Forgot your password?
typodupeerror
The Internet Media Movies Security Your Rights Online

RIAA/MPAA Contractor Deploys Malicious Adware Trojans 883

Posted by michael
from the gloves-are-OFF dept.
RichardX writes "Overpeer, the organization responsible for seeding many peer to peer networks with damaged, corrupt and fake files has now found a way of hiding spyware and adware inside Windows Media files by using a DRM loophole and is using this technique to further pollute p2p networks." Several readers sent in a PCworld article on the same subject.
This discussion has been archived. No new comments can be posted.

RIAA/MPAA Contractor Deploys Malicious Adware Trojans

Comments Filter:
  • I Wonder... (Score:5, Insightful)

    by jpatters (883) on Friday December 31, 2004 @04:01PM (#11229531)
    Isn't that blatently illegal?
  • lawsuit? (Score:1, Insightful)

    by Anonymous Coward on Friday December 31, 2004 @04:03PM (#11229548)
    It seems to me the contractor could be sued for such stuff. Intent of the person downloading is irrelevant.
  • by hoggoth (414195) on Friday December 31, 2004 @04:03PM (#11229551) Journal
    If they can do it, so can any hacker/cracker/virus writer. That's a good enough reason to never touch DRM inflicted Microsoft media files.

  • I wonder.. (Score:5, Insightful)

    by slashkitty (21637) on Friday December 31, 2004 @04:03PM (#11229555) Homepage
    why people trust wmv files when this can happen. Combine it with some ie security holes and you got a real problem. It'd be pretty easy to create a p2p wmv worm that infects the entire network.. no?
  • by 93,000 (150453) on Friday December 31, 2004 @04:04PM (#11229562)
    It seems anyone the least bit concerned about DRM/sharing/etc wouldn't be using windows media anyway.
  • Unbelievable (Score:2, Insightful)

    by thesatch (844290) on Friday December 31, 2004 @04:04PM (#11229567)
    This should be the last straw to all the fire sharers out there.

    People should stop taking such a passive stance to all the criminal acts commited by the MPAA and RIAA. Fight fire with fire.
  • by justkarl (775856) on Friday December 31, 2004 @04:05PM (#11229572) Homepage
    One more reason not to use Windows Media. How many do you need?
  • by ArticleI (842868) on Friday December 31, 2004 @04:05PM (#11229574)
    Does anyone actually copy windows media files? I thought everyone used mp3 and if not that, then ogg or flac.
  • by chriso11 (254041) on Friday December 31, 2004 @04:05PM (#11229577) Journal
    Why use WMA files?

    How hard is it to simply stick to MP3s? I avoid WMA files like the plague. Even if there is an exploit for MP3s, I doubt it would be effective on all clients.

  • by creimer (824291) on Friday December 31, 2004 @04:06PM (#11229584) Homepage
    Another reason to avoid the P2P clients for getting music and videos. Get legal and stay out of trouble by avoiding the P2P clients. A weekly virus- and adware-scan also helps.
  • by phaln (579585) on Friday December 31, 2004 @04:06PM (#11229585) Homepage
    ...I'd think these people should be prosecuted to the fullest extent of the law. ;)

    After all, two wrongs don't make a right, no?
  • Ah Microsoft (Score:5, Insightful)

    by riceboy50 (631755) on Friday December 31, 2004 @04:06PM (#11229590)
    Now your DRM can be used a weapon against you, how do you feel about that?
  • Re:Unbelievable (Score:2, Insightful)

    by zoips (576749) on Friday December 31, 2004 @04:08PM (#11229606) Homepage
    Fight fire with fire.

    Amusing. I thought that was what the RIAA and MPAA was doing.
  • Re:I Wonder... (Score:2, Insightful)

    by iamzack (830561) on Friday December 31, 2004 @04:08PM (#11229608)
    Yes, but you could circumvent any wrongdoing on your part by downloading a song from an album you already own.

    PS: Anyone that ever encodes anything to WMA/WMV is a MORAN anyway. They need to get a brain.
  • Re:So how.. (Score:5, Insightful)

    by JPriest (547211) on Friday December 31, 2004 @04:09PM (#11229613) Homepage
    With tactics like this I hope they don't wonder why people don't feel sorry for them.
  • by Anonymous Coward on Friday December 31, 2004 @04:09PM (#11229614)
    I know! When I trade so called "illegal" files on p2p networks, I have .wma files filterd out. Good thing too! DRM is nothing but a disease IMO.
  • The problem (Score:5, Insightful)

    by Dachannien (617929) on Friday December 31, 2004 @04:11PM (#11229628)
    The problem is that the only people with standing to make a legal complaint about this practice (i.e., sue them) are people who have downloaded the files and had damages caused to them from the spyware being installed.

    However, at the same time, said people are admitting in court that they downloaded (or attempted to download) media for which they didn't hold the copyright.

    One possible way around this is if someone already has purchased the CD/DVD and wanted to download a copy so they could archive the original (because they have CD/DVD hardware that couldn't rip the original to disk). Of course, this idea has not been tested in court, and would probably be a protracted and expensive battle to fight.

  • Re:So how.. (Score:5, Insightful)

    by Fallen_Knight (635373) on Friday December 31, 2004 @04:11PM (#11229629)
    The poeple who should be getting pissed about this is MS, i dont' think they will like it when WMA becomes like IE, known for giving you adware and viruses when used.
  • by aminorex (141494) on Friday December 31, 2004 @04:12PM (#11229636) Homepage Journal
    Law of unintended consequences: .wma/.wmv are dead
    as a format. Windows Media Player? Stick a fork
    in it, it's done.
  • Pirated? (Score:4, Insightful)

    by Kickasso (210195) on Friday December 31, 2004 @04:12PM (#11229640)
    A copyright holder's agent (RIAA) offered it for download. Perfectly legit I would say.
  • then... (Score:1, Insightful)

    by Anonymous Coward on Friday December 31, 2004 @04:16PM (#11229671)
    exactly how does damaging the LEAST format downloaded on the net, affect the overall downloads??
  • Re:Virus?? (Score:5, Insightful)

    by eln (21727) on Friday December 31, 2004 @04:16PM (#11229673) Homepage
    A failed business model is one that fails to generate a profit. If no one paid for CDs at their current price, but everyone downloaded them, that would not mean people are "too cheap," it just means that the demand for CDs only exists at a lower price point than the supplier is trying to sell them at. If the prices are lowered, sales would increase.

