Skip to content

Breakthrough after breakthrough in the F4I case

Ladies and gentlemen, muzzy and I made what's maybe the most significant progress since we began our little examination of the F4I binaries a few days ago. Thanks to Halvar Flake of Sabre Security who provided us with results from newer versions of BinDiff than those that were available to us, I was able to positively identify several functions from the mpglib library in the F4I code. What's significantly more important is that muzzy found actual GPL code in the files too! Yes, GPL, not LGPL! This opens up a completely different can of worms.

Let's start with the LGPL code from mpglib. I'm only listing the found functions briefly because I think there's already enough disassembly on my website.

The function decodeMP3 from interface.c can be found at virtual offset 0x10059850 in ECDPlayerControl.ocx
The function decodeMP3_clipchoice from interface.c can be found at virtual offset 0x10059440 in ECDPlayerControl.ocx
The function addbuf from interface.c can be found at virtual offset 0x10059020 in ECDPlayerControl.ocx
The function sync_buffer from interface.c can be found at virtual offset 0x10059310 in ECDPlayerControl.ocx
...

I could go on like this for quite a while as the functions mentioned already contain so many function calls themselves that it's probably possible to reconstruct large parts of mpglib from there (if not the complete library).

I'm sure you're more interested in the GPL code than in a large list of LGPL functions and where they can be found in the F4I code though.

I just want to mention that the function that can be found at virtual offset 0x10089E00 in ECDPlayerControl.ocx is the function DoShuffle from a GPL-ed file called drms.c written by Jon Lech Johansen and Sam Hocevar (Google for it). I'll leave the rest of the explanation to muzzy for now.

Trackbacks

][ stefano maffulli on : Indovina chi abusa del copyright

Show preview
Sembra ormai chiaro che i distributori di musica hanno dichiarato guerra ai loro clienti. Paradossale, ma è così. La major Sony-BMG ha inserito un rootkit in alcuni suoi CD musicali e, una volta scoperto il malware, prima ha negato poi ha ammesso ma...

HCS's and Gen's Place on : The Rootkit That Never Dies

Show preview
Schneier on Security This is an excellent summary about what has been going on with the Sony Rootkit debacle right down to the complete ineptitude and sometimes indifference of the a/v companies. I have already posted about this before but this cont...

Comments

Display comments as Linear | Threaded

Gavin on :

Whatever the outcome of all the legal nonesense you guys have been doing a great job staying on top of this and resversing the code. Keep up the good work.

Rolf on :

Just when you thought this story was going to go away ... DVD Jon's GPL code ends up in MPAA/RIAA-heavyweight Sony's rootkit. Un-fucking-believable.

sp on :

Yeah, that's so incredibly ironic I can't believe it. I actually wanted to write some lines about that specific fact but backed out because I just couldn't decide which joke of the ones I thought of I should use.

Anonymous on :

Violations of the GPL, LGPL, and GFDL

http://www.fsf.org/licensing/licenses/gpl-violation.html

Anon on :

The authors whose work has been stolen by Sony should sue. Is there a legal fund to support this?

Anonymous on :

you do realise that this would simply kill off F4I and Sony would just wipe the hands ?

Damien on :

Not really - just like file sharers are guilty of copyright infringement by trading copyrighted files, Sony is guilty of the same. And at an industrial scale, and for a profit. Sony is liable for infringement every bit as much as, or perhaps even more than (since they are the ones selling to stolen code for a profit) F4I.

Anonymous on :

Takedown notice time. Someone (EFF?) needs to draft a takedown notice that looks exactly like every other takedown notice, and start sending it out.

This is a DMCA violation. It is very serious. Sony has been saying so for a long time.

Anonymous on :

I think the takedown notice action would need to be done by the copyright holders (but we all can certainly help by asking for it).

Matthew on :

Only the copyright holders of these infringements, GPL and LGPL, can attack Sony or F4I.

As the LGPL stuff appears to have been compiled into larger binaries, even the lesser requirements of the LGPL have been bypassed and so there are no applicable differences in the licensing terms that apply between the LGPL violations and the GPL violation.

On the plus side, while F4I are very likely to be liable under the GPL and LGPL licenses for modification and distribution - it's not at all proven that the version given to Sony didn't contain the license provisions and attributions, or that they charged development fees, or that Sony doesn't have the full source code - Sony should be fully liable for the license violations, since they have definitely distributed the modified code without following the license provisions or attributions.

Possible class-challenges would likely be on the subject of illegal systems interference - which is just as illegal with a EULA as without if the EULA is not explicit about those actions which would be thusly classified - and again, whether or not 4FI can be included among the guiltly, Sony creates the actual CDs and is the paid distributor.

xxx on :

This is a good reason to generally avoid GPL base code. Do not use GPL Code, do not use Linux and shit like this. Ban GPL.

James Pilcher on :

all they had to do was adhere to the licence terms and they would have had no problem using the GPL code.

considering those terms involve no financial cost, it is simply their laziness and hubris that caused the problem, not the GPL.

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
BBCode format allowed
Form options

Submitted comments will be subject to moderation before being displayed.