ignore the spyware aspect of this (because you've decided
spyware isn't malware), there's still what ZnU wrote in his post, about
how this is kernel level software that steals system resources, and
introduces security holes.
> If it has not been redefined could you explain what is "malicious" about
> this Sony thing Edwin?
Explain it to you again? Why don't you try reading the other posts in
this thread and elsewhere?
Alan Baker
"Edwin" <thor...@juno.com> wrote:
It does? Where has that been shown?
>
> You're still ignoring ZnU's post too.
That says what? That software uses resources? I didn't realize it
contained anything that needed attention.
Software needs resources, and it would probably be better if they hadn't
written this stuff as kernel extensions. But absent any technical
information, it's a little tough to tell whether the resource usage is
significant.
Alan Baker
"Edwin" <thor...@juno.com> wrote:
> Wally wrote:
> > On 12/11/05 7:00 AM, in article
> > 1131750036.8...@o13g2000cwo.googlegroups.com, "Edwin"
> > <thor...@juno.com> wrote:
> >
> > >
> > > Jim Polaski wrote:
> >
> > <snip>
> >
> > >> Not this one bubba, and if you think not, you haven't been paying
> > >> attention to your Windows centric world.
> > >
> > > This one wouldn't install either if you weren't running as Admin in
> > > Windows.
> > >
> > > How did you negate the Mac malware aspects of this with what you wrote?
> >
> > I must have missed where "malware" has been redefined! is it no longer...
> >
> > "(mal´wăr) (n.) Short for malicious software, software designed specifically
> > to damage or disrupt a system, such as a virus or a Trojan horse."
>
> Funny how you gave no reference to that quote. Was that because you
> had to trim the defininiton to get it to come out the way you want?
>
> Even if you ignore the spyware aspect of this (because you've decided
> spyware isn't malware), there's still what ZnU wrote in his post, about
> how this is kernel level software that steals system resources, and
> introduces security holes.
That's not what Znu wrote at all. He wrote that it *uses* system
resources, specifically: that it uses "wired" memory that can't be used
for other purposes when the software is idle.
He said nothing at all about security holes. Only that a kext has to be
written carefully, because if it generates a memory exception it can
bring down the system. That's not a security hole.
>
> > If it has not been redefined could you explain what is "malicious" about
> > this Sony thing Edwin?
>
> Explain it to you again? Why don't you try reading the other posts in
> this thread and elsewhere?
Explaining it once would be nice.
What is a malicious action taken by this software?
Wally
1131757073.8...@g14g2000cwa.googlegroups.com, "Edwin"
<thor...@juno.com> wrote:
>
> Wally wrote:
>> On 12/11/05 7:00 AM, in article
>> 1131750036.8...@o13g2000cwo.googlegroups.com, "Edwin"
>> <thor...@juno.com> wrote:
>>
>>>
>>> Jim Polaski wrote:
>>
>> <snip>
>>
>>>> Not this one bubba, and if you think not, you haven't been paying
>>>> attention to your Windows centric world.
>>>
>>> This one wouldn't install either if you weren't running as Admin in
>>> Windows.
>>>
>>> How did you negate the Mac malware aspects of this with what you wrote?
>>
>> I must have missed where "malware" has been redefined! is it no longer...
>>
>> "(mal´wăr) (n.) Short for malicious software, software designed specifically
>> to damage or disrupt a system, such as a virus or a Trojan horse."
>
> Funny how you gave no reference to that quote. Was that because you
> had to trim the defininiton to get it to come out the way you want?
Not really! I figured you were capable of putting 'malware' into Google and
reading the first definition..
Plus I do not assert that this is the only definition, I cut you some slack
by leaving you room to show yours!
> Even if you ignore the spyware aspect of this (because you've decided
> spyware isn't malware),
If you wish to argue against the definitions of malware or spyware be my
guest, but don't blame me when you are wrong!
> there's still what ZnU wrote in his post, about
> how this is kernel level software that steals system resources, and
> introduces security holes.
ZnU supplied a very interesting link and a worthwhile read, but did you not
notice such terms as....."... tends to be..." "..will probably intensify.."
Can you categorically show how wrt this Sony thing this IS the case?
>
>> If it has not been redefined could you explain what is "malicious" about
>> this Sony thing Edwin?
>
> Explain it to you again? Why don't you try reading the other posts in
> this thread and elsewhere?
