Forgot your password?
typodupeerror

EFF Pushes Consumers to Claim Rootkit Compensation 189

Posted by Zonk
from the you're-on-my-list-sony dept.
An anonymous reader writes "'It's time for music fans who bought Sony BMG CDs loaded with harmful XCP or MediaMax copy protection to claim their settlement benefits', says the EFF's Derek Slater in an awareness campaign that is urging those inflicted with one of Sony BMG's rootkit infected CDs to collect what is due to them. The compensation is a DRM-free version of the original CD, $7.50, and album downloads from iTunes, Sony Connect, and others."
This discussion has been archived. No new comments can be posted.

EFF Pushes Consumers to Claim Rootkit Compensation

Comments Filter:
  • Summary correction: (Score:5, Interesting)

    by tpgp (48001) on Sunday March 12, 2006 @03:43PM (#14903269) Homepage
    is a DRM-free version of the original CD, $7.50, and album downloads from iTunes, Sony Connect, and others.

    Should read:

    is a DRM-free version of the original CD, $7.50, and DRM-laden album downloads from iTunes, Sony Connect, and others.

    I'd also like to know if anyone is going to try for a real settlement - like a company having to audit their network after finding one PC rooted.
    • by Tim C (15259)
      To be fair, the DRM on iTunes songs isn't even in the same league as the DRM on the Sony CD in question, let alone the same ballpark - at least it only affects the affected song, and doesn't open the entire PC up to compromise.
      • by Grant29 (701796) *
        True, and at least most everyone knows the iTunes DRM before buying. It's not as bad as someone sneaking some software onto your PC without you knowing.
        --
        Find the lowest price at PriceAge [priceage.com]. Comparison Shopping with online coupons.
        • Not true. (Score:5, Insightful)

          by babbling (952366) on Sunday March 12, 2006 @08:31PM (#14904390)
          I'd argue that in some ways, the iTunes DRM is worse. At least with the Sony CDs, the DRM stayed the same. Apple has changed what you can do with the music AFTER you have purchased it.

          Apple has changed the number of CDs you can burn it to, and the number of computers you can have the music on at the same time. Apple also force upgrades by requiring new software for new model iPods, so not updating iTunes isn't a viable way of escaping changes in the DRM permissions.

          If Apple ever decided to build backdoors into iTunes, people would still have no choice but to upgrade and have all the backdoors affect all of their music, if they want iTunes to work with their latest iPod... or if they chose not to buy the latest iPod because of the backdoors, they would lose the ability to play all of their music on-the-go, since the music can't be played on any competing MP3 players.
      • In a way it's even sneakier though, as it teaches the public that DRM is ok. Just watch how many who otherwise claim to love freedom who readily defends it whenever the issue comes up. As soon as the mindset it firmly in place, there will be no problem rolling out worse and worse protections, until we have "Trusted Computing" telling you exactly where you want to go today.

        No thank you.
      • by tpgp (48001) on Sunday March 12, 2006 @04:27PM (#14903466) Homepage
        To be fair, the DRM on iTunes songs isn't even in the same league as the DRM on the Sony CD in question, let alone the same ballpark - at least it only affects the affected song, and doesn't open the entire PC up to compromise.

        I completely agree with you - but itunes was not the only music service mentioned. From the EFF's site: CONNECT Music, f.y.e., iTunes, or Wal-Mart.

        Whilst you might be prepared to trust Apple's DRM (and to be fair, I don't see much wrong with its terms either), read this thread [rokulabs.com] before trusting Wal-mart's. (I don't think I'd have to work hard to convince most people here that putting faith in Sony's DRM is a bad idea as well.)

        The ultimate trouble with drm - any drm, is that it restricts your right to do what you want to do with your music. It's like giving a company the keys to your CD cabinet & trusting them to unlock it when you ask them.
        • Except that in Apple's case the cabinet is made of chicken wire- you can convert the songs to Redbook audio with a minimum of effort and the cost of a blank CD.
          • Except that in Apple's case the cabinet is made of chicken wire- you can convert the songs to Redbook audio with a minimum of effort and the cost of a blank CD.

