Cyberlaw Central

My major problem with the Sony DRM I wrote about yesterday is the lack of consent on the part of the user. The terms of the Sony EULA are posted here. Nowhere does Sony advise that even if you uninstall the software using normal procedures that there are hidden bits that remain. Further, the fact that the software is sloppily written and leaves the door open for malicious rootkit developers to take advantage of its flaws is negligent at best.

For its part, Sony today advised that a removal tool is now available from its website provided that you tell Sony where you obtained the CD from. However, it denied wrongdoing while admitting that many of the security flaws pointed out by Russinovich will be fixed on future CD releases.

Here’s a link to a fascinating article by Mark Russinovich detailing his process in detecting the DRM on his computer installed with a Sony music CD that uses rootkit technology to hide its existence. It’s the same process used by a lot of malware to hide their existence.

Bad, Sony. Bad, bad bad.

Here is an excellent article on the response taken by a bank (whose identity is kept anonymous in the article) to a Phishing attack.

(Link courtesy of beSpacific)

The patches that Microsoft released for a security flaw are partly to blame for the recent Zotob virus outbreak. As noted in many places, among them being This Week in Tech, hackers reverse engineered the patches to determine exactly where the security flaw was and released the Zotob virus within *THREE DAYS*.

Microsoft is damned if they don’t release security patches, because then if the flaw is discovered later by independent third parties and evidence comes out that Microsoft knew about it, itd be a Plaintiff lawyer’s field day.

At the same time, they are damned if they do. Three days is not enough time for many large companies to roll out security patches since the patches need to be tested carefully. If the patch breaks word processing applications for an entire international company, heads will roll in the IT department. Yet if hackers release another virus like Zotob but which is more troublesome, IT departments will be forced to roll out patches much sooner than they want to.

Microsoft, as the source of the patch, is damned either way.

This is very, very disturbing. An article over at Eweek claims that the spyware called CoolWebSearch is actually a keylogger. A test by a spyware removal company found that the program is sending passwords, user names and bank account information to a server in Texas. The FBI has been notified, but the article does not state what action, if any, has been taken as of this date.

I sound like a broken record - Clean your computer of this stuff. The Internet is not always a pretty place. Take appropriate precautions and you will be fine, but if you don’t you can be in serious trouble.

For those of you who don’t know, Michael Lynn gave a speech at the Black Hat conference in Las Vegas on July 26th that has erupted into controversy. The topic? A revelation of the vulnerabilities in the Cisco routers that are the backbone of the Internet. He had to quit his job before doing it, and ended up getting sued by Cisco and his former employer, ISS. Bruce Schneier gives good accounts of the basic story here and here.

What is fascinating is the account blogged by Michael Lynn’s attorney, Jennifer Granick. She talks about how she took the case, and what led to the settlement reached within the first 24 hours. Her last installment promises even more details to come, so stay tuned. I sure will.

From CNet News:

The attackers typically lure people to the malicious sites by sending enticing e-mails and instant messages. When a victim clicks on a link, the computer becomes infected. In one case, a greeting card was displayed and a tune played in the background while spyware was being installed on the compromised PC,Websense said.

These sites are popping up in the blogosphere, taking advantage of the free hosting available at some of the free blogging sites. If you keep your malware detection software up to date and generally practice safe computing (don’t follow links in strange emails and IMs) you should be relatively safe.

The FBI earlier today raided the “Elite Torrents” BitTorrent network, shutting down its core server. Anyone accessing the site now receives the message “This Site Has Been Permanently Shut Down By The Federal Bureau of Investigation and U.S. Immigration and Customs Enforcement.”

The site had been one that was sharing the new Star Wars release, “Revenge of the Sith.” The movie is claimed to have been downloaded more than 10,000 times the first day it was available, and was up and available for download six hours before the movie opened in theatres.

BitTorrent as a technology has many legitimate uses - I know of a few Podcasters that use the technology to make their shows available faster and more freely available. However, it’s not surprising that actions like this are being taken. Piracy can’t be condoned. And, the mainstream media is full of stories about the widespread infringement of the latest (last?) Star Wars film. It’s so widespread that in order to show they are being effective the government is now forced to take action. If I were a BitTorrent user, I would think twice before infringing the copyright by means of an unauthorized download — it won’t be long before the next raid.

An interesting article written by Declan McCullogh points out that the FTC plans to ask ISPs to take a more active role in policing the net. Basically, the plan is for the FTC to send a letter to ISPs pointing out steps these service providers can take to help reduce spam by finding and eliminating “zombie networks” that are churning out spam.

It’s a start, but I’m concerned that it is just a baby step. The problem is that much of the traffic is outside of the jurisdiction of the FTC, as the servers that originated these attacks are overseas. Still, if there are *any* assets that are here these assets can be seized.

The Ponemen institute released the results of their 2005 National Spyware Survey today.

Interestingly, 97% of the people who reported having found spyware on their machine did not remember seeing an end user license agreement (EULA) before the software was installed. Not surprising is the figure that 87% reported reduced productivity losses as a result of the installation.

If you suspect your machine is infested, best to run a detector like Spybot. And, keep it up to date.