No other post in this thread agrees with your forlorn hope that what you
describe *IS* the case! ....show otherwise!
Wally
1131756817....@g44g2000cwa.googlegroups.com, "Edwin"
<thor...@juno.com> wrote:
>>
>> This hasn't been shown to be spyware.
>
> Yes it has. It does the same thing as does the Windows version.
>
> You're still ignoring ZnU's post too.
It must be disconcerting to other Windows users when they witness you being
only too willing to condemn that OS to being so easily corrupted, in an
effort to score cheap points against Mac OS.....especially when you fail as
in this case!
We have you claiming that the Sony thing can do all sorts of evil to
Windows.....
"It does the same thing as does the Windows version."
As you are a Windows advocate I am assuming that you at least know what you
are talking about there!
And yet you cannot show one instance where what you have described is
applicable to Mac OS!
Really Edwin! was condemning your own chosen platform worth the result?
--
"It's a sad time to be a Wintroll..."
Edwin
Peter Hayes
If you like these rootkits / kernel-extensions being installed on your
Mac. It's a massive and unnecessary risk just to play a CD when saner
alternatives exist, and at minimal cost.
--
Peter
C Lund
> So the Mac has got some malware now.
Yes, OS X now has some malware. I never thought it would come from a
media corporation though. Still.. RIAA and all that...
Mind you, this isn't very aggressive malware, because in order to
become infected, you have to:
1: Locate it on the CD.
2: Double-click it (to start it).
3: Accept the EULA.
4: Enter your password.
And it won't spread on it's own.
In order to become infected with Windows malware, you have to...
connect to the internet.
> Funny how you guys didn't just
> come out and admit to that directly.
Why? Sony's malware for OS X is basically just a footnote when
compared with what they've got for you guys.
--
C Lund, www.notam02.no/~clund
C Lund
Wally <wa...@wally.world.net> wrote:
> I must have missed where "malware" has been redefined! is it no longer...
>
> "(mal´wăr) (n.) Short for malicious software, software designed specifically
> to damage or disrupt a system, such as a virus or a Trojan horse."
Um.. if it interferes with the way OS X handles media, then it is
disrupting the system.
--
C Lund, www.notam02.no/~clund
Wally
clund-EB15DE....@amstwist00.chello.com, "C Lund"
<cl...@notam02SPAMBLOCK.no> wrote:
Sure! But was it "designed specifically to damage or disrupt a system," was
it Sony's intention to "... damage or disrupt a system " when they
implemented it! I don't see it that way!
Walter Bushell
> On 12/11/05 7:00 AM, in article
> 1131750036.8...@o13g2000cwo.googlegroups.com, "Edwin"
> <thor...@juno.com> wrote:
>
> >
> > Jim Polaski wrote:
>
> <snip>
>
> >> Not this one bubba, and if you think not, you haven't been paying
> >> attention to your Windows centric world.
> >
> > This one wouldn't install either if you weren't running as Admin in
> > Windows.
> >
> > How did you negate the Mac malware aspects of this with what you wrote?
>
> I must have missed where "malware" has been redefined! is it no longer...
>
> "(mal´wăr) (n.) Short for malicious software, software designed specifically
> to damage or disrupt a system, such as a virus or a Trojan horse."
>
> If it has not been redefined could you explain what is "malicious" about
> this Sony thing Edwin?
Ah, so it's not malware if it is done due to incompetence. OTOH gross
incompetence should be grounds for considering a piece of software
malware. But then, we would have to classify Windows as malware.
--
"The power of the Executive to cast a man into prison without formulating any
charge known to the law, and particularly to deny him the judgement of his
peers, is in the highest degree odious and is the foundation of all totali-
tarian government whether Nazi or Communist." -- W. Churchill, Nov 21, 1943
Buzz
The part that you must have missed is the part where nothing is
installed on the Macintosh. No rootkits, no kernel-extensions, nothing.
Walter Bushell
not_i...@btinternet.com (Peter Hayes) wrote:
That degrades the sound quality and I'd have to get a CD player.
Peter Hayes
The quality loss through a D/A and an A/D is minimal compared to ripping
to MP3 or some similar compressed format for iPods or the like.
--
Peter
Walter Bushell
not_i...@btinternet.com (Peter Hayes) wrote:
> Walter Bushell <pr...@panix.com> wrote:
>
> > In article <1h5vrmg.1gxmvilvphkqoN%not_i...@btinternet.com>,
> > not_i...@btinternet.com (Peter Hayes) wrote:
> > >
> > > Play it back in any CD player and feed the audio into your PC through
> > > your sound card - much easier. And no nasty droppings left on your hard
> > > drive.
