lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <008301c455a9$31285fa0$b3a5dccb@Ham>
Date: Sat, 19 Jun 2004 12:57:42 +1000
From: "Hamilton Frail" <h.frail@...pond.com>
To: <bugtraq@...urityfocus.com>
Subject: Re: Caveat Lector: Beastie Boys Evil


Assumming we are on a XP Pro box, does anyone know if the exe has the same
effect on Admin, power user, and normal user accounts? or just more
privilaged accounts such as Power users and/or Administrators??

More to the point, does anyone know what it is exactly doing to prevent the
cd from being copyed (the actual exe, not the errors they put on the cd)?
or has anyone monitored any system calls, file access or registray access
the exe makes when it is executed?

I found a few messages with other peopels experiences:
"Some remark about my previous post:
It is actually tedious to specify the start time and the length for each
track, but it definitely works.
Note that before I deactivate the auto-run, Easy AC-DC did not recognise the
CD, it actually did not see there was a CD at all. After the desactivation,
it detects the CD with n + 1 tracks. This is maybe why some of you thought
it didnot work."

and

"Got into the same problem with RHCP Greatest Hits and it turns out that
Easy CD-DA is working well, but:
1) You have to desactivate the auto-start feature on the CD burner.
2) You will see that Easy CD-DA detects that all the tracks are aboiut 10
seconds and the last one is very long.
Ignore the last one, and modify the start date and length of each other
tracks to the proper timing.
Rip the tracks at a low speed (2x). It is long, but it is working."
from http://www.fedge.net/emi/gb.php?action=view

So, I guess it is looking for specific processes and messing with them?
Although I read somwhere last night that it didnt seem to effect copying
with a normal cd rom - only if the device was a burner, so could / is it
messing with atapi function calls?

Reguards,
Philip

----- Original Message ----- 
From: "KF (lists)" <kf_lists@...netops.com>
To: "Dragos Ruiu" <dr@....net>
Cc: <bugtraq@...urityfocus.com>
Sent: Thursday, June 17, 2004 10:58 AM
Subject: Re: Caveat Lector: Beastie Boys Evil


> That could be why it sounds like crap when my X-Box trys to play it...
> the audio cuts in an out REAL bad...
>
> I assume you would want to take a peak at beastie.exe if you really
> wanted to figure out what they are doing.
> -KF
>
>
> Dragos Ruiu wrote:
>
> >Well I truly regret actually purchasing a copy of the new Beastie Boys
album
> >to support them.
> >
> >It seems that Capitol Records has some sort of new copy protection
system,
> >that automatically, silently, installs "helpful" copy protection software
on
> >MacOS and Windows as soon as you insert the CD into default systems.
> >I'm not sure exactly what it does yet, but I am sure regreting actually
> >purchasing said media now... they don't deserve my money if they choose
> >to pull stupid stunts like this. Installing software without your
permission
> >sounds like viral malware behaviour to me. I certainly hope the AV
companies
> >put signatures into their products for this crap.
> >
> >They include some sort of uninstaller buried on there for Windows, but
> >I see no such thing for MacOS. If anyone has disassembled the
> >aforementioned malware already and can save us some time with
> >instructions on how to remove it... thanks in advance.
> >
> >caveat emptor,
> >--dr
> >
> >
> >
>
>



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