    Of course, if there is an easy way to get a product free, people are unlikely to demand it at any price other than free, and so the business will fail unless it can either stop the free distribution of its products, or start selling products that are more difficult to distribute for free.

    Under these criteria, the model of selling content that is easily obtainable for free IS destined to fail, whether demand exists or not, since the demand exists at a price point (free) that is by definition unable to generate profits. This is why these organizations are so afraid of filesharing. They can't figure out a way to maintain their current business model, and they haven't figured out a viable alternative business model, in the presence of filesharing.
  • by Peterus7 (607982) on Friday December 31, 2004 @04:17PM (#11229682) Homepage Journal
    But if the MPAA does, it's okay.

    However, they do have all right to do this in some respects. They are putting up crap on a P2P network, just like any other idiot. Still, what gets to me is the system in general. When a lone hacker writes a virus, he gets jail time. When a corporation writes a virus...

    But then, what should P2P users do? If they're so serious about P2P, they'll either take the risk or find a new way of sharing files that finds the trojans and whatnot.

    Although really, I'm suprised the government isn't stepping in right abou... Wait, nevermind.

  • vigilante justice (Score:1, Insightful)

    by Anonymous Coward on Friday December 31, 2004 @04:17PM (#11229685)
    Marc Morgenstern, Loudeye vp and general manager of digital media asset protection, characterized Overpeer's actions as, "just deserts for people who illegally trade copyrighted works for free,"

    Mr. Morgenstern's mindset is provincial. p2p networks span international borders. In Canada, downloading music from p2p networks is explicitly legal regardless of its origin. Thus, within Canada Mr. Morgenstern is promoting punishment of people who are not breaking the law, but merely going against his beliefs.

    In Canada, those who attempt to punish people who haven't broken the law are called vigilantes and criminals. They go to jail when caught.
  • This is great! (Score:5, Insightful)

    by AtariDatacenter (31657) on Friday December 31, 2004 @04:20PM (#11229701)
    No, really. It's like peeing in your own pool. You need DRM in order to sell music to people and to "control the rights". But at the same time, they're using DRM to attack people who are outside the system. So it kind of makes you feel unsafe about using DRM in the first place. Life is better outside of the DRM system.

    BTW, I remembered the option for something like "automatically download rights management software" when installating Windows Media Player, what, 10 is it now? I hesitantly clicked yes. Now that I've done so, I can't find an option inside of the program to say no. Odd.
  • So Scary! (Score:4, Insightful)

    by jonathonjones (844293) on Friday December 31, 2004 @04:25PM (#11229735) Homepage

    What many of you seem to fail to realize is that the purpose of this has nothing to do with actually damaging computers. Rather, what the recording industry is trying to do is stop people from using P2P. And they do this through fear. That's why they do the suing (your chances of getting sued are minimal, but plenty of people get scared and stop downloading). Now, plenty of morons (for who else would this tactic work on?) will hear that downloading music can give you viruses and adware - rumors will fly wildly.

    At least, that's their hope. We'll see whether it works.

  • by System.out.println() (755533) on Friday December 31, 2004 @04:25PM (#11229741) Journal
    While I appreciate the variety, I agree with most of the other comments more: avoid Windows Media, not P2P.

    Do you work for Microsoft, by chance? Perhaps the RIAA?
  • Re:I Wonder... (Score:5, Insightful)

    by zakezuke (229119) on Friday December 31, 2004 @04:26PM (#11229750)
    Yes, it is. Except to file complaint you have to admit you were trying to download a "pirated audio file".

    Neither the RIAA nor MPAA would release any file unless they had permission to do so. It wouldn't be "copyright infringement" if they are granted the right to give you a copy.

  • Mod parent up (Score:4, Insightful)

    by TheSpoom (715771) * <slashdot@@@uberm00...net> on Friday December 31, 2004 @04:33PM (#11229812) Homepage Journal
    That's correct, isn't it? The RIAA is *publishing* their works on a P2P service. I bet a valid argument could be made in court there.
  • Re:This is great! (Score:2, Insightful)

    by FuturePastNow (836765) on Friday December 31, 2004 @04:35PM (#11229825)
    In WMP 10, go to "tools," then "options," then "privacy." There should be a check box next to "Acquire licences automatically." It took me less time to find that than it took for the program to open.
  • Illegal RIAA? (Score:2, Insightful)

    by Dvondrake (844198) on Friday December 31, 2004 @04:40PM (#11229866) Homepage Journal
    This plainly doesnt make sence. If the government goes after hackers for planting trojans and adware; hacking, why does the RIAA get away with planting trojans and aware it's self? If they wish to do that, then why do they stop hackers and not the RIAA? It's the same thing, just different people. With this downloading thing with all these torrent sites going down and all, I wouldn't really get too worked up about the torrent sites. I would get worked up about the sites that have all the cracks and cd keys. 'Cmon, where do you think the people who host these torrents get the keygenerators, serials, and cracks? They get them from crack sites! Just a few thoughts about that.. I still think it doesnt make sence though.
  • Re:So how.. (Score:5, Insightful)

    by Kierthos (225954) on Friday December 31, 2004 @04:40PM (#11229867) Homepage
    No kidding. I mean, for one thing, by the time the movie is in the theater, the painters and the stuntmen had best already have been paid. For another thing, with all the piracy that's been going on, if it was hurting the business so much that they couldn't pay the painters and the stuntmen, then there wouldn't be movies opening every week.