> >
> > That degrades the sound quality and I'd have to get a CD player.
>
> The quality loss through a D/A and an A/D is minimal compared to ripping
> to MP3 or some similar compressed format for iPods or the like.
I use Apple Lossless on my iPod. And I still need additional equipment.
Peter Hayes
> In article <1h5x5ul.1ezdu5ej6ui7zN%not_i...@btinternet.com>,
> not_i...@btinternet.com (Peter Hayes) wrote:
>
> > Walter Bushell <pr...@panix.com> wrote:
> >
> > > In article <1h5vrmg.1gxmvilvphkqoN%not_i...@btinternet.com>,
> > > not_i...@btinternet.com (Peter Hayes) wrote:
> > > >
> > > > Play it back in any CD player and feed the audio into your PC through
> > > > your sound card - much easier. And no nasty droppings left on your hard
> > > > drive.
> > >
> > > That degrades the sound quality and I'd have to get a CD player.
> >
> > The quality loss through a D/A and an A/D is minimal compared to ripping
> > to MP3 or some similar compressed format for iPods or the like.
>
> I use Apple Lossless on my iPod. And I still need additional equipment.
Even if you had to buy a fibre connected CD player and soundcard, it
would be better than dealing with all this DRM garbage.
Employed fairly, DRM probably has some validity in the fight against
rampant piracy if it generates more money for the artists, but as this
episode demonstrates, there's a lot that's very wrong with current
practice.
How many other examples of this nature are currently in use but as yet
undiscovered?
--
Peter
Sandman
> > In this case, the package was marked as to what it contains.
>
> The package was marked as containing spyware that robs your system of
> resources?
"malware" is now "software that 'robs' your system of resources"?
In what way does this software rob my resources to make it different from a
malware viewpoint than, say, Adobe Photoshop?
--
Sandman[.net]
Travelinman
Craig Koller
[cut]
> So the Mac has got some malware now. Funny how you guys didn't just
> come out and admit to that directly.
>
No, from what I read, the user is prompted before the software is
installed and has to provide a password.
I don't think this is the same kind of threat as standard Windows
malware.
C Lund
Sony might not see it that way either. But if it interferes with the
way the system handles certain types of data, and/or ties up system
resources (CPU cycles, RAM), then it is damaging or disrupting the
system.
Mind you, I'm not entirely certain what the OS X version of Sony's
crapware does, so the above is an "if".
--
C Lund, www.notam02.no/~clund
Wally
clund-D9F40C....@amstwist00.chello.com, "C Lund"
<cl...@notam02SPAMBLOCK.no> wrote:
Understood!
I found this....interesting (no mention of the Mac though! ;) )
Walter Bushell
I am almost certain Adobe Photoshop does not consume resources when not
open or probably when not being used. I did hear some M$ products do
indeed consume resources heavily when open by not in use.
Walter Bushell
Travelinman <now...@nospam.net> wrote:
To avoid this you can use Linux. Or FreeBSD.
Peter Hayes
> In article <mr-7A6FA0.23...@individual.net>,
> Sandman <m...@sandman.net> wrote:
>
> > In article <1131732685.3...@g47g2000cwa.googlegroups.com>,
> > "Edwin" <thor...@juno.com> wrote:
> >
> > > > In this case, the package was marked as to what it contains.
> > >
> > > The package was marked as containing spyware that robs your system of
> > > resources?
It also phones home, apparantly.
> > "malware" is now "software that 'robs' your system of resources"?
> >
> > In what way does this software rob my resources to make it different from a
> > malware viewpoint than, say, Adobe Photoshop?
>
> I am almost certain Adobe Photoshop does not consume resources when not
> open or probably when not being used. I did hear some M$ products do
> indeed consume resources heavily when open by not in use.
Some OS X apps also consume substantial CPU resources when open but
idle, so it's not uncommon on either platform, and I'd be surprised if
Linux was any different.
--
Peter
Sandman
Walter Bushell <pr...@panix.com> wrote:
> > > > In this case, the package was marked as to what it contains.
> > >
> > > The package was marked as containing spyware that robs your system of
> > > resources?
> >
> > "malware" is now "software that 'robs' your system of resources"?