            Again, I agree. Apple's drm (along with both Sony's & Microsofts) can be easily defeated. It still doesn't really change the inention - to restrict me.

            The fact that I'd have to:

            a) Find a blank CD (why would I have one around for when I buy my music online anyway?)
            b) Encode using a highly compressed source

            to listen to music I've purchsed legally p
          • Yeah, but Apple could turn that chicken wire into Cheyenne Mountain at any time, simply by releasing an iTunes update that disables that ability. And you wouldn't be able to do a damn thing about it, especially if they neglected to mention it in the patch changelog.

            Seriously, that "just burn a CD" argument is tired, old, and most importantly, invalid. Stop using it already!
    • by Helios1182 (629010) on Sunday March 12, 2006 @05:31PM (#14903702)
      2 Hours of PC repair at $100/hr. per computer affected. It seems reasonable. The average user doesn't have the tools/knowledge to un-root their system, so lets assume they had to pay someone to do it. Time is money anyway, having to spend an afternoon to fix it is worth something.

      That would be a painful settlement. How many thousands/millions? of PCs were hit?
  • Apologize (Score:5, Insightful)

    by MyLongNickName (822545) on Sunday March 12, 2006 @03:43PM (#14903271) Journal
    They don't mention it here, but in A civil action [imdb.com], one of the quotes (paraphrasing) is "Corporations say they are sorry by paying money". If a corporation gets away with crap like this without a significant blood letting (law suits), they will try it again soon. It will be a more refined approach, you can be sure. But it will happen again.

    Companies who pull this shit need to be punished. Badly. Not a public tounge wagging followed by a pseudo-aplogy. They hire people to do PR and deal with that. When the company's bottom line is hurt, they will be more cautious in the future. And if it takes months or years of cases hanging over their head, the stock will suffer. And when the stock suffers, so do the folks at the top.

    Anything else is just the cost of doing business.
    • Re:Apologize (Score:5, Informative)

      by mrchaotica (681592) on Sunday March 12, 2006 @03:47PM (#14903296)
      Companies who pull this shit need to be punished. Badly.
      Yeah, they need to be barred from doing business for a period of time, and have their board of directors and CxOs jailed.
      • Re:Apologize (Score:2, Insightful)

        by Anonymous Coward
        What about the guy who put the worm into GCC? Should he be jailed? What about the guy who got the rootkit code into the linux kernel, should he be jailed? What about all the members of the cDc? Should they be jailed?

        Pot. Kettle.

        • What about the guy who put the worm into GCC? Should he be jailed?
          Yes, if it can be shown in a criminal court that this was a violation of the law, the violation warrants a jail term, and he was guilty of the crime.

          What about the guy who got the rootkit code into the linux kernel, should he be jailed?
          Yes, as above.

          What about all the members of the cDc? Should they be jailed?
          If they can be shown to be guilty of crimes, then yes. On the merits of their association alone, no.
        • You get a bunch of people working for you and order them to put rootkits on people's computers and we'll see how fast you wind up in jail. Why the hell shouldn't Sony's CEO go to jail just like anyone else who told people in his employ to rootkit computers belonging to other people? Just because he's the CEO of a corporation? Do you realize what that means? It means the CEO of a corporation has immunity to prosecution from the crimes he commits that you don't. The same logic applies to the guys who develope
        • What about the guy who put the worm into GCC? Should he be jailed? What about the guy who got the rootkit code into the linux kernel, should he be jailed? What about all the members of the cDc? Should they be jailed?

          Errr...what? What worm in GCC? I've never heard of this, and apparently Google hasn't either? There's a worm that required GCC be on a system in order to compile the worm code, but that's hardly a worm in GCC.