    And yet, checking the local theater listings....

    Yeah, piracy is bad. Not BAD, in all caps. Not Bad, with a capital B. But bad. But what the RIAA and MPAA are doing here is worse. It's sleazy, underhanded crap, and if a private citizen did shit like this, the hammer of the judicial system would get dropped on them in a heartbeat.

    Kierthos
  • Terrorism (Score:5, Insightful)

    by mikiN (75494) on Friday December 31, 2004 @04:40PM (#11229868)
    n. [reference.com]

    The unlawful use or threatened use of force or violence by a person or an organized group against people or property with the intention of intimidating or coercing societies or governments, often for ideological or political reasons.

    How is what the **AA are doing (hacking into music downloaders' computers and installing malware to further their cause against piracy) any different?
    If this is the way they think they must do business, lets give 'em h*ll!
  • Re:Virus?? (Score:5, Insightful)

    by madmancarman (100642) on Friday December 31, 2004 @04:48PM (#11229929)
    The "average user," and especially the media, is already convinced that p2p is synonymous with illegal activity, so this is unlikely to raise much of an uproar outside of the geek and college student communities.

    The media may be convinced that p2p is synonmous with illegal activity, but they love scaring viewers by "exposing" crimes that may be happening in your neighborhood! Right next door!

    However, the "average user" is much more concerned with their pocketbook than with nebulous notions such as "intellectual property" and "digital rights management". When I bring up the subject to family members, friends and students, their eyes just sort of glaze over. I honestly don't think the average person gives a shit about copyright. The only people who care are those who make money by creating copyrighted works, and those who market/produce/protect those works.

    At the high school where I teach and do tech support, the first RIAA lawsuits a few years ago sent a number of students and teachers scurrying to me to see if they might be in trouble for downloading music. My two favorites were the stoner kid who didn't realize he was sharing 4000+ songs on Kazaa, and the evangelical principal who subscribed to Roadrunner for the sole purpose of downloading Christian music (illegally).

    The RIAA/MPAA fight is not one that they can ultimately win, because the rules have changed with the ease of copying. They should really look to the model that Scott Kurtz of PVP [pvponline.com] and Epitonic [epitonic.com] - give the content away as a means of promotion, then make your money selling related items such as t-shirts, books, concerts, etc. Sure, books and videos can also be pirated, but until they're as easily accessible as music is via an iPod or something similar, there's still money to be made. Hell, most bands make their money on tour from t-shirt sales.

    Anyway, don't think for a second that the "average user" thinks p2p is "wrong" - most users I've encountered are just annoyed that it isn't easier to find things.

  • Re:I Wonder... (Score:4, Insightful)

    by madmancarman (100642) on Friday December 31, 2004 @04:52PM (#11229956)
    Then try to press charges against your drug dealer.

    Except in this case, the drug dealer is actually being paid by a corporation to distribute a substance that is normally just illegal but is now knowingly harmful (outside of the drug's regular effects). Isn't the corporation, who is sponsoring this harmful activity, legally culpable?

  • by ivan256 (17499) * on Friday December 31, 2004 @04:53PM (#11229965)
    The problem is that the difference between a trojan and legit adware is that legit adware is backed by a company that can sue an anti-virus company. The two can be identical in every other way.
  • Re:So how.. (Score:2, Insightful)

    by electr01nik (598106) on Friday December 31, 2004 @04:55PM (#11229977) Homepage

    if that wasn't the case...the conversation would probably go something like this:

    BigWig Holly Woodexec: Mr. Stuntman, we need you for this multi-million dollar budgeted movie we're making. The only stipulation is that you won't get paid until after the movie has had it's theatre run, and we see how well it performed. What do you say?

    Mr. Stuntman: So you're telling me that I have to set aside months of my life, risk my neck for all your big explosions, car chases, motorcycle jumps, and building plunge-offs, and I won't get paid until AFTER the movie has had it's run in theatres AND you see how well it performed?

    Bigwig: Thats right.

    Mr. Stuntman: What happens if the movie is a flop?

    Bigwig: You don't get paid.

    Meanwhile, our hero Mr. Stuntman has made a beeline for the exit as soon as the words "don't" were uttered. Hollywood wouldn't last very long if this were the case.

  • by Lead Butthead (321013) on Friday December 31, 2004 @04:58PM (#11230003) Journal
    The same nonesense about "their terrorists, our freedom fighters" some decade or two ago in Central America, Middle East, etc. In the end the "accomplishments" by both sides are equally bad...
  • Re:Virus?? (Score:1, Insightful)

    by Anonymous Coward on Friday December 31, 2004 @04:59PM (#11230014)
    The sword cuts both ways.

    Both of the following are true:

    1.) "If something you want is priced higher than you can afford, it does *not* mean the item is too expensive. It means *you cannot afford it*."

    SOLUTIONS: Find a way to make more money, so the ceiling on "what you can afford" rises, or curb your demand so that you no longer desire the item in question.

    2.) "If demand for your item at your price point does not meet your expectations, it does *not* mean people are cheap/jerks/criminals. It means *you have overestimated the value of your product*."

    SOLUTIONS: Lower your price (thereby increasing demand) until demand meets your expectations... or scale back your expectation to match the demonstrated demand at your price point.

    Many music downloaders don't like to recognize statement number one (or its attendant solutions). The RIAA doesn't like to recognize statement number two (and ITS attendant solutions).

    Thus, it's no wonder that many (not all) music downloaders and the RIAA are not talking "to" each other, but rather talking "at" and "past" each other.
  • by moyix (412254) on Friday December 31, 2004 @05:00PM (#11230020) Homepage

    The one thing that I find strange about this story is that try as I may, I can't seem to find any information from the "usual" security sources about exactly how this works--as far as I can recall, bugtraq and full-disclosure haven't touched these. Moreover, the only articles about this are the p2pnet one and the PC World one--and the former appears to be derived from the latter.