> >
> > In what way does this software rob my resources to make it different from a
> > malware viewpoint than, say, Adobe Photoshop?
>
> I am almost certain Adobe Photoshop does not consume resources when not
> open or probably when not being used. I did hear some M$ products do
> indeed consume resources heavily when open by not in use.
Define "in use". IF you mean "frontmost application that is receiving user
input" and any software that uses resources outside of that definition is
malware, then windows and OSX is loaded shock full with malware from respective
OS company when first installed.
This is silly. Malware is short for "Malicious Software". I am waiting for
someone to explain for me how installing a kernel extension is malicious in
itself, since I've got plenty of malware if that's true as well.
--
Sandman[.net]
ZnU
Sandman <m...@sandman.net> wrote:
I would say that installing a kernel extension (which potentially
reduces the reliability and performance of the system) for a purpose
that is not intended to benefit the user, is, in fact, malicious.
--
"It's in our country's interests to find those who would do harm to us and get
them out of harm's way."
-- George W. Bush in Washington, D.C., April 28, 2005
Josh McKee
wrote:
>In article <1131725885.2...@g44g2000cwa.googlegroups.com>,
> "Edwin" <thor...@juno.com> wrote:
>
>> So the Mac has got some malware now. Funny how you guys didn't just
>> come out and admit to that directly.
>
>I'll admit to it, providing it's true... but it's certainly news to me.
>Realistically, it can only be a matter of time, right? Josh McKee has
>some list of reasons that he's unwilling to share as to why OSX has no
>malware. If this is true he'll have to rethink things.
What's your obsession with me?
Josh
Travelinman
ZnU <z...@fake.invalid> wrote:
I think the definition of 'malware' being used is too simplistic.
For example, when you install TechTool Pro, it's potentially capable of
doing harm - since it could wipe your hard drive. But it tells you what
you're installing and asks your permission, so I wouldn't consider it to
be malware.
The Sony software also tells you what it will do and asks your
permission before installing. That makes it much closer to the Tech Tool
Pro example above than the type of virus crap that flies around the
Windows world.
Bottom line is that this software isn't self-propogating, it does
exactly what it says it will do, and you are required to give a password
before installing it. Whether you choose to call it malware or not,
it's clearly not the same level of problem as the massive Windows virus
and trojan problems.
Peter Hayes
It's known that the Windows version phones home, a fact not disclosed in
the Windows EULA.
Doubtless this Mac exploit does also.
--
Peter
Steve Carroll
Josh McKee <jtm...@rm-bogus-ac.net> wrote:
> On Fri, 11 Nov 2005 09:31:45 -0700, Steve Carroll <no...@nowhere.net>
> wrote:
>
(snip)
> >I'll admit to it, providing it's true... but it's certainly news to me.
> >Realistically, it can only be a matter of time, right? Josh McKee has
> >some list of reasons that he's unwilling to share as to why OSX has no
> >malware. If this is true he'll have to rethink things.
>
> What's your obsession with me?
Irrelevant. Why won't you provide the list of reasons?
--
"I would not be a good liar, being that I have little if any practice." - Snit
Josh McKee
wrote:
>In article <nq4fn1t3q1lhlivkh...@4ax.com>,
> Josh McKee <jtm...@rm-bogus-ac.net> wrote:
>
>> On Fri, 11 Nov 2005 09:31:45 -0700, Steve Carroll <no...@nowhere.net>
>> wrote:
>>
>(snip)
>
>> >I'll admit to it, providing it's true... but it's certainly news to me.
>> >Realistically, it can only be a matter of time, right? Josh McKee has
>> >some list of reasons that he's unwilling to share as to why OSX has no
>> >malware. If this is true he'll have to rethink things.
>>
>> What's your obsession with me?
>
>Irrelevant. Why won't you provide the list of reasons?
You didn't answer the question. No surprise there.
Josh
Steve Carroll
Josh McKee <jtm...@rm-bogus-ac.net> wrote:
> On Sun, 13 Nov 2005 13:49:43 -0700, Steve Carroll <no...@nowhere.net>
> wrote:
>
> >In article <nq4fn1t3q1lhlivkh...@4ax.com>,
> > Josh McKee <jtm...@rm-bogus-ac.net> wrote:
> >
> >> On Fri, 11 Nov 2005 09:31:45 -0700, Steve Carroll <no...@nowhere.net>
> >> wrote:
> >>
> >(snip)
> >
> >> >I'll admit to it, providing it's true... but it's certainly news to me.