          Similarly, what rootkit code in the kernel? Again, Google appears to have never

          • Oddly enough, I can't find a reference to this within 5 minutes on Google, but here's the basic idea: someone planted a worm in GCC that planted itself in everything that GCC compiled. If I recall correctly, when one of these infected programs was run it would modify your GCC installation. There may have been something else to it, I don't recall.
      • Re:Apologize (Score:4, Interesting)

        by MyLongNickName (822545) on Sunday March 12, 2006 @03:56PM (#14903332) Journal
        I disagree. This only puts people out of business, putting people out of work. Like rats, CEO's find another place to make their millions. It only punishes the bottom -- much like our wonderful international sanctions. Ever notice how the dictators are the only ones who don't seem to suffer?
      • Board of directors? are you crazy?

        Assuming somehow you could prove that the directors and CxOs knew that the DRM was even sold, (what chances are there that those individuals are even tech savvy enough to know what DRM is), what justifies this? What are the losses? Has anyone stepped forward and said, 'My machine was hacked because of a defect in your product!'

        Without quantifiable damages or actual harm, what right do you have to call for them being jailed? I think what's fair is a new copy of the CD withou
      • Maybe so, but... You can froth at the mouth, and wave your arms around demanding this and that. Or, you can take a more realistic approach, and join a class action that has a much much bigger chance of success.
      • Re:Apologize (Score:3, Insightful)

        by joeljkp (254783)
        This wasn't a criminal case, it was a civil settlement.

  • Compensation...? (Score:3, Insightful)

    by Omaze (952134) on Sunday March 12, 2006 @03:44PM (#14903280) Journal
    Typically the EFF seems to be on the right course but, in this case, the EFF is promoting the idea that a major corporation can force its will on the consumers preemptively and then, when the consumers revolt, all they have to do is say,"Oh. Sorry 'bout that. Here's a lollipop. No go away."

    There needs to be a clear signal. What we're seeing here is just a buyout.
    • Which is worse than just going silently into the night?
      • by Omaze (952134)
        The point is that advice like this encourages two patterns of behavior:

        1) Like mail-in rebates a good portion of the tactic relies on the fact that many people will simply not find it worth their time/trouble to bother pursuing the claim. A good portion of people will take the first couple of steps and then find that other things in life demand more attention. Eventually the claim period expires or the person simply doesn't feel like devoting effort to it. This is unacceptable. It allows corporate crim
    • by babbling (952366)
      The EFF explain their decision in this lecture at Google. [google.com]

      Basically, they sent a letter to Sony before suing them outlining the steps that they should take to correct their mistake. Sony ignored the letter, and the EFF sued them. They came to a settlement that achieved most of the suggestions outlined in the original EFF letter.

      The settlement wasn't too bad. Sure, they didn't hit Sony as hard as they could have, but everyone is getting replacement CDs and a small amount of compensation money. Anyone wh
  • Haven't bought any Sony CDs recently, but even if I had, I wouldn't bother. Recompense enough to see a megacorp lumbering toward extinction.
  • by kabz (770151) on Sunday March 12, 2006 @03:44PM (#14903284) Homepage Journal
    This is very small compensation for machines that may have been damaged by this rootkit. Sony should allow people to claim actual damages if people can show that damage has been done.

    The best thing that may come out of this is that the rules on what companies can and can't do have been clarified.

    If I install software on my machine, I expect it to behave itself, providing I believe that the company itself is reputable. Sony have damaged themselves through this.
    • Agreed. What's worse is that there's no way of actually knowing how much damage was done. Anyone who knew of the exploit could plant another trojan or backdoor or keylogger on your system, completely undetectable because of the rootkit. Now you have the propensity to lose anything you held deal, to include financial information. There should be punitive damages, to the tune of $1,000 (the cost of a new PC, roughly) in the very least.
    • Sony damaged themselves the very instant when they decided to become a media company. They've never recovered from that, and I doubt they ever will. They've been infected by SES (Studio Executive Syndrome), a degenerative, wasting disease that is invariably fatal.
    • Please read the EFF FAQ regarding the settlement.

      If you participate in this, you are NOT giving up your right to sue for damage to a computer or network!

