Bugtraq mailing list archives

Re: Caveat Lector: Beastie Boys Evil

From: PC Sage <swayze () pcsage biz>
Date: Wed, 16 Jun 2004 22:28:38 -0400

Typically, when an application is being installed in Mac OS X (assumingX?), if it requires system file modification it will require anadministrative level password to continue. While it is true that Ihaven't purchased said malware, this is the usual case. If this'helpful drm software' is being installed AND does modify system filesw/o requiring administrative level authorization this would smack of anexploit against OS X and perhaps should be outed to Apple? Remember themedia that would break CDROM units that Mac users suffered through inrecent memory? DRM, while it's the buzzword du jour, should notsupplant content creators and suppliers due diligence when implementingtheir policies. I am, for one, appalled by the manner in which Capitolhas reportedly acted in this respect. Thank-you for bringing this to myattention.


Regards,

Sean Swayze
swayze AT pcsage DOT biz
On 16-Jun-04, at 4:10 AM, Dragos Ruiu wrote:

Well I truly regret actually purchasing a copy of the new Beastie Boysalbum
to support them.
It seems that Capitol Records has some sort of new copy protectionsystem,that automatically, silently, installs "helpful" copy protectionsoftware on
MacOS and Windows as soon as you insert the CD into default systems.
I'm not sure exactly what it does yet, but I am sure regreting actually
purchasing said media now... they don't deserve my money if they choose
to pull stupid stunts like this. Installing software without yourpermissionsounds like viral malware behaviour to me. I certainly hope the AVcompanies
put signatures into their products for this crap.

They include some sort of uninstaller buried on there for Windows, but
I see no such thing for MacOS. If anyone has disassembled the
aforementioned malware already and can save us some time with
instructions on how to remove it... thanks in advance.

caveat emptor,
--dr

--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan    Nov 11-12 2004  http://pacsec.jp
pgpkey http://dragos.com/ kyxpgp

Current thread:

Caveat Lector: Beastie Boys Evil Dragos Ruiu (Jun 16)
- Re: Caveat Lector: Beastie Boys Evil Shaun Lipscombe (Jun 18)
- Re: Caveat Lector: Beastie Boys Evil KF (lists) (Jun 18)
- Re: Caveat Lector: Beastie Boys Evil PC Sage (Jun 19)
- <Possible follow-ups>
- RE: Caveat Lector: Beastie Boys Evil Chris Merkel (Jun 18)
  - Re: Caveat Lector: Beastie Boys Evil Ron Thigpen (Jun 21)
    - Re: Caveat Lector: Beastie Boys Evil Jonas Mixter (Jun 22)
    - Re: Caveat Lector: Beastie Boys Evil Valdis . Kletnieks (Jun 26)
    - RE: Caveat Lector: Beastie Boys Evil Ross M. W. Bennetts (Jun 28)
- Re: Caveat Lector: Beastie Boys Evil jonspanos (Jun 18)
- RE: Caveat Lector: Beastie Boys Evil Wolf, Glenn (Jun 18)
- Re: Caveat Lector: Beastie Boys Evil Hamilton Frail (Jun 19)
  - Re[2]: Caveat Lector: Beastie Boys Evil Matthew Leeds (Jun 22)