    Both articles are also oddly vague--"security experts" are mentioned, but no specific names dropped, and there are no technical details given at all.

    Can anyone provide independent confirmation of this? In particular, if you have details of how one can embed executable code in a wma or provide a sample of such code, please send them my way via brendandg [at] colby.tjs.org

  • Re:Virus?? (Score:3, Insightful)

    by _xeno_ (155264) on Friday December 31, 2004 @05:03PM (#11230050) Homepage Journal

    Except for one thing: File sharing does have a "cost." It may not cost anything monetary, but it costs quite a bit of time and effort to hunt down good quality files that are what they say they are. Not to mention then correcting any incorrect meta-data. Combined with bad/corrupted files, files that are mislabeled, disconnects, incomplete albums - file sharing has a cost in time and effort.

    This is why Apple's iTunes Music Store is working as well as it is. It's an easy way to download good quality files. It may cost some money, but it's not excessively difficult. I believe that currently Apple doesn't actually pull in a profit off the music store, but it shows that there is indeed demand for online music stores - even though a "free" alternative exists. (Although it remains to be seen whether or not Apple can make money off of it.)

    As another example, Linux is free, but there still exists a market for selling pre-packaged Linux. Well, except that people give away pre-packed Linux. But people are willing to pay if they get something "extra" like an easy-to-use installer and a number to call if things go wrong. Making something "easy" is worth something.

    There's still a cost with filesharing, it just isn't monetary. It's in time and effort. As long as the total cost (in time, money, and effort) of downloading music remains less than the total cost of legitimately purchasing the CD, there will be a large market for downloading music.

    The RIAA needs to find a way to make paying them cost less than going around them. One way would be online music stores, since being able to download a track for a small fee is much nicer than having to go to a store. Their current plan appears to be to push the total effective cost of filesharing above the cost of CDs, which while a solution, probably isn't totally feasible and doesn't offer people what they really want (a cheap, easy way to download individual tracks).

    Apple's iTunes Music Store looks like a good solutions. Of course, they'll never totally elliminate filesharing, because for some people, their time and effort will always be less than whatever price they can offer them. But they can lower that group's number enough to remain profitable. (Kind of like they are right now.) And those people wouldn't be paying for music anyway.

  • by Anonymous Coward on Friday December 31, 2004 @05:05PM (#11230072)
    This is stellar. We'll punish the people who have NO CLUE what they are doing on Kazaa, like an 8 year old girl who hears at school that she can listen to brittney spears on her computer if she gets Kazaa (Its not like its any more illegial to her than watching MTV is), instead of the guys hosting tens of thousands of songs that actually read slashdot.

    I guess thats big business for ya...
  • by antiMStroll (664213) on Friday December 31, 2004 @05:12PM (#11230120)
    "I think it's ironic that MS originally put these capabilities in so the media companies ...

    Bing! You nailed it right there. Microsoft made an obvious policy decision long ago to shift developnment focus from end users to corporations, hence the ease with which 'bad' corporate users abuse the OS at the end user's expense.

  • Re:The problem (Score:3, Insightful)

    by Rakarra (112805) * on Friday December 31, 2004 @05:12PM (#11230121)
    One possible way around this is if someone already has purchased the CD/DVD and wanted to download a copy so they could archive the original (because they have CD/DVD hardware that couldn't rip the original to disk). Of course, this idea has not been tested in court, and would probably be a protracted and expensive battle to fight.

    Something very similar to this has been tested in court. Several years ago, mp3.com had a service to let you download mp3s of albums you owned.. ie, you put your CD into the drive and it verifies you have the album.. then you can download mp3s of the work. Well, at the end of the court fight, mp3.com lost a large judgement because even though the users of the service were downloading mp3s of albums they owned, mp3.com still did not have the legal authority to distribute the mp3 files. Only the copyright holder can have that legal authority.

    So, if someone wanted to "download a copy so they could archive the original," the only ones legally allowed to give it to them would be the media companies, and don't expect that to happen anytime soon. While you might have the legal right to make a backup copy if you can, the media companies hate that "fair use" and are only going to make doing that as hard as they can.

  • Patch it? (Score:2, Insightful)

    by c0ldfusi0n (736058) <admin&c0ldfusi0n,org> on Friday December 31, 2004 @05:15PM (#11230138) Homepage
    How about someone creates a patch that removes the DRM exploit from the file? P2P users then download WMA files and patch them all just to be safe. Whenever the exploit is found in a file, let the user know which file was cleaned. That file is then known to have been obtained legally from the {RI|MP}AA.. convert and spread!
  • Re:I Wonder... (Score:2, Insightful)

    by tdhillman (839276) * on Friday December 31, 2004 @05:16PM (#11230145)
    "Isn't that blatantly illegal?"

    It appears that we are in a bizarre universe when it ocmes to the question of legality in any of this.

    Downloading music you don't own is illegal, but we do it anyway.

    Downloading copyrighted software is illegal, but we do it anyway.

    One would think that knowingly polluting an individuals machine is just as illegal. The RIAA is entering a weird world where they are justifying a bad action with another bad action. Fixing the problem would seem to have a whole lot more to do with education than with monkeying with code in files.

    Even worse, all this is getting foisted onto to consumers who don't know their ass from their elbow. In a lot of cases, you've got kids downloading material onto their parents' computer and thereby mucking up the works. Often the parents know little about how all of this works, and they are then unwitting victims of the actions of both the industry and the kids.

    The only solution to this starts with decent ethical education.