      Even if you get the small amount from this claim, you can still go on to sue for actual damages, should you have them.

      http://www.eff.org/IP/DRM/Sony-BMG/settlement_faq. php#8 [eff.org]

    • Sony should allow people to claim actual damages if people can show that damage has been done.

      Difficult to prove. Expensive and time-consuming to pursue. Take Grandma out on BINGO night instead. The odds are better that you will come home a winner.

    • Sony should allow people to claim actual damages if people can show that damage has been done.

      Allow? Allow?! Surely the whole point of a lawsuit is that Sony don't get any say in what's allowed - that's down to the court.
      • There's way too many people who forget stuff like this nowadays, and that's what's allowing shit like this to happen in the first place!

        Hey, everybody: you are not "consumers," and you are not sheeple! You are CITIZENS, and you had damn well better start acting like it!
    • If I install software on my machine, I expect it to behave itself, providing I believe that the company itself is reputable.


      And even more importantly, if you put what you were led to believe is an audio CD in your computer's CD-ROM drive, you should expect it to behave itself by simply playing the music encoded on it and nothing more.

  • Friends (Score:5, Interesting)

    by quokkapox (847798) <quokkapox@gmail.com> on Sunday March 12, 2006 @03:46PM (#14903288)
    I guess if I foolishly allowed a friend to stick one of their DRM rootkit-infected CD into my drive, I don't get a share of the settlement, because I can't provide the required proof-of-purchase documentation.

    That doesn't seem fair. One CD could have infected multiple machines, but only the original owner gets "compensated" by Sony.

    • Re:Friends (Score:3, Insightful)

      How many owners keep proof-of-purchase beyond maybe the CD and the little plastic thing it came in? I mean, most of these people could have paid cash, and not kept the receipet.
    • Re:Friends (Score:5, Insightful)

      by eMartin (210973) on Sunday March 12, 2006 @04:18PM (#14903420)
      If it were up to them, you wouldn't be allowed to listen to your friend's CD in the first place.
      • Hey, if their crap even worked, it wouldn't have been an issue. So not only was their rootkit harmful, it was defective. I wonder what that gets you...
    • Re:Friends (Score:2, Funny)

      by wo1verin3 (473094)
      So you made unauthorized copies of their rootkit? I'm sure they already know and will be in touch shortly.
    • Re:Friends (Score:4, Insightful)

      by Buran (150348) on Sunday March 12, 2006 @04:51PM (#14903554)
      Sue 'em yourself. If you can prove their crap is on your computer, you have proof of damage. Go after them in small claims court. If enough people did the same thing, they'd be hit with too many tiny lawsuits to fight them all.

      They didn't tell you or the original owner of the malware on the disk, so they are liable because they were aware of its existence.
      • Sony has a duty of care to their customers, not to every joe on the street. If the grandparent found the CD on the street and put it into his computer, should he have a right to compensation? Or to remove the CD altogether, if he found a bottle of pills on the street, and took a few, should he sue the pharmaceutical company?
        On the other hand, he can sue his friend, who lent him the CD.
        • They have a duty to not actively attempt to harm anyone who might use their product. They fully knew that it is common for these items to be used by more people than the initial purchaser, thus they knew that the potential for this kind of harm exists. And yet, they chose to deliberately sabotage any system that accessed the disc.

          So yes, those who were harmed by the malware -- which I might add installs even if you attempt to deny permission -- have grounds to sue. Or would you claim I was not liable if I a
  • by Anonymous Coward on Sunday March 12, 2006 @03:47PM (#14903295)
    I'm not sure about this. Here it costs at least 40/hour to have a decent engineer come over and reinstall windows, back up your data and restore the machine to working condition. Taking the settlement Sony offer might prejudice getting a proper settlement, which I estimate at between 60-80 per affected user.

    Thats's the civil liability. Here in the UK what Sony have done is a *criminal* offence under the computer misuse act.