> >> >Realistically, it can only be a matter of time, right? Josh McKee has
> >> >some list of reasons that he's unwilling to share as to why OSX has no
> >> >malware. If this is true he'll have to rethink things.
> >>
> >> What's your obsession with me?
> >
> >Irrelevant. Why won't you provide the list of reasons?
>
> You didn't answer
... your irrelevant question? Yes, I know. So, why won't you provide
that list of reasons?
Josh McKee
wrote:
>In article <9gdfn1phfeut1ueat...@4ax.com>,
> Josh McKee <jtm...@rm-bogus-ac.net> wrote:
>
>> On Sun, 13 Nov 2005 13:49:43 -0700, Steve Carroll <no...@nowhere.net>
>> wrote:
>>
>> >In article <nq4fn1t3q1lhlivkh...@4ax.com>,
>> > Josh McKee <jtm...@rm-bogus-ac.net> wrote:
>> >
>> >> On Fri, 11 Nov 2005 09:31:45 -0700, Steve Carroll <no...@nowhere.net>
>> >> wrote:
>> >>
>> >(snip)
>> >
>> >> >I'll admit to it, providing it's true... but it's certainly news to me.
>> >> >Realistically, it can only be a matter of time, right? Josh McKee has
>> >> >some list of reasons that he's unwilling to share as to why OSX has no
>> >> >malware. If this is true he'll have to rethink things.
>> >>
>> >> What's your obsession with me?
>> >
>> >Irrelevant. Why won't you provide the list of reasons?
>>
>> You didn't answer
>
>... your irrelevant question? Yes, I know. So, why won't you provide
>that list of reasons?
Why would I Steve? You're not interested in a rational discussion.
You're not interested in listening to what I or anyone with an
opposing view point has to say. You're not interested in working
towards the truth. You're only interested in twisting people's words,
lying, and being dishonest (your selective quoting above demonstrates
this).
Josh
Steve Carroll
Josh McKee <jtm...@rm-bogus-ac.net> wrote:
> On Sun, 13 Nov 2005 18:42:22 -0700, Steve Carroll <no...@nowhere.net>
> wrote:
>
> >In article <9gdfn1phfeut1ueat...@4ax.com>,
> > Josh McKee <jtm...@rm-bogus-ac.net> wrote:
> >
> >> On Sun, 13 Nov 2005 13:49:43 -0700, Steve Carroll <no...@nowhere.net>
> >> wrote:
> >>
> >> >In article <nq4fn1t3q1lhlivkh...@4ax.com>,
> >> > Josh McKee <jtm...@rm-bogus-ac.net> wrote:
> >> >
> >> >> On Fri, 11 Nov 2005 09:31:45 -0700, Steve Carroll <no...@nowhere.net>
> >> >> wrote:
> >> >>
> >> >(snip)
> >> >
> >> >> >I'll admit to it, providing it's true... but it's certainly news to
> >> >> >me.
> >> >> >Realistically, it can only be a matter of time, right? Josh McKee has
> >> >> >some list of reasons that he's unwilling to share as to why OSX has no
> >> >> >malware. If this is true he'll have to rethink things.
> >> >>
> >> >> What's your obsession with me?
> >> >
> >> >Irrelevant. Why won't you provide the list of reasons?
> >>
> >> You didn't answer
> >
> >... your irrelevant question? Yes, I know. So, why won't you provide
> >that list of reasons?
>
> Why would I Steve?
To point out the differences between XP and OSX.
Josh McKee
wrote:
Thanks for proving my point.
Josh
Alan Baker
not_i...@btinternet.com (Peter Hayes) wrote:
Doubtless? They're not the same software in different versions for each
platform, Peter. They are two totally separate pieces of software.
--
Alan Baker
Vancouver, British Columbia
"If you raise the ceiling 4 feet, move the fireplace from that wall
to that wall, you'll still only get the full stereophonic effect
if you sit in the bottom of that cupboard."
Snit
02rfn1ln5j6e0hn43...@4ax.com on 11/13/05 6:49 PM:
>>> You didn't answer
>>
>> ... your irrelevant question? Yes, I know. So, why won't you provide
>> that list of reasons?
>
> Why would I Steve? You're not interested in a rational discussion.
He may or may not be interested - Steve, however, is clearly not capable of
a rational discussion. Is there any counter evidence to that?