    Or, get everyone in the universe to listen to Gratefu Dead shows downloaded from archive.org (or my kids' band at Pure Volume [purevolume.com]- they guarantee their downloads to be completely adware free.
  • Sue them... (Score:1, Insightful)

    by Anonymous Coward on Friday December 31, 2004 @05:16PM (#11230151)
    People should sue them and prove that they have infected your computer with pre-meditated, malicous purpose. They are not above the law and they have enough money to you, all the others and your lawyers.
  • by canfirman (697952) <pdavi25@@@yahoo...ca> on Friday December 31, 2004 @05:20PM (#11230179)
    ...of another loophole in a M$ product. The *AA doesn't discuss the fact that M$ has left a hole in the DRM that a Mac Truck could drive through, or if M$ will even patch it. They love this hole - only until something goes wrong where an affected file is uploaded to a legit music site. Then they'll be screaming to have it "fixed".
  • Re:So how.. (Score:3, Insightful)

    by tekunokurato (531385) <jackphelps@gmail.com> on Friday December 31, 2004 @05:27PM (#11230239) Homepage
    Uhhh, okay, that's pretty poor logic. The actual logic goes like this: Can I get a return out of this movie? How much of a return can I get? I require X%, so I'll suffer costs equal to 85% of total revenues.

    OR

    Oh, I can't get a return... Well, I guess I'm not going to be investing and therefore not employing stuntmen or painters. Sorry, guys.

    Now, do I personally believe that movies need to be made on the scale that they are these days? Fuck no. But it is true that fewer stuntmen will be employed if the percieved return of investing in a movie is reduced. I don't give a shit for the stuntmen's plea, but if you are one of those who do, then don't do things which would reduce the percieved return on investment.
  • Porch stereo (Score:5, Insightful)

    by Anonymous Coward on Friday December 31, 2004 @05:39PM (#11230293)
    Actually i think it's a great idea. We've had problems with break-ins in our neighborhood. Been hit twice the past two years, and nearly every neighbor has been hit too. Police dept says they can't do much about it.

    So how about we set a stereo system out on the front porch and shoot the thief when he sets foot on our property? Like hell they're gonna steal my music!

    When recording industries become vigilantes and the justice dept looks the other way, it certainly makes it acceptable for the rest of us. Road rage justice (I just DARE you to cut me off), merchants hanging shoplifters, etc. all is acceptable now. Even more interesting is that the punished party may not necessarily be the owner of the affected PC. Imagine Best Buy rent-a-cops torching your apartment building because they're getting even with you for shoplifting some CDs. So what if the building is owned by someone else? If the RIAA can torch anyone's PC if it has an infected file, it legitimizes any business coming after any property associated with any crime.

    Quite a monster you've created, Justice.
  • Re:Terrorism (Score:4, Insightful)

    by Unordained (262962) <unordained_slash ... @pseudotheos.com> on Friday December 31, 2004 @05:45PM (#11230331) Homepage
    Reminder: at the time this definition came out (wasn't it part of the PATRIOT act?), it was much discussed for its failure to adequately describe terrorism. The definition above also describes rebellion, civil war, wars of independence, etc. By the definition above, the US was created through a reprehensible act of terrorism. (Wars aren't intended to kill everyone -- they're intended to make the other side back down/roll over; it's intimidation.) It's a choice you have to make, but I think we should work on our definition of terrorism.

    The primary purpose of this move is not to hurt downloaders, as others have suggested. The intent is to further pollute the p2p networks and scare users away; if you might get something nasty installed on your computer by downloading music (most people wouldn't understand what could and could not infect their computer) then you might decide not to risk it at all, and just give up and become a good citizen. Yes, it's a fear tactic. In fact, they might be willing to be sued by the few people who actually get infected and complain, if it means they can scare away an order of magnitude more people from downloading anything. Most people won't get infected, and won't complain, and might also stop downloading. It's a calculated risk.
  • Re:So how.. (Score:3, Insightful)

    by tekunokurato (531385) <jackphelps@gmail.com> on Friday December 31, 2004 @06:00PM (#11230423) Homepage
    Perhaps I didn't make myself clear--future investors who think that revenues will be eaten up by piracy may take their investments elsewhere, reducing the FUTURE flow of jobs to cast and crew. Again, the entire thing is obvious bullshit, but the OP's post ignored the logic undermined only by flawed assumptions, not by flawed progression.
  • Re:So how.. (Score:5, Insightful)

    by Detritus (11846) on Friday December 31, 2004 @06:23PM (#11230558) Homepage
    An ad paid for by the same movie companies that put the painter and stuntman out of work by producing as many movies as possible outside the United States. They don't shoot movies in Toronto because of its wonderful year-round climate.
  • Re:So how.. (Score:3, Insightful)

    by Punto (100573) <<puntob> <at> <gmail.com>> on Friday December 31, 2004 @06:29PM (#11230586) Homepage
    well, it's an industry that pays millons to the main actors and director.. If the first thing to give after a little piracy is the painter's pay, then I do feel really sorry for the guy.. they should get a union or something..

    It almost makes you whish they'd just put the actors to whine in front of the camera.. "I used to make millions, and now thanks to those evil pirates, I get paid less than the painter.. the fucking PAINTER!!"

  • Re:So how.. (Score:3, Insightful)

    by Nic-o-demus (169477) <jwecker@enTWAINtride.com minus author> on Friday December 31, 2004 @06:33PM (#11230605) Journal
    Let's not let them get away with it, then. Please let them know how you feel.

    contactus [overpeer.com]
  • by Anonymous Coward on Friday December 31, 2004 @06:34PM (#11230610)
    Damnit, don't we PAY THEM to protect us against this sort of thing?
    I sure hope not.

    The whole AV industry is based on a ridiculous premise: that users habitually execute untrusted software, and the users want to be protected from anything bad happening. If the very premise is a contradiction and impossible to achieve, then the question of whether fraud (or incompetence) is happening, gets a little fuzzy.

    The only rational thing for a user to do, is to stop executing untrusted software. And it works. It is very, very easy to use a computer without any sort of AV protection at all, and remain uninfected by viruses, spyware, etc.