    I hope we haven't even started to see the scale of damage this is going to cost Sony. Frankly I hope it bankrupts them.
    If some 14 year old kid wrote this rootkit he would be staring at 10 years in jail.
  • by dubiousmike (558126) on Sunday March 12, 2006 @03:49PM (#14903300) Homepage Journal
    who decided that a free album was appropriate compensation? How about the cost to archive all important files and reinstall the afflicted OS at the very least. They could forgo the time lost without a shitted on computer
  • We can only hope (Score:3, Interesting)

    by DarthChris (960471) on Sunday March 12, 2006 @03:53PM (#14903314)

    This will like set an important precedent w.r.t. rootkits and other commercial malware (Starforce anyone?). I only hope the result will be good for the customer and not the corporations. If Sony don't get the punishment they deserve for this, everyone else will jump on the bandwagon.

    • This will like set an important precedent w.r.t. rootkits and other commercial malware (Starforce anyone?). I only hope the result will be good for the customer and not the corporations. If Sony don't get the punishment they deserve for this, everyone else will jump on the bandwagon.

      I avoid buying Sony products, unless the product is substansially better than the competition. If more people buy fewer Sony products, you can be sure that Sony execs will take notice. So their CD stunt had effect spilling i

  • The problem is that the typical consumer really has no interest in wasting their time with lawyers, paperwork, and beuracracy.

    Knowing this, is how politics take advantage of the mass consumer thinking.

    Days of War, Nights of Love is a collection of political essays which may touch on these ideas:
    http://en.wikipedia.org/wiki/Days_of_War%2C_Nights _of_Love [wikipedia.org]

    • The problem is that the typical consumer really has no interest in wasting their time with lawyers, paperwork, and beuracracy.

      In the run up to Easter people have other things on their mind than a refund from SONY. I don't give this "awareness" campaign much chance.

  • by erroneus (253617) on Sunday March 12, 2006 @04:01PM (#14903352) Homepage
    I never bought one of these. Instead, I suffered at the office as the IT guy who had to clean up the mess that Sony left behind. I would like to sue them for the labor, time and frustration they caused... and continue to cause! Those things are still out there drifting about. Just last week I had to reverse the damage one of those CDs caused. A real pain in the ass it is. So far, that makes over 10 machines trashed because of that stupid crap.

    And the "real" punishment, as far as I'm concerned, is that I had the opportunity to explain to a lay-person what Sony has done, why they did it and why they shouldn't trust Sony with their dollars ever again. I truly think it's a powerful thing since these people found out first-hand that it wasn't "their fault" and that trusting a big company like Sony to always do the right thing is pretty wrong. The opinion these people, and those they that hear their story, hold of a much lower opinion of Sony than they once did.

    May Sony feel the wrath of the consumer!!
  • by cove209 (681558) on Sunday March 12, 2006 @04:17PM (#14903416)
    Greetings,

    I just read on your website where the EFF has agreed to settle with Sony BMG.
    What a pathetic settlement that does nothing to assist consumers with the costs of removing the rootkit software and in addition, fails to act as any sort of a deterrent to Sony BMG.
    Way to knuckle under for the little guy.
    Unhappy in California

    Hi ,

    I'm sorry you feel that way and there may be nothing I can do to
    convince you otherwise, since I understand some people want Sony
    BMG's head on a pike and nothing less will do. I don't necessarily
    disagree, but the law limits what we can get in the context of a
    class action settlement. But I hope you'll at least give me a hearing.

    First, you understand that the settlement *preserves* the claims of
    folks who have hardware damage due to the rootkit, right? They can
    still sue to get more and we're happy to help. The scope of the
    settlement is for a different harm -- the harm of merely having
    bought these bad CDs.

    The main reason that we didn't settle those claims is that we haven't
    had enough people come forward with proof that the CDs harmed their
    computers to constitute a sufficient number for a class action. Class
    actions require "numerousity" and "uniformity" of claims. If you
    know of such people, please send them our way. They can bring small
    claims actions. If we do discover enough folks with a common pattern
    of harm, we will consider another class action.

