One of the sub-stories in all the Sony DRM mess of the last month with the XCP copy protection was that it was really an ineffective way of preventing copying of music anyway. In other words, you could press shift while inserting the cd to avoid the installer, then other programs could access the cd/allow copying without the software installed, other OS’s could access the disc and rip the tracks. In other words it wasn’t very useful toward it’s objective of preventing copying…
Month: November 2005
-
New Beagle/Bagle variant?
So, I submitted the suspicious attachment I received to virustotal (scan@virustotal.com with SCAN in the subject and suspicious file as attachment.) What follows below is the report I received. It looks like some of the big names (Symantec, McAfee are not finding anything wrong with it at this point, with the hodge-podge of names it will take me a bit to investigate and see if the other vendors are tagging it as new.)
-
Serving up web ads to users with javascript disabled
Well, with all the news on the Explorer bug, I started wondering what affect this would have on people browsing sites with adsense. I mean, adsense relies on javascript, so if it’s disabled, no adsense right? Right… Of course, adsense is not the only advertising program that uses javascript. (Of course, there are a number of other things, web counters like google analytics, etc….)
-
Old Play by mail (email) games…
Ok – not work related, but… I was remembering with one of my brother’s a computer game we played maybe 10 years ago that was a strategy game and had a neat play by email feature. The game was turn based, we’d make a move and it had a handy link to email the game info to each other and I think we went back and forth with it for several weeks. It was really quite an entertaining way to deal with the game. Now, today, with realtime strategy games, online multiplayer communities, etc. play by email seems a bit dated, but for many turn based games this would be one feature I’d LOVE to see more of.
-
Leading browser coders get together on internet security
This is one of those stories that you never thought you’d see (especially after the Microsoft-Netscape “wars”)… Developers from four of the most prominent web browsers, Internet Explorer, Mozilla/Firefox, Opera and Konqueror (much of the foundations for Safari are in the Konqueror codebase)… have got together and talked about different approaches and ideas on improving security while web-browsing…
-
Today’s Sony DRM rootkit stories….
Amazingly I haven’t seen any big Sony news today, but there are a couple stories out that are worth noting… First up is freedom-to-tinker with their take on the lawsuits announced yesterday and the one thing that isn’t getting much press coverage, the MediaMax DRM software. XCP is the name of the rootkit that Sony had used for Digital Rights Management that’s caused all the fuss lately, through it’s way of hiding in the system, it’s security vulnerabilities, it’s difficulty to remove (damage to the system) and vulnerabilites in the uninstaller. Well…
-
Froogle Local price comparisons
I noticed that the googleblog had a note today about some improvements to Froogle that have been rolled out. I have noticed recently that some products were “clustered” with price descriptions of (from $22-$49) or something, which when clicked would show you the exact same item at multiple places (more targeted than just a search for a product name.) The real evolution of it is local…
-
New Sober variants..
Ok – there are some new variants on the Sober worm circulating. I received one on an address that’s unfiltered (no virus/spam filtering) and must say, I can see people being duped into looking at the attachment. Sans has a post on it.. Sarc is calling it W32sober.x@mm and rates it at a threat level of three. I’ve seen many outlets tag it as sober.y
-
More on Explorer vulnerability
Among other things… Sans has lowered the infocon to green, NOT that the threat is diminished, but there have been no new developments with regards to the announcement yesterday of a major Internet Explorer security vulnerability. Sans recommends browsing the web with firefox (with the noscript extension, so you can enable/disable javascript where you wish). There has not yet been evidence of an active attempt at exploiting the vulnerability, but the proof of concept code could be relatively easily changed.
-
Cleaning up after the Sony Rootkit
Sunbeltblog has a suggestion (from Ben Edelman) for SONY on how to get the word out to customers that they have the problem laden XCP/ rootkit/ trojan/ drm software that’s been burning up tech news… Distribute an ad through their own rootkit. It does, after all, “phone home” from time to time and…. it looks like a banner can be displayed. Details on Ben Edelman’s site.