[35395] in bugtraq
Re: Caveat Lector: Beastie Boys Evil
daemon@ATHENA.MIT.EDU (PC Sage)
Sun Jun 20 17:29:24 2004
In-Reply-To: <200406160110.23023.dr@kyx.net>
Mime-Version: 1.0 (Apple Message framework v618)
Content-Type: text/plain; charset=US-ASCII; format=flowed
Message-Id: <0A3742FC-C006-11D8-AEDD-000D93AF6C2E@pcsage.biz>
Content-Transfer-Encoding: 7bit
Cc: bugtraq@securityfocus.com
From: PC Sage <swayze@pcsage.biz>
Date: Wed, 16 Jun 2004 22:28:38 -0400
To: Dragos Ruiu <dr@kyx.net>
Typically, when an application is being installed in Mac OS X (assuming
X?), if it requires system file modification it will require an
administrative level password to continue. While it is true that I
haven't purchased said malware, this is the usual case. If this
'helpful drm software' is being installed AND does modify system files
w/o requiring administrative level authorization this would smack of an
exploit against OS X and perhaps should be outed to Apple? Remember the
media that would break CDROM units that Mac users suffered through in
recent memory? DRM, while it's the buzzword du jour, should not
supplant content creators and suppliers due diligence when implementing
their policies. I am, for one, appalled by the manner in which Capitol
has reportedly acted in this respect. Thank-you for bringing this to my
attention.
Regards,
Sean Swayze
swayze AT pcsage DOT biz
On 16-Jun-04, at 4:10 AM, Dragos Ruiu wrote:
> Well I truly regret actually purchasing a copy of the new Beastie Boys
> album
> to support them.
>
> It seems that Capitol Records has some sort of new copy protection
> system,
> that automatically, silently, installs "helpful" copy protection
> software on
> MacOS and Windows as soon as you insert the CD into default systems.
> I'm not sure exactly what it does yet, but I am sure regreting actually
> purchasing said media now... they don't deserve my money if they choose
> to pull stupid stunts like this. Installing software without your
> permission
> sounds like viral malware behaviour to me. I certainly hope the AV
> companies
> put signatures into their products for this crap.
>
> They include some sort of uninstaller buried on there for Windows, but
> I see no such thing for MacOS. If anyone has disassembled the
> aforementioned malware already and can save us some time with
> instructions on how to remove it... thanks in advance.
>
> caveat emptor,
> --dr
>
> --
> World Security Pros. Cutting Edge Training, Tools, and Techniques
> Tokyo, Japan Nov 11-12 2004 http://pacsec.jp
> pgpkey http://dragos.com/ kyxpgp
>
>