    Second, as for whether this will serve as a deterrent to Sony in the
    future, I guess we'll see in time. Even if we had taken the case all
    the way through to a trial and been completely successful, a court
    would not be able to order Sony to cease using all DRM under current
    law. So as much as I'd like to see Sony do that, this case alone was
    never going to accomplish that goal.

    Right now they have stopped pressing *any* CDs with DRM on them,
    agreed to independent review of any future DRM (with a report to the
    lawyers involved in the case), and agreed to allow non-DRM/non-EULA
    versions of all of the music that was affected by the bad DRM. The
    cash cost of the settlement is hard to value but Sony says that the
    value of album downloads are $10 per album. If the 5 million people
    affected by MediaMax get a free album download that's a cost of $50
    million to Sony. That's before the $7.50 per album for the 3 million
    XCP users and the extra downloads that they get, or the replacement
    music for the MediaMax 3 users.

    While the settlement terms are the product of negotiation and so
    aren't perfect, I do think we got a good deal in the settlement for
    purchasers of the CDs. Believe me it was hard fought and there is
    much in there now that Sony started out by flatly rejecting. I
    certainly understand if you disagree and want to try for more on your
    own. You absolutely have the right to opt-out of the settlement and
    bring your own action. I'd be very curious to hear how that goes if
    you choose to do it.

    Most important for us was:
    1. stop production of any more CDs with the dangerous DRM on it.
    2. get people non-DRM'd/non-EULA'd versions of their music (this was
    strongly resisted by Sony)
    3. do it quickly
    4. get people some free music (or in the case of XCP, money) for
    their trouble.

    There's much more in the settlement than that, of course, but for the
    purchasers these were the core goals.
    Again, I appreciate your feedback.
    - Show quoted text -
    On wrote:
                                                              ---- .org
                                        ---- www.eff.org
    Electronic Frontier Foundation
    454 Shotwell Street
    San Francisco, CA 94110
    (415) 436-9333 x
    • At first I thought the EFF had sold us down the river, but now I think the settlement is reasonable. Sony agrees to cease and desist the practice, and they must provide a convenient mechanism for exchange of XCP disks. What it doesn't do is (1) provide reasonable compensation to people who suffered extensive system damage, or (2) blast Sony back to the Stone Age for having a corps of bozo executives running their music division. But as the EFF pointed out, those in the first category can opt out of the s
      • But as the EFF pointed out, those in the first category can opt out of the settlement and sue on their own dime

        But, what the EFF said was:

        First, you understand that the settlement *preserves* the claims of folks who have hardware damage due to the rootkit, right? They can still sue to get more and we're happy to help. The scope of the settlement is for a different harm -- the harm of merely having bought these bad CDs.

        That means that the lawsuit applies only to buying the DRM'd CD. It has nothing to do ins
  • Gee, that will really teach Sony a lesson they'll never forget. We can be sure that such harsh punishments will encourage all companies in the future to never do things that they shouldn't do!! /sarcasm
    • If all Slashdotters pull together and upload at least ten albums each, we can help Sony handle this terrible upload requirement! We're with you, Sony!

      7.50 per album? I've got an upstream that will save you a cool 10k/day! Hang in there, if we can get 100k Slashdotters to help out, you'll be saving a billion dollars per day!!
  • If this is a risk of buying CDs, no wonder so many people pirate. I don't, but I can't understand how this is supposed to help Sony stop piracy. I'm sure some people pirate now just as a result of that, saying, well sorry, but I can't risk a rootkit.
  • by codepunk (167897) on Sunday March 12, 2006 @04:27PM (#14903467)
    If you want more blood out of sony here you go.... Nothing at all stopping you
    from taking them to small claims court and getting what you deserve. Most small claims courts have a very small fee like $10 for filing, 5 minutes in front of a judge and bingo you have got cash!

            * damage to a computer or network resulting from interactions between the XCP Software or the MediaMax Software and your computer (e.g., damage to your hard drive);
            * damage related to your reasonable efforts to remove the XCP Software or the MediaMax Software; or
            * copyright, trademark or other claims arising from the development of the MediaMax Software or the XCP Software, or any uninstallers or updates thereto.