    In this particular case, the untrusted software is Windows Media Player. The very fact that it is capable of complying with DRM, proves that the software was not written with the users' interests in mind. If you run this stuff, you're giving your computer to someone else. Whether that someone else is Microsoft or the media companies or Joe Script Kiddie, is an unimportant distinction. If such a user then pays an AV company to protect them, then I can't see how they're dealing with the AV company in good faith. Thus, I have little sympathy for them if they are unsatisfied with the AV software's performance.

  • Re:I Wonder... (Score:5, Insightful)

    by Daniel Dvorkin (106857) * on Friday December 31, 2004 @06:34PM (#11230612) Homepage Journal
    You know, I've often thought that since "corporations are people" seems to be an established principle (under US law) we should start applying the same punishments to corporations we do to people, and I'll bet we'd see a lot less corporate crime. If a corporation commits an act that would net an individual five years in prison, then that corporation has to shut down for five years.

    Obvious objections, with answers:

    1. "But that would be a death sentence for the company!" Yeah, and a prison sentence, of any length, is a death sentence for a lot of people -- getting stabbed in a fight, getting raped and infected with AIDS, etc. Doesn't stop us from sending people to prison, even those we know are likely to suffer such consequences.

    2. "But what about all the workers who depend on the company for their paychecks? We shouldn't make them suffer!" We send people to prison who are the sole source of support for their families, and those families often suffer terribly. "Corporate imprisonment" would be harsh, deliberately so, and in the long run, the improvements in corporate behavior it would force would benefit everyone -- including workers, whose employers would be more likely to behave ethically if there were real consequences for not doing so.
  • Illegal practices? (Score:1, Insightful)

    by Anonymous Coward on Friday December 31, 2004 @06:44PM (#11230670)
    My belief is that nothing on my systems should be changed and nothing installed without my explicit permission, otherwise it should be considered illegal and the offender held accountable. (Certainly not limited to the RIAA).
  • Dear MPAA: (Score:5, Insightful)

    by kiddailey (165202) on Friday December 31, 2004 @06:49PM (#11230694) Homepage

    <sarcasm mode>
    Dear MPAA:

    Please let me take a moment and thank you for the immensely enjoyable evening my girlfriend and I had last night while going to see "Lemony Snicket's A Series of Unfortunate Events." Amusingly enough, our night out was far from unfortunate! In fact, it was so wonderful that I thought I'd write to you about our experience.

    The theater parking lot was packed full and we drove around for a good 5 minutes looking for a spot so we had time to enjoy playing a game of "find license plates from every state in the U.S."

    I had brought $30, but the movie tickets were only $18.00 for the two of us, and only $8.00 for the slightly stale, oversized small popcorn and bottled water for us to share. I saved a whole $4.00, which was more than enough to pay the expressway tolls on the way home!

    We got to the theater early enough to enjoy 10 minutes of pre-show slides that told us all about our local businesses and special offers they were having just for us. And after that, we got to see another 10 minutes of commercials that we had never seen before. Imagine our surprise when our luck hadn't ran out and we got to see 10 more minutes of new movies that we'll get to see in the coming months!

    The excitement and anticipation for the movie to start was almost unbearable when it finally did! The movie was definitely had some unique aspects and we really loved the credits at the end of the film -- which was very fortunate indeed as it gave us a moment to stretch our backs which were a little sore.

    Oh, I almost forgot to mention that people were much better behaved than usual too. There were only a few people that constantly coughed during the movie and only a few more that talked on their cellphones or just talked about the movie to their neighbors almost quietly enough so as not to hear. One individual was actually entertaining during the pre-show as he walked down the isle staring back at people and sternly yelling "What?!" to everyone that made eye contact.

    Thank you again for providing such quality entertainment that rounded out a wonderful evening.

    Sincerely,
    A happy movie-goer
    </sarcasm mode>

    As sad as it is, all that really happened...

    You don't have to be even mildly coherent to understand why people are downloading/trading movies.
  • Re:So how.. (Score:5, Insightful)

    by AnalogDiehard (199128) on Friday December 31, 2004 @07:26PM (#11230873)
    Especially since M$ has been wooing Hollywood into their DRM WMA/V format for years now. Hollywood was reluctant about M$ owning the gateway to entertainment, and now they just pissed off the supplier. That's a bad business move, both parties lose. Now that M$ has "tighyly intergrated" WMP into the OS, they suddenly have a file format that is vulnerable to malware. WMA/V may join the corporate banned attachment list whose extensions end with exe, bat, pif, and so on.
  • Re:I Wonder... (Score:5, Insightful)

    by Breakfast Pants (323698) on Friday December 31, 2004 @07:56PM (#11231020) Journal

    This isn't entrapment or a sting. If a copyright holder or an agent acting on their behalf gets on to a peer to peer network and offers up copyrighted content and you download it, it's yours. Legally they can do nothing, they owned the rights to it and they offered it up and you took it. Thats why ALL the RIAA suits against traders were against uploaders. If you disable uploading you'll kill the networks (you won't kill emule/bittorrent but you won't get much benefit from them either) but you'll be protected from suits. IANAL.

    Anyway, I was saying, this isn't entrapment or a sting. What this is is a malicious attack on a user's machine. A rights holder is offering up a file that it owns the rights to and the user is taking them up on it; the fact that they don't know it's a rights holder is irrelevant. Then, included in this they are using exploits and loopholes to install unwanted software on a user's machine designed to hurt the user's experience with their computer. Spyware that doesn't tell the user it's being installed and give them a license agreement and the option to disagree and not install is illegal just like computer viruses are illegal, infact there is no differentiating factor between this and a virus.

