Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-disclosure] the "Sony/BMG" virus
From: bkfsec (bkfsecsdf.lonestar.org)
Date: Fri Nov 11 2005 - 09:03:08 CST
Todd Towles wrote:
>How to use Sony cloaking
>1) Write standard virus/trojan
>2) Trick poor person to run on computer (easy right?)
>3) Name it with $sys$
>4) It is now cloaked by the Sony DRM.
>Isn't too hard...you will see more and more, it won't be long before
>spyware is using it to hide as well. Is it good? No, any virus or
>spyware can have it's own rootkit hooks if they wanted. But if they use
>Sony, they can claim they weren't not trying to hide..."some other
>software" was hiding them. Botnet admins like smaller coded bot...no
>need to add any code...just a file renamed...man even a folder rename
>for that matter
Sony needs to pay big for this. I'll never buy a Sony/BMG item again...
no apology is enough.
The way I see it, this is no different than a company orchestrating a
mass breaking and entering on all of their customers. This is like if
Matag hid the Matag man* INSIDE the dish washer so that he could rummage
through your home in the middle of the night.
There is no excuse for what they've done... and there needs to be a very
real public acknowledgment and discussion about what to do about the
RIAA/MPAA -- let's face facts; what Sony has done is not an isolated
case. This is only the logical conclusion in a string of damn near or
should be criminal actions either committed or proposed by the big media
names of the world.
They need to be reminded that the consumer base are not cattle to be
used. They exist to service us, not vice versa... and the base of
corporate leadership which harbors the idea that we exist to supply them
with money exclusively... the ethically challanged of our world if you
will... must be purged from all positions of power, whatever the cost.
This is only a symptom of a greater problem.
* Only an example. I have no intention of maligning Matag with it.
p.s. Some people refuse to say that this is a malicious action on Sony's
part. Now I'm going to speak truth to the situation. There is no
mistake that this is a malicious act against their customers. If it was
not malicious, they would not have had to hide it.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/