InformationWeek Daily Archives
Sony Is Just As Bad As Music Pirates
In This Issue:
1. Editor's Note: Sony Is Just As Bad As Music Pirates
2. Today's Top Story
- No Job Too Big For Windows Anymore, Ballmer Says
- Microsoft, SAP Team Up Against Oracle
- Microsoft Renames Beta AntiSpyware Pack 'Defender'
- Microsoft Faces Stiff Competition With 'Live' Service
3. Breaking News
- Langa Letter: Readers Rate Desktop Firewalls
- Cisco Is Looking Like The Next Big Security Target
- Retention Tension
- Cablevision Boosts Broadband Speeds
- Grokster Shuts Down
- Critical Flash Flaw Found, Fixed
- Sony Copy-Protection Patch Can Crash Windows
- Cisco's Research Nemesis Hired By Rival Juniper
- Yahoo, TiVo Bring Web And TV Closer
- Computer Associates Divests Ingres Database
- Qualcomm Sues Nokia As 3G Mobile Patent War Escalates
- Trials Find 3G Problems That Operators Must Correct
4. In Depth: RFID & Privacy
5. Voice Of Authority: Countering Cyberterrorism
6. White Papers: Telecom Expenses
7. Get More Out Of InformationWeek
8. Manage Your Newsletter Subscription
Quote of the day:
"A strong conviction that something must be done is the parent of many bad measures." -- Daniel Webster
Sony's latest response to the threat of music piracy is to engage in behavior every bit as bad as the pirates it's trying to protect itself from.
Sony BMG Music Entertainment decided that the threat of piracy was so severe that it needed to protect itself by installing on customers' PCs hacker tools that exposed those systems to massive security vulnerabilities.
Sony included hacker technology called a "rootkit" in the copy-protection software distributed along with one of its music titles. A rootkit is technology used by computer criminals to permit them to break into target systems. The rootkit is such a hairball to remove that security researchers recommended users not try to remove it themselves, but rather contact Sony to get instructions.
Sony countered by saying that the copy-protection software is harmless and issuing a patch. Hackers, meanwhile, are making a mockery of Sony's claims by distributing code that they claim takes advantage of security holes opened by Sony's DRM.
And, as revealed Monday, the patch presents problems of its own; it can crash Windows.
The Sony software is, plain and simple, spyware, by any reasonable standard of the word. It installs itself without users' knowledge, it runs in stealth mode, it damages the user's system, and it resists removal.
Sony's tactic isn't just a problem for consumers; it's also a problem for business network managers. Employees often enjoy listening to music while at work, and an employee who innocently brings in a CD that's infected with Sony's copy protection can open a security hole to the entire network.
Sony had no excuse for its behavior. The fact that some of its customers pirate music does not legitimize Sony's hacking into all its customers' computers and exposing them to security holes. Sony needs to recall the infected media, confess it did wrong, apologize to customers, and make amends. Meanwhile, law-enforcement authorities need to investigate whether Sony is in violation of civil and criminal laws against computer piracy. I'm no lawyer, but it sure looks from here like it is.
Microsoft releases database and developer tools aimed at proving Windows can handle large-scale, big-business computing environments.
Microsoft, SAP Team Up Against Oracle
Under a multiyear licensing program, SAP can embed and sell Microsoft's upgraded database with its enterprise-applications platform.
Microsoft Renames Beta AntiSpyware Pack 'Defender'
New anti-spyware signatures will be delivered using Windows Update, Microsoft's one-stop update service for individuals and small businesses, and pushed to enterprises using Windows Server Update Services.
Microsoft Faces Stiff Competition With 'Live' Service
Microsoft is playing catch-up in the Web software realm. Can it substitute ad sales for license revenue and change how it develops software?
Fred asked, you answered. Here are your top recommendations for the best desktop firewalls.
Cisco Is Looking Like The Next Big Security Target
Cisco routers are everywhere. That makes them your next security concern.
As the IT-job market improves, employers need to revise pay, benefits, and workplace policies to ensure that their most valuable people don't leave.
Cablevision Boosts Broadband Speeds
The cable company plans to offer service with speeds of up to 50 Mbps. A slower service--downloads of 30 Mbps and uploads of 2 Mbps--is priced at $64.95 a month.
Grokster Shuts Down
The network was the target of a lawsuit filed by Hollywood to stop illegal movie sharing on peer-to-peer networks. The company says it plans to open a legal service, Grokster 3G, soon.
Critical Flash Flaw Found, Fixed
The vulnerability is in the code of Flash.ocx, the component responsible for playing back Flash content files, a security firm said.
Sony Copy-Protection Patch Can Crash Windows
The blue-screen crash can also mean some data loss, says one of the researchers who first uncovered Sony's use of a hacker rootkit on its music CDs.