  • Re:So how.. (Score:2, Insightful)

    by Skreems (598317) on Friday December 31, 2004 @08:02PM (#11231045) Homepage
    uh... no? If I buy a CD once, I have a legal right to as many copies as I want (for personal use only), and in whatever formats I want. It doesn't entitle me to go take another copy of the physical medium, but it certainly does entitle me to download a copy off the internet. This is one of the most basic aspects of the fair use laws.
  • by drakethegreat (832715) on Friday December 31, 2004 @08:14PM (#11231103) Homepage
    Seriously. It sounds illegal when it mentions trojans (beacuse there is nothing legal about them) and installing adware without any permission from the user is illegal as well. So are do they think its ok to murder someone if they already stole something from them? You can't break the law if they broke the law by stealing your music. Thats not how it works. Two wrongs don't make a right according to US law at least. Also lets consider the fact that I doubt any BitTorrent site will start hosting .wma files that point to adware. I also doubt that Microsoft will give the go ahead for their technology to be insecure so that the MPAA and RIAA can illegally screw file sharing computers. So what does this boil down to? It basically means that it will do more harm to their PR then it will help them with their never ending war that isn't possible to win.
  • by zakezuke (229119) on Friday December 31, 2004 @08:47PM (#11231248)
    I thing 200GB per day for the next three years to the MPAA/RIAA and overpeer members and any and all named individuals in those organizations would be the minimum.

    That would be rude and might be called a DDoS attack. Double foofoo on you for even sugesting it.

    What would not be rude is asking the MPAA/RIAA every time you want to make a backup. You are required according to the flyleaf to contact them to get written permission to copy it after all. Everytime you download something you should ask them if you have permission to share it with others. Before you buy anything ask if they are members of the MPAA/RIAA and if so ask them to mail/fax you specific rights should you choose to buy it. Commit an act of civil obedience today.

  • Re:Porch stereo (Score:3, Insightful)

    by devilspgd (652955) * <slashdot@devilspgd.net> on Friday December 31, 2004 @08:49PM (#11231269) Homepage
    IIRC, someone did file RICO charges against the RIAA, didn't they?

    Ahh yes, here we go. Found a number of news [theregister.co.uk] articles, more on Google [google.com] but no resolution.
  • Re:So how.. (Score:3, Insightful)

    by penix1 (722987) on Friday December 31, 2004 @08:52PM (#11231283) Homepage
    "Production companies are ultimately ventures to make money for their investors. If making movies becomes unprofitable or significantly less profitable (due to actual or percieved theft) fewer movies will be produced."

    This is flawed logic. The MPAA has never been able to point to a script and say, "This movie wasn't made because we were afraid it would be pirated." This is all a smokescreen generated to push the idea that the studios live hand-to-mount and that pirating really hurts them.

    "The wealthly investors that are putting their money up will find some other less risky or higher ROI avenue to use their money and the stuntmen and painters will indeed be SOL."

    You will always have some risk takers. The ROI is high even with pirating given that the movies that are pirated are usually high dollar hits. Again, this is a smokescreen and pure BS. When the MPAA can point to even one script and say, "we won't be making that movie because we are afraid it will be pirated" then I might give some credence to their spew...

    B.
  • Re:I Wonder... (Score:4, Insightful)

    by fontkick (788075) on Friday December 31, 2004 @08:57PM (#11231306)
    The problem with this is that evil companies or fly-by-night outfits are in a perpetual cycle of startup->profit->shutdown anyway. Forcing them to shut down means they just start another company somewhere else. Good companies like Toyota, for example, aren't going to do anything illegal anyway since they are too busy improving their products. So this simply forces good companies to spend that much more money on lawyers making sure they can't be found guilty of anything even remotely bad.

    Also consider that for every law written, someone figures out how to get around it. In this case, companies could simply set up chains of companies ready to fly as soon as the Feds force a shutdown. They could even structure it so that assets are held by a separate company that is not legally tied to the "Evil, L.L.C.". As soon as "Evil, LLC" is shut down, "Evil2, L.L.C." starts up and assets are in the possession of the 3rd company ("Untouchable, Inc.") the entire time.
  • Re:Dear MPAA: (Score:2, Insightful)

    by Gumshoe (191490) on Friday December 31, 2004 @09:00PM (#11231328) Journal
    I've always maintained that if the MPAA ever decided to co-oporate and offer movies for download they would have to charge less than the box office. My reasoning being that a good percentage of the $10 ticket is the price of the environment you're seeing the movie in -- big screen, big sound system and so forth. However, after reading your post I'm thinking they'd be justified in charging more.
  • by One Childish N00b (780549) on Friday December 31, 2004 @09:33PM (#11231487) Homepage
    all but three of the independent, locally owned, record stores within sixty-five miles of here have closed. that leaves three stores to serve a metro population of 1.7 million.

    We had 3 local hardware stores in our area close in the past year. Who's pirating screwdrivers?

    Independant businesses going up against big chains always run the risk of failure, especially when the chains they're up against step up their advertising as they have in the wake of the increase in piracy awareness (at least I think that's the reason - I've certainly seen a two- or three-fold increase in the amount of ads for CDs or DVDs from the major chains since the piracy crackdown, but that could be coincidence). I think that's likely to be just as big a cause, if not bigger.
  • Re:Virus?? (Score:2, Insightful)

