<<< Date Index >>>     <<< Thread Index >>>

Re: Caveat Lector: Beastie Boys Evil



Typically, when an application is being installed in Mac OS X (assuming X?), if it requires system file modification it will require an administrative level password to continue. While it is true that I haven't purchased said malware, this is the usual case. If this 'helpful drm software' is being installed AND does modify system files w/o requiring administrative level authorization this would smack of an exploit against OS X and perhaps should be outed to Apple? Remember the media that would break CDROM units that Mac users suffered through in recent memory? DRM, while it's the buzzword du jour, should not supplant content creators and suppliers due diligence when implementing their policies. I am, for one, appalled by the manner in which Capitol has reportedly acted in this respect. Thank-you for bringing this to my attention.

Regards,

Sean Swayze
swayze AT pcsage DOT biz
On 16-Jun-04, at 4:10 AM, Dragos Ruiu wrote:

Well I truly regret actually purchasing a copy of the new Beastie Boys album
to support them.

It seems that Capitol Records has some sort of new copy protection system, that automatically, silently, installs "helpful" copy protection software on
MacOS and Windows as soon as you insert the CD into default systems.
I'm not sure exactly what it does yet, but I am sure regreting actually
purchasing said media now... they don't deserve my money if they choose
to pull stupid stunts like this. Installing software without your permission sounds like viral malware behaviour to me. I certainly hope the AV companies
put signatures into their products for this crap.

They include some sort of uninstaller buried on there for Windows, but
I see no such thing for MacOS. If anyone has disassembled the
aforementioned malware already and can save us some time with
instructions on how to remove it... thanks in advance.

caveat emptor,
--dr

--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan    Nov 11-12 2004  http://pacsec.jp
pgpkey http://dragos.com/ kyxpgp