Text 8345, 150 rader
Skriven 2005-11-23 11:14:08 av Rich Gauszka (1:379/45)
Ärende: Sony DRM questions questions questions
==============================================
From: "Rich Gauszka" <gauszka@hotmail.com>

I'd love to see the answer to some of these questions

http://www.theregister.co.uk/2005/11/23/sony_drm_questions/

How many corporate, government, military, and scientific organizations will ban
the use of any Sony CD now on any machine connected to their networks?

How long until those bans extend to any copy-protected CD made by any music
company?

How long until those bans extend to any music CD, period?

How many corporate, government, military, and scientific networks have been
compromised by the Sony rootkit?

Have any security breaches occurred on a corporate, government, military, and
scientific network due to the Sony rootkit?

What actions will Sony face as a result of any security breaches?

How would those corporate, government, and scientific organizations have
reacted if a group hostile to American interests had engaged in the same
security violations practiced by Sony?

Who did Sony rely on to do the shoddy development work on the ActiveX control
used to "uninstall" the Sony rootkit?

Has anyone been damaged by the ActiveX control, which leaves PCs wide open to a
variety of attacks?

When will Sony release a method for actually removing all traces of their
rootkit from a PC?

Will that method further open up PCs to new security holes?

How many cheats, viruses, and Trojan Horses will use the Sony rootkit as cover
for their own installation and actions?

Does anyone at Sony - either in management or IT - really have any
understanding about security?

Did Sony ever bother to think through the ramifications of its rootkit?

Who made the decision at Sony to implement the First 4 Internet rootkit?

Is that person - or persons - facing sanctions? Demotion? Firing?

Has anyone sat down with Thomas Hesse, President at Sony BMG and utterer of the
line "Most people, I think, don't even know what a rootkit is, so why should
they care about it?", and explained to him just how stupid his statement is?

How successful will the legal actions against Sony prove?

Are there any legal actions pending against First 4 Internet, the providers of
the rootkit software Sony used?

Does anyone at First 4 Internet - a supposed technology company - really have
any understanding about security?

If anyone at First 4 Internet does have a glimmer of understanding about
security, do they care, or is money their only concern?

Why did Microsoft wait so long before adding Sony's rootkit to its list of
spyware to be removed by Windows Defender?

When did Microsoft first know about Sony's rootkit?

If Microsoft knew about it prior to the 31 October disclosure by Mark
Russinovich, why didn't they act sooner?

When did other anti-virus and anti-spyware companies first know about Sony's
rootkit?

If those companies knew about it prior to the 31 October disclosure by Mark
Russinovich, why didn't they act sooner? If they knew about it, exactly why are
we paying them?

Did Sony violate the GPL and LGPL by including code for the MP3 encoder LAME,
and other GPL and LGPL code, in its rootkit?

If so, what are Sony and First 4 Internet planning to do to address these LGPL
and GPL violations? Open-source their viral rootkit?

Are any other retailers besides Amazon going to notify customers that they have
purchased one of the 52 Sony BMG titles known to contain the rootkit, and offer
a refund?

What effect will the entire Sony debacle have on other music labels using, or
considering the use of, DRM on their CDs?

Are any members of the US Congress aware of the Sony rootkit saga, or are they
asleep at the wheel?

If so, are any proposing legislation requiring CDs to clearly label any DRM
they may include? Or going one step further, and banning the practice entirely?

How ironic is it that the actions of Sony's music division have damaged the PCs
made by Sony's computer division?

Does anyone at Sony appreciate the irony?

How many music lovers will now turn to illegal file sharing networks to acquire
music, since their attempts to do so legally were met by betrayal, apathy, and
malice by the very company selling them music?

Can you really blame the people who now turn to illegal file sharing?

Does Sony see the irony here?

Sony is offering to replace infected CDs with MP3s; what sorts of restrictions
do those MP3s have? And at what quality level were they made?

How many problems are we going to see with Sony's other DRM software made by
Suncomm?

Will Sony amend its outrageous EULA, which contains provisions in it that are
extreme and nonsensical?

How much have Sony's sales suffered for all of its CDs? How much will sales
suffer in the future?

Will consumers remember this episode? For the near future, will the words
"Sony" and "rootkit" be linked in consumers' minds?

Is Sony going to follow through on its promise to include DRM on all CDs put
out by the company?

Will Sony follow any of the advice given to it by the EFF?

Did Sony learn anything from this future business school case study, or is it
just going to try to develop quote-unquote "better" DRM?

Will any other companies currently issuing DRM "protected" CDs learn anything
from Sony's mess?

Will the Sony rootkit incident lead any consumers to switch from Windows to Mac
OS X (which was also vulnerable to Sony malware, but not as badly as Windows)
or Linux (which wasn't vulnerable at all)?

If consumers are unhappy with the Sony rootkit now, how will they feel when
they learn about the built-in copy protection found in Windows Media? In future
processors and the upcoming Windows Vista?

And finally, do companies have the right to take extreme measure, to install
software like the Sony rootkit, in order to protect their business models?

--- BBBS/NT v4.01 Flag-5
 * Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)