    by iminplaya (723125) <iminplaya.gmail@com> on Friday December 31, 2004 @09:44PM (#11231536) Journal
    It may be difficult to create a business madel that maintains the control they desire to keep. They might not consider it viable if control is lost, even if profits increase. It may be possible that it's not the industry itself that wants to maintain this control, but the government's desire for it. Like in the original copyright law, these laws are designed control access to high tech. It's in the government's interests to have a "gatekeeper" to control what gets distributed to wide audience. It's very little different from what the Chinese are trying to do with the net itself. The Americans have to be a little sneakier about it, so that it doesn't appear to be censorship. So everything becomes copyrighted and controlled by private industry not under the influence of the American Constitution. The "church" of Scientology makes good use of these laws in the attempt to stop criticism leveled against them, for example. Keep possibly embarrassing information under copyright, and there you go.
  • by JetScootr (319545) on Saturday January 01, 2005 @02:15AM (#11232383) Journal
    By definition, it's not their copyrighted material that's being downloaded - it's trojan software that's being installed on someone else's computer without the owner's foreknowledge and consent.
    This is like saying "Some people have burgled my house and escaped in a white car, so I'm gonna slash the tires of every white car I see."
    IF those who deploy the software: >don't know that the person getting the trojan has broken the law (and there's no way they could know), and >don't know whether the person getting the trojan would consent to receiving it, then >those who deploy the software are criminal-crackers just as much as someone who defaces a website.
    At least *some* p2p users *are* violating copyright, but statistical probabilities are no excuse for widespread harmful, criminal behavior.
  • by Martigan80 (305400) on Saturday January 01, 2005 @02:29AM (#11232412) Journal
    It's great where a company also can "claim" freedom of speech because they want to advertise like this. I though the 1st Amend. was o.k. along as it didn't disrupt or cause harm? If I have Trojans rolling around because a POS company decides I should have mass amount of Porn and "as seen on tv" products, can't I use my 1st amend to convince them not to do this by using the same tactics?

  • It is all wrong. (Score:2, Insightful)

    by has2k1 (787264) on Saturday January 01, 2005 @03:30AM (#11232548)
    Let us not forget the viruses and worms that spread through email. The writers get years in jail, which they deserve.

    Does this mean that if I write a worm and embed it in a file say IbelieveIcanfly.wma or the something along those lines I will go away with it?

    Or should they sue all those that click on it and get infected because they were obtaining copyrighted content illegally?

    Yes email has been accepted by almost everyone and the law as a legal way of communication and sending files, plus the technology system and laws are trying to protect its integrity by tracking spammers, phishers, virus writters and all those bad guys.

    However, this does not mean that the bad guys using p2p should go away with it. Worst of all this is a company that is endorsed by the RIAA a well known association though not sure whether it is still well respected by the masses, but this is an association that is always in court suing everyone from kids to big companies and sponsoring ads about moral behaviour and respect for the law. Aren't these double standards by the RIAA?

    Okay, they may have calculated right, they have millions to dish to the lawyers and they may well be acting within the law or somewhere in the grey areas but they have no moral integrity. THEY ARE SADDISTS.

    You may ban your child from eating candy and you are right to spank or ground him if he does but placing a thorny object carmouflaged as candy under you kids' pillow is not something humane.

  • Re:So how.. (Score:5, Insightful)

    by Maestro4k (707634) on Saturday January 01, 2005 @04:12AM (#11232619) Journal
    Better yet, not only tell them how you feel, report their actions to your state attorney's general office, and tell them you're doing so. Feel free to copy and paste from the letter I sent them below:

    I recently came across this (http://www.pcworld.com/news/article/0,aid,119016, 00.asp) PC World Article about your company's actions in creating trojaned windows media files to "seed" onto P2P networks. You should be aware that in several states, your actions will likely qualify as willfull computer hacking, being in the same category of offenses as computer virus, trojan and worm creation & release.

    While your actions have not directly affected me (I have no use for P2P software), I am sure they have caused damage to other citizens in my state (Your stste here). I felt you should be aware that I am sending along the information in the PC World article to my state attorney's general office with a request that they look into the legality of your actions under XX state law.

    Copyright infringment on P2P networks is both illegal and immoral, but that does not allow those fighting it to break laws as well. I am not sure if your actions are illegal under XX state law or not, but I am sure our attorney general will be able to make that determination.

    I urge you to think through the potential ramifications of your actions, and to rethink your current course of action.

    Sincerely,

    Joe Cool (Or your name here :)

    I must admit I was tempted to install Kazaa and search for and download the file mentioned in PC World's article, just so I could tell my state attorney general they tried to hack my computer. I finally decided it wasn't worth the hassle and potential media attention though. :)

    I should note that given their current actions I don't trust them so I used a disposable address from Spam Gourmet to send from and only signed my first name. Maybe I'm paranoid, but I figure any company who thinks it's OK to basically attack other people's computers in the name of stopping P2P just can't be trusted to know both my full name and state.

  • Re:I Wonder... (Score:3, Insightful)

    by Maestro4k (707634) on Saturday January 01, 2005 @04:31AM (#11232687) Journal
    Or an alternative: The entire senior management (this includes the CEO/CIO/CFO and whatever C*O's there are) and board of directors have to go to jail for the term specified, they will be replaced by interim people until the sentence is complete, or the shareholders decide to have the old ones permanently removed.

    If you're in senior management and know your own ass may end up in jail for something illegal your company does, you're going to think a LOT harder about what you allow to happen and what you put a stop to. I seriously doubt you'd be ordering the shredding of documents to hide evidence.

    One nice thing about this is it gets rid of the two objections you note. It's hard to say "but those people aren't responsible" because senior management IS ultimately responsible for the course of actions there company takes. Does anyone honestly think the CEO of Anderson Consulting didn't know about the orders to shred documents pertaining to Enron? Does anyone think the CEO of Overture (and it's parent company) isn't aware that they're putting trojaned files out there? Don't they deserve to pay the penalty for allowing that to happen? I think so.

  • by Dogtanian (588974) on Sunday January 02, 2005 @01:14PM (#11238620) Homepage
    "legit adware" Error... does not compute... How can something that hijacks your computer to shove advertisements in your face ever be legitimate, backed by a company or not?

    If they were totally upfront about what their program did in every (reasonable) respect, and didn't pull any nasty stunts like not uninstalling properly, then they would have every right to be considered "legit adware".

    BTW, being able to intimidate someone legally does not necessarily make something "legit".

Make headway at work. Continue to let things deteriorate at home.

Working...