    You may still sue Sony BMG for any such claims, whether or not you choose to take advantage of the settlement benefits. As part of the settlement process, Sony BMG agreed to waive its overreaching New York forum selection clause and $5 limit on damages, so you can take them to your local small claims court for your damages.

    See here for more information about the small claims process.
    • Most small claims courts have a very small fee like $10 for filing, 5 minutes in front of a judge and bingo you have got cash!

      and if you believe this, I hold a lease on a bridge into Manhatten that you can buy out cheap.

    • by Stevyn (691306)
      I think that people who feel they are not justly compensated by this lawsuit, going to a small claims court might be a good idea. However, they still need to show damages. They have to have evidence that Sony cost them money. Maybe that could be hiring some geek squad guy to come over and fix it. Maybe it could simply be their time.

      It would be great if Sony was treated the same as some punk kid who hacks into a computer owned by MegaCorp and is fined thousands and given jailtime, but that's unlikely in
  • by Lazy Jones (8403) on Sunday March 12, 2006 @04:29PM (#14903479) Homepage Journal
    The settlement was a joke (sorry EFF). What kind of message is that - the typical guy who installs malware/spyware on a computer is fined heavily and sometimes goes to jail, while a big corporation Sony gets away with a ridiculous amount of cash per malevolent action? Where's the justice in that?
  • ...even provided that everyone that bought the CD does all three of these things, I doubt that Sony is really even losing money on the initial sale to begin with. This penalty they are paying may wind up not even costing them any money at all.
  • by marklyon (251926) on Sunday March 12, 2006 @04:40PM (#14903523) Homepage
    SonySuit.com [sonysuit.com] has information about the fairness hearing on May 22, 2006 at 9:15 am at the Daniel Patrick Moynihan United States Courthouse for the Southern District of New York at 500 Pearl Street, Room 2270, New York, NY.

    Don't forget -- claims MUST BE submitted by December 31, 2006. If you want to be excluded from the settlement, you MUST FILE before May 1, 2006. If you do not exclude yourself, you can attend the fairness hearing, at your own expense, and be heard by yourself or through your attorney.

    I run the SonySuit.com website an plan to start collecting messages about the settlement to submit to the court as exhibits to my statement at the fairness hearing. If you have a comment about the settlement, send it to sonysuit@gmail.com [mailto].

  • Payment (Score:3, Funny)

    by unix_core (943019) on Sunday March 12, 2006 @04:54PM (#14903564)
    Can I please pay by paypal the next time I install a rootkit on one of Sony's workstations? $7,50 each, right? They pick some stuff from my mp3 collection too, if they want.
  • EFF's Derek Slater in an awareness campaign ... is urging those inflicted with one of Sony BMG's rootkit infected CDs to collect what is due to them."

    Well the EFF isn't doing a very good job. Almost nobody I know - even computer geeks like myself - has heard or taken note of the whole Sony rootkit fiasco. I only know about it myself because of Slashdot. I was dragged along to Wal-Mart when visiting my brother recently, and had to explain the whole thing to several members my family when I saw that they were
  • by tverbeek (457094) on Sunday March 12, 2006 @05:26PM (#14903693) Homepage
    Don't you people realize that this so-called "settlement" is just a trick to enable the courts to collect the names and addresses of people who listen to creatively bland corporate musick?!
  • by sgent (874402) on Sunday March 12, 2006 @05:28PM (#14903698)
    this is a claim merely for having bought the CD's in question -- it IS NOT COMPENSATION for damages that may have result from your network or computer. See http://www.eff.org/IP/DRM/Sony-BMG/settlement_faq. php [eff.org] for full information on the settlement.

    exert...

    Why does EFF think the settlement is a good deal for purchasers of the Sony BMG CDs?

    EFF agreed to the settlement because we believe it provides a good compensation package for the group of people who purchased the CDs but did not experience any hardware damage as a result. This means purchasers whose claim is primarily based on their purchase of the CDs and experiencing the hassle of having to patch or uninstall their systems, or in the case of MediaMax 3, having had files installed prior to giving you a chance to agree.