Heck, I have stated it and it is Steve who has said:
"Isn't that the way it works? An assertion is made and it sticks
until someone proves it's not true, right?" - Steve Carroll
> You're not interested in listening to what I or anyone with an
> opposing view point has to say. You're not interested in working
> towards the truth. You're only interested in twisting people's words,
> lying, and being dishonest (your selective quoting above demonstrates
> this).
Bingo! Describes Steve perfectly!
--
"Innovation is not about saying yes to everything. It's about saying NO to
all but the most crucial features." -- Steve Jobs
Snit
Steve is an expert at running from questions... one of the major reasons I
generally do not even read his posts any more.
--
Picture of a tuna soda: http://snipurl.com/f351
Feel free to ask for the recipe.
Snit
>> I'll admit to it, providing it's true... but it's certainly news to me.
>> Realistically, it can only be a matter of time, right? Josh McKee has
>> some list of reasons that he's unwilling to share as to why OSX has no
>> malware. If this is true he'll have to rethink things.
>
> What's your obsession with me?
Has Elizabot been posting to you - if so that explains Steve's growing
obsession with you.
--
God made me an atheist - who are you to question his authority?
Sandman
wrote:
> > Define "in use". IF you mean "frontmost application that is receiving
> > user input" and any software that uses resources outside of that
> > definition is malware, then windows and OSX is loaded shock full with
> > malware from respective OS company when first installed.
> >
> > This is silly. Malware is short for "Malicious Software". I am
> > waiting for someone to explain for me how installing a kernel
> > extension is malicious in itself, since I've got plenty of malware if
> > that's true as well.
>
> I would say that installing a kernel extension (which potentially
> reduces the reliability and performance of the system) for a purpose
> that is not intended to benefit the user, is, in fact, malicious.
It would, if it was installed unbeknownst to the user and if it did something
vicious. The story that the OP posted never actually told us what this software
does. Maybe I've missed a followup that explained that.
Either way, the user has to explicitly choose to install this particular
software, and it comes with a end user license.
--
Sandman[.net]
Sandman
not_i...@btinternet.com (Peter Hayes) wrote:
> > I think the definition of 'malware' being used is too simplistic.
> >
> > For example, when you install TechTool Pro, it's potentially capable of
> > doing harm - since it could wipe your hard drive. But it tells you what
> > you're installing and asks your permission, so I wouldn't consider it to
> > be malware.
> >
> > The Sony software also tells you what it will do and asks your
> > permission before installing. That makes it much closer to the Tech Tool
> > Pro example above than the type of virus crap that flies around the
> > Windows world.
> >
> > Bottom line is that this software isn't self-propogating, it does
> > exactly what it says it will do, and you are required to give a password
> > before installing it. Whether you choose to call it malware or not,
> > it's clearly not the same level of problem as the massive Windows virus
> > and trojan problems.
>
> It's known that the Windows version phones home, a fact not disclosed in
> the Windows EULA.
>
> Doubtless this Mac exploit does also.
There are lots of applications that "phone home" that isn't malware. They do so
to check licenses or new versions for example.
The act of "phoning home" can't be used to define malware, I'm afraid. It
actually have to phone home to do something malicious, like reporting bank
account information, email lists or something like that.
--
Sandman[.net]
Sandman
Josh McKee <jtm...@rm-bogus-ac.net> wrote:
Shit, I'm going to have to extend my Snit filter to include McKee as well soon.
--
Sandman[.net]
Snit
mr-E54E0D.08...@individual.net on 11/14/05 12:14 AM:
You can run from as many people as you like. The question is: why do
you advertise it?
--
"If you have integrity, nothing else matters." - Alan Simpson
Elizabot v2.0.2
Look at what Steve Carroll wrote about the Snit/Josh similarities nearly
two years ago:
http://groups.google.com/group/comp.sys.mac.advocacy/msg/f6ea13e8689a21ee?hl=en&
"Of course it isn't sound. Hell, he can't even define it :) If he isn't
Josh... they must be first cousins. Josh could never define his
arguments either. He used the exact same kind of lumpit logic this Snit
dolt is using... and he did it everywhere he went... like a f*cking
trail of snot oozing behind him. LOL!! He always attempted to project it
onto others, too... just like our pal here. Even when Josh would come
back with a new name... he actually thought he could hide it! Too funny!
Didn't you bust him once?"
