Re: FYI OT: new computer vulnerability

---

• To: g*@hort.net
• Subject: Re: [CHAT] FYI OT: new computer vulnerability
• From: "k*@netzero.com" k*@netzero.com
• Date: Sat, 12 Nov 2005 18:19:43 GMT

So you're saying that this spyware is loaded onto your computer just by playing a newER Sony CD that has it?

Kitty

-- Theresa <tchessie1@sbcglobal.net> wrote:
Oh- by the way, apparently there is no fix to this problem right now- 
they antivirus and sony website solutions only "decloak" the spyware- 
they don't remove it.  And apparently the Sony website solution can 
cause even more problems.  The antivirus software programs are already 
updating to catch the new viruses that are using the security 
vulnerability that the spyware creates.  So, if you haven't updated your 
anti-virus recently- you should do so pronto. Hopefully with all the 
publicity about this disaster, there will be a fix that removes the 
spyware completely.  What I have yet to learn is whether the 
copy-control programs used by other CD companies are also a problem (I 
have a Virgin Records CD that I played on my computer- so rats!).

Theresa

Theresa wrote:

> Thought you'd want to be aware of of spyware installed by copy-protected
>
> Sony music CDs, which also is a conduit for viruses:
>
> http://www.usatoday.com/money/industries/technology/2005-11-10-sony-hackers_x.htm?POE=NEWISVA 
>
>
> http://www.cnn.com/2005/TECH/internet/11/10/sony.hack.reut/index.html
>
> http://www.washingtonpost.com/wp-dyn/content/article/2005/11/11/AR2005111100632.html 
>
>
> http://blogs.washingtonpost.com/securityfix/2005/11/the_bush_admini.html
>
> Also, apparently spyware/anti-virus software has difficulty detecting 
> the Sony malware and the viruses that it can hide.
>
> Im writing you to express my concerns about the recent revelation
> regarding root kit software that is being secretly installed on
> users computers when they agree to a misleading End User License
> Agreement from Sony / BMG.
> According to recent research, said
> software uses the same techniques used by hackers to camouflage
> viruses, and other forms of mal-ware. Not only that, this software is
> so poorly written as to open the host system up to other, potentially
> more damaging attacks.
> I
> want you to understand that the security vulnerabilities that Sony /
> BMG have inadvertently created are the kind that any competent hacker
> can fly a virtual 747 into.
> I urge you to read Mark Russinovichs web log entries regarding this 
> software, and take heed his expert opinion on this matter.
> Here are links to the relevant entries.
> http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html 
>
> http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html 
>
> http://www.sysinternals.com/blog/2005/11/sonys-rootkit-first-4-internet.html 
>
> ---------------------------------------------------------------------
> To sign-off this list, send email to majordomo@hort.net with the
> message text UNSUBSCRIBE GARDENCHAT

---------------------------------------------------------------------
To sign-off this list, send email to majordomo@hort.net with the
message text UNSUBSCRIBE GARDENCHAT

---------------------------------------------------------------------
To sign-off this list, send email to majordomo@hort.net with the
message text UNSUBSCRIBE GARDENCHAT

• Follow-Ups:
  • Re: FYI OT: new computer vulnerability
    • From: T*

• Prev by Date: Re: Aloha Even
• Next by Date: Re: Aloha Even
• Previous by thread: FYI OT: new computer vulnerability
• Next by thread: Re: FYI OT: new computer vulnerability