Cisco's Research Nemesis Hired By Rival Juniper
Researcher Michael Lynn's presentation about a Cisco security flaw at the Black Hat conference stirred up much controversy, with Cisco taking him to court in a bid to stifle him from sharing his findings any more widely.
Yahoo, TiVo Bring Web And TV Closer
TiVo subscribers who use the Series2 DVR can schedule recordings from anywhere they have access to a computer with an Internet connection.
Computer Associates Divests Ingres Database
CA retains a 20% ownership stake in the company and plans to continue marketing and development.
Qualcomm Sues Nokia As 3G Mobile Patent War Escalates
In a patent-infringement suit filed in U.S. federal court, Qualcomm alleges that Nokia is infringing on 11 of its patents in addition to one owned by its SnapTrack unit.
Trials Find 3G Problems That Operators Must Correct
Issues include degraded video performance and delays in Web browsing and some other applications, a Motorola report acknowledges; these are problems that the service providers and handset manufacturers must deal with if they're to be fixed.
The News Show
John Soat with "Security First!" in the current episode of "The News Show." He discusses what's expected for Microsoft's patch Tuesday, commercial businesses securing wireless networks, and protecting investors from online attacks.
Also in Monday's episode:
Aaron Ricadela Gives Us A 'Super Performance'
IBM unveils the fastest supercomputer in the world, the "Blue Jean L," capable of a world-record 280 trillion (yes, with a "t") computations a second.
Laurie Sullivan With 'Spy Chips'
Is RFID the 21st century Big Brother? These chips can increase business efficiency, but at what price to your privacy? Sullivan interviews the author of a new book that explores how companies can potentially use RFID to track your every move.
Nominations For Blog-X Awards Begin!
You determine the nominees and you choose the winner in TechWeb's second annual Blog-X Awards. Nominate your favorite tech blog now, and be sure to return when it's time to vote for the winner!
A Week's Worth Of Dailies--All In One Place
Have you missed an issue or two of the InformationWeek Daily? Or want to check out some recent quotes of the day? Check out our Daily newsletter archive page and get caught up quickly.
Subscribe To Your Favorite Authors
Are you a fan of Fred Langa? Are there other InformationWeek authors that you view as must-reads? Then check out our all-new authors directory; each author has his or her own page and RSS feed.
Learn from the best and brightest! The InformationWeek 500 report outlines the best IT and business practices of the InformationWeek 500 across core areas of operations, including IT budgets, technology deployment, strategies, and staffing. Use this report to benchmark your company's IT strategies and budgets against some of the nation's best-known companies.
John Soat asks if Katherine Albrecht, co-author of the book "Spychips," is exploiting religion cynically in her fight against RFID.
Business Technology: RFID Friends And Foes Share Their Views
What's needed is a clear understanding of the pros and cons of technologies like RFID, Bob Evans says. That will require more research, more bold initiatives, more clear thinking about privacy, and less hysteria.
RFID Exec Responds To 'Spychips' Book
Nicholas Chavez, president of an RFID provider, has published a response to the book and has asked the authors participate on an RFID advisory board.
RFID: Really Feeling Increasingly Defensive?
Patricia Keefe says: "Spychips" is a scary new book by consumer-privacy advocates Katherine Albrecht and Liz McIntyre, and it should be must reading for anyone who doesn't "get" the concerns over RFID chips. Even if half of what the book says in the planning or thinking stages is true, that's more than enough to make anyone nervous about the potential--or even planned, if the authors are to be believed--misuse of this technology.
The recent arrest and 17-count indictment against 20-year-old accused hacker and botmaster Jeanson James Ancheta for both using and selling the tools to attack a number of networks, including some within the Defense Department, should be taken as a shot across the bow by anyone who reads this. Ancheta is accused of being part of a new breed of criminal hacker: not just in it for the fame--sure, he's getting his 15 minutes, although it could be more like 50 years--but rather after money. According to the charges against him, Ancheta even managed to collect nearly $60,000 by creating, spreading, and selling bots to the highest bidders. By all accounts, Ancheta is smart and motivated, and there was a market for his black-market guerrilla hacking tactics and tools. How do you stop a smart, motivated attacker from making your life miserable? Read carefully.
Tracking corporate network expenses can prove to be extremely challenging. Telecom vendors are facing many issues--increased pressure to do more with less and cutting costs while increasing revenue. This paper discusses why managing vendor invoices is the only way for enterprises to truly understand and take control of these expenses.
Try InformationWeek's RSS Feed
Discover all InformationWeek's sites and newsletters
To unsubscribe from, subscribe to, or change your E-mail address for this newsletter, please visit the InformationWeek Subscription Center.
Note: To change your E-mail address, please subscribe your new address and unsubscribe your old one.
Keep Getting This Newsletter
Don't let future editions of InformationWeek Daily go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. Thanks.