Sandman
"Elizabot v2.0.2" <Eliz...@NsOpSyPmAaMc.com> wrote:
Interesting :)
--
Sandman[.net]
Peter Hayes
What is the point of the Mac software if not to provide a mechanism for
playing "enhanced" content, as the OP put it?
Does the CD play in a Mac without this additional software?
--
Peter
Peter Hayes
From
<http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloak
ing.html>
"I dug a little deeper and it appears the Player is automatically
checking to see if there are updates for the album art and lyrics for
the album it's displaying. This behavior would be welcome under most
circumstances, but is not mentioned in the EULA, is refuted by Sony, and
is not configurable in any way. I doubt Sony is doing anything with the
data, but with this type of connection their servers could record each
time a copy-protected CD is played and the IP address of the computer
playing it."
Sounds like spyware to me.
--
Peter
Peter Hayes
Sorry to post another followup, but evidently Microsoft consider the
Windows version as spyware,
http://news.bbc.co.uk/1/hi/technology/4434852.stm
"The software giant said the XCP copy protection system counted as
malicious software under the rules it uses to define what Windows should
be protected against."
--
Peter
Buzz
Yes.
Sandman
not_i...@btinternet.com (Peter Hayes) wrote:
It's a service application that for all we know is a benefit to the user and
installed BY the user.
The various apps I have that "phone home" to check for new versions could also
log my IP, but if logging ones IP is malware, then every web server in the
world is malware.
--
Sandman[.net]
Alan Baker
not_i...@btinternet.com (Peter Hayes) wrote:
> Alan Baker <alang...@telus.net> wrote:
>
> > In article <1h5zfby.w8n19e1wx2928N%not_i...@btinternet.com>,
> > not_i...@btinternet.com (Peter Hayes) wrote:
> >
> > > Travelinman <now...@nospam.net> wrote:
> > > >
> > > > The Sony software also tells you what it will do and asks your
> > > > permission before installing. That makes it much closer to the Tech Tool
> > > > Pro example above than the type of virus crap that flies around the
> > > > Windows world.
> > > >
> > > > Bottom line is that this software isn't self-propogating, it does
> > > > exactly what it says it will do, and you are required to give a password
> > > > before installing it. Whether you choose to call it malware or not,
> > > > it's clearly not the same level of problem as the massive Windows virus
> > > > and trojan problems.
> > >
> > > It's known that the Windows version phones home, a fact not disclosed in
> > > the Windows EULA.
> > >
> > > Doubtless this Mac exploit does also.
> >
> > Doubtless? They're not the same software in different versions for each
> > platform, Peter. They are two totally separate pieces of software.
>
> What is the point of the Mac software if not to provide a mechanism for
> playing "enhanced" content, as the OP put it?
What does that have to do with phoning home?
>
> Does the CD play in a Mac without this additional software?
According to what I've read here, yes.
Sandman
not_i...@btinternet.com (Peter Hayes) wrote:
But this can't be copy protection software. Wasn't it you who just said it
apparently downloaded CD art and stuff? Anyway, the CD plays fine without this
software, so it's pretty lousy copy protection software if so :)
--
Sandman[.net]
Peter Hayes
Not guilty...
> Anyway, the CD plays fine without this
> software, so it's pretty lousy copy protection software if so :)
Pardon my ignorance, but if it plays fine on a Mac, as several have now
confirmed, why doesn't it play on a PC without Sony's additional
software?
--
Peter
Steve Carroll
Snit <SN...@CABLE0NE.NET.INVALID> wrote:
Yeah... sure, Snit... and everyone believes you "generally do not even
read [my] posts any more." ;)
Sandman
not_i...@btinternet.com (Peter Hayes) wrote:
I have no idea, nor do I really care. Lots of things doesn't work on Windows. :)
--
Sandman[.net]
Tim Adams
not_i...@btinternet.com (Peter Hayes) wrote:
It will, at least according to several items I listened to in different
podcasts. You merely have to hold down the auto run it by holding down the shift
key when you insert it. Many people apparently don't follow this procedure.
--
reguarding Snit "You are not flamed because you speak the truth,
you are flamed because you are a hideous troll and keep disrupting
the newsgroup." Andrew J. Brehm
Tim
Peter Hayes
So the whole XCP "copy protection system" is a scam?
It's amazing that Sony went to such lengths to blacken their brand name,
get a kicking from Homeland Security, and now even Microsoft have
branded their product "malware'.
--
Peter