Posted by bordalix
Wed, 16 Nov 2005 15:52:00 GMT
This can be Sony's worst nightmare: first, Sony decided to distribute a rootkit in there music CDs, to be installed in your PC (without your knowledge), in order to hide is DRM software; second, Mark Russinovich
discovered the existence of this rootkit, and make it public, which make people start to
scream at Sony; third, someone took advantage of the rootkit and wrote a trojan codenamed
Stinx-E, able to hide from Windows, so impossible to be detected and cleaned; fourth, Sony decided to provide an uninstaller to allow people to erase the rootkit, but this uninstaller
raised new security holes; and finally, it seems
Sony used some LGPL code, without delivering the source, so breaking copyright:
It turns out that the rootkit contains pieces of code that are identical to LAME, an open source mp3-encoder, and thereby breach the license.
This software is licensed under the so called Lesser Gnu Public License (LGPL). According to this license Sony must comply with a couple of demands. Amongst others, they have to indicate in a copyright notice that they make use of the software. The company must also deliver the source code to the open-source libraries or otherwise make these available. And finally, they must deliver or otherwise make available the in between form between source code and executable code, the so called object files, with which others can make comparable software.
Sony complied with non of these demands, but delivered just an executable program. A computer expert, whose name is known by the redaction, discovered that the CD "Get Right With The Man" by "Van Zant" contains strings from the library version.c of Lame. This can be concluded from the string: "http://www.mp3dev.org/", "0.90", "LAME3.95", "3.95", "3.95 ".
Tags drm, sony | no comments
Posted by bordalix
Tue, 15 Nov 2005 15:51:00 GMT
So, after all the
fuss around this issue, Sony decided to allow people to download an uninstaler for is DRM software. All you have to do is fill a
form, download the software and run it. Know that you know that, don't do it. People from Freedom to Tinker
found out that if you install Sony uninstaller in your PC, you are opening a huge security hole. Malicious users can execute code in your PC, all you have to do is visit one of there websites. Where (and when) is this going to end?
Tags drm, sony | no comments
Posted by bordalix
Tue, 15 Nov 2005 15:50:00 GMT
There are a lot of different definitions for what is Web 2.0. Wikipedia as
one, Tim O'Reilly
another, and there is even a
cumulative definition. Maybe Web 2.0 is about this:
peer-to-peer services, where your peers helps you getting what you need, and in return you help your peers by participating. And this can be used for viewing television and videos over the internet, with
Tioti (Tape If Of The Internet), for writing and reading stories, with
Glypho, or for finding interesting stories with
Digg. What I really now is that, like
Mark Evans,
I'm drowning in Web 2.0 apps.
Tags web2.0 | no comments
Posted by bordalix
Mon, 14 Nov 2005 15:49:00 GMT
Via
pfig,
Media Central (inspired by
Front Row and
CenterStage).
no comments
Posted by bordalix
Fri, 11 Nov 2005 15:48:00 GMT
So, Sony installs a
rootkit in your PC when you buy a CD from them, in order to implement his
DRM. This was
discovered by
Mark Russinovich in October (highly technical post). In my personal opinion, this an unacceptable behavior, and I'm not alone:
Frederico Oliveira wrote what I consider to be the first
anti-Sony manifesto, which I totally subscribe.
Tags drm, sony | no comments
Posted by bordalix
Wed, 09 Nov 2005 15:47:00 GMT
One year later, Firefox turns into a baby with
11.51% market share.
Update: these
guys are serious about changing from IE to Firefox
Tags firefox | no comments
Posted by bordalix
Wed, 09 Nov 2005 15:45:00 GMT
The
discussion continues, and it reached the
Committee on Energy and Commerce in the US. I'm really interested in this issue, since I work in an ISP, being a free Internet advocate, so you can imagine the duality I'm feeling these days.
Shaw Cable, a Canadian company, is limiting P2P bandwidth using technology from
Ellacoya, so we can now say it already started. The technology is out there, and telcos are ready to start using it in large scale. This is a very important question, that goes from freedom to innovation, trough economics and technology.
I understand the economics of launching a broadband network, but I also understand (and agree) with
Vint Cerf words. I'm waiting, and listening to the
live hearing webcast.
Update: this issue has been
digged
Tags neutrality | no comments
Posted by bordalix
Tue, 08 Nov 2005 15:44:00 GMT
8 years ago I gave my first presentation on network security. It's a hard topic, and the worst parts were explaining how cryptography works, and explaining software bugs as the buffer overflow or a race condition. Meanwhile, Wired as made an amazing job explaining the formers with an
animation. You don't get the cryptography how to (guess prime numbers theory is really hard to draw) but instead you can have a glance at some moments of really
bad software.
Update:NSA's site for
CryptoKids.
Tags security | no comments
Posted by bordalix
Tue, 08 Nov 2005 15:43:00 GMT
Due to the lack of time, today's menu is about grilled feeds:
- Microsoft keeps surprising, and is offering Visual Studio and SQL Server. It's free, even for comercial usage, but it's only a Express Edition;
- An excelent how-to implement your own helpdesk company, using UltraVNC and some webservices. Requires heavy geekary;
- Joined the Morfik Pioneers program. A very interesting application that will allow building web applications (AJAX) with a graphical user interface;
- Finnaly, follow-me phoning, or how to implement bluetooth proximity detection with Asterisk.
Tags asterisk, microsoft | no comments
Posted by bordalix
Fri, 04 Nov 2005 15:41:00 GMT
Three news worth notice:
- The newest player to arrive at the webOS arena is Microsoft. The old giant unveiled is web strategy, launching is Live program: a personalizable website, with a lot of Ajax and a cool concept, Windows Gadgets; a new webmail application, which mimics Outlook in a browser (have to see this working); a new messenger, with VoIP integrated and ability to call for any fixed line in world; and Office Live, which is not an online version of Office, but a set of free, ad supported, productivity business tools;
- Sun announces services to convert Microsoft Office docs to Open Office compatible format. There is nothing special with this announcement, Sun is following the OpenOffice path. The thing is, this is a service to be offer by Sun Grid Utility, which is Sun's vision of the future, "the network is the computer". Or in other words, applications will be web based, all you need on your side is a browser and a web server running in our PC for local access to information, as stated by Jason Kottke;
- Google has filed a patent to serve search results based on user profiles. That means that Google will start to work on all the information they have about us, like what are we searching for, what are the websites we visit most, and what are our social networks. It's a good idea to have Google showing me the links I care most, but this arise a lot of privacy concerns. For a peek on where this could lead us, watch epic.
Tags ajax, google, microsoft, office, sun, voip | no comments
Articles