    EFF's goals for purchasers of the CDs were to :

    1. Stop production of any more CDs by Sony BMG with the bad DRM on them.
    2. Get people non-DRM'd/non-EULA'd versions of their music.
    3. Get this relief to people quickly, rather than after years of legal wrangling. This is in part why some of things in the settlement, like uninstallers, were available before the settlement itself was announced.
    4. Get people some free music, or in the case of those who were at risk from the XCP rootkit, a choice of some money for their trouble.
    5. Ensure that people get notice. Sony BMG has agreed to use the banner functionality on some of its CDs to give individual notice to purchasers at the time they put the CD into their computers, as well as put notices on many artists websites and purchasing adwords giving notice more broadly. We're still working with Sony about what these will look like, but EFF believes that taking extra steps to give people notice of the need to patch their systems, and of the settlement, is important.
    6. Ensure independent security testing and pre-launch EULA review of any future DRM, with a report to the lawyers involved in the case of at least the security testing.
    7. Agree to a quick process for response by Sony BMG, involving independent security reviewers and enforced by the court, in the event of any future discovery of a security flaw in their DRM.

    There's much more in the settlement than that, of course, but for the purchasers these were EFF's core goals and the settlement meets them all. That's why we think the settlement is a good deal and we endorse it.

  • Who's gonna pay for the damage Sony's rootkit did to the poor fools' computers?

    Imagine you're a computer illiterate. Like about 70% of the people out there, who just know how to slip a CD in and hope that autorun works. Who is going to pay for the expert they need to get the computer back into shape? Or, if they don't, who's gonna pay for the consequential costs those backdoor'ed and trojan-prepared machines are going to cause? Who's going to pay the hours necessary if you do it yourself?

    My time has a price
  • Title should be... (Score:2, Insightful)

    by danwesnor (896499)
    ... EFF Finally Sells Out.

    I would think they would be encouraging victims to withdraw from the class action. Maybe the victims who did so would get nothing (as opposed to next-to-nothing), but every victim who withdrew from the class would cost the lawyers who agreed to this worthless settlement a little bit of their fee.

    Not only does the agreement not compensate the victims for real damages ($7.50 is what, 10 minutes of tech support?), but contains no punitive damages. Let's not forget that Sony di
  • by Nom du Keyboard (633989) on Sunday March 12, 2006 @06:57PM (#14904059)
    This is very lame compensation. Sony got off just short of scot-free so far. The CD's cost well under a buck to press. The damage to your computer, time and efforts to clean it up, cost far more than this.

    I don't see a single thing in this settlement that punishes Sony sufficiently to absolutely convince them to never even think of attempting this again.

    Worse yet, I don't see anything here to scare off any other big music or movie company from trying the same thing.

    Sony should have gone down big time over this one.

    And the lawyers should have only gotten a replacement CD and 3 free downloads as well.

    Are there still any other suits in any other state/countries pending that will hurt them more?

    • It's your money they want. Nothing else. Not your love, not your sympathy, not your admiration. They want money. Simple as that.

      Now, it's not like Sony produces anything so essential that you have to have it or you die. They're in the entertainment business.

      All we gotta do is realize that we can live and stay healthy without their music. Personally, I think it ain't that hard, considering the crap they sell.
  • Sony:

    The good news, you don't have to recompense me for the malware-infected CD's you sold on the market.

    The bad news, it's due to the fact that I don't buy music anymore. I can do without you, I hope you're fine without my money.
  • I have one of the MediaMax-infected albums, and the compensation offered is a free download of the songs on the album? If I had wanted a limited-quality download of the songs (probably rife with drm), I would have bought the album online in the first place. What I wanted was a CD that I could play anywhere and rip to whatever quality/format I wanted whenever I wanted. This is a joke.

    Dave

Sigmund Freud is alleged to have said that in the last analysis the entire field of psychology may reduce to biological electrochemistry.

Working...