That’s the message right now for Sony BMG Music Entertainment, which is now being sued by the state of Texas and the Electronic Frontier Foundation (EFF), after two weeks of a blogger-fuelled firestorm over copy-protection software Sony put on some 50 CDs.

The software, intended to stop people from ripping music from CDs to their computers so they could download it to MP3 players or share it on the net, was first discovered by security researcher Mark Russinovich and then posted on his blog. Copy-protection mechanisms are nothing new, but this one was different, because it installs, without the user’s knowledge, what is called a rootkit.

A rootkit is a tool typically used by hackers and sometimes system administrators that runs invisibly on computers and gives its user total control. The problem with Sony doing this is twofold: first, it is installed without asking informed permission from the user, second, it poses a security risk because it can be piggy-backed on by hackers. When Sony capitulated and released an uninstaller tool, it was also found to present a serious security threat. Two malicious software programs that piggyback on the security vulnerabilities Sony has created in people’s computers have already popped up.

Now they’re getting sued in the US under anti-spyware laws. No legal action has been announced in Canada yet, even though Sony has sold 120,000 CDs here that have this problem.

This is one more sign that the music industry just doesn’t get it, something that alevo has written about before. They don’t get it from a customer-relations point of view, as Paul Graham writes in a great article about the new Internet (Web 2.0):

The web naturally has a certain grain, and Google is aligned with it. That’s why their success seems so effortless. They’re sailing with the wind, instead of sitting becalmed praying for a business model, like the print media, or trying to tack upwind by suing their customers, like Microsoft and the record labels.

But they also don’t seem to get it from a technological point of view. The absolute bottom-line is that stopping people from copying music from CDs to their computers, and then sending it to anything else – their MP3 players, burned CDs, or the entire world – is impossible.

When music is recorded, it is stored as a signal. The transmission and recording of signals has been wide-spread for decades. There is no copy-protection technology that will ever stop people from simply plugging their stereo into their computer, playing the music they want on their stereo and recording it onto their computer. There is nothing the music industry can do to stop consumers from recording songs from the radio onto their PCs either. The 21st century equivalent of recording 80s hits on your boombox and then making tapes for your highschool sweetheart cannot be eliminated with even the most obtrusive software.

All the recording industry can do is try and make it more inconvenient by coming up with various ridiculous and as it turns out, possibly illegal schemes. This is like cutting off their nose to spite their face. Making things difficult for their customers isn’t just losing them business, it’s also driving the success of the peer-to-peer (P2P) file-sharing networks that took over where Napster left off: too inconvenient to plug your stereo into your computer, play the songs and record them? Just start up a P2P program like the fabulous SoulSeek and you’ll get the song you want, neatly encoded as an MP3 and ready for your iPod in just a few moments.

If the recording industry doesn’t stop fighting this losing battle, they’re going to wake up one day and realize they’ve lost. The Internet, and their customers, will have moved on without them.

I don’t normally post computer security warnings, but this is a bad one. There is a flaw in Internet Explorer versions 5.5 and 6.x which allows malicious code to take over your entire computer, simply by visiting the wrong website. This vulnerability affects even computers running Windows XP SP2, which is the most recent version of Windows XP.

Most of you are probably using a version of IE that is vulnerable and I bet almost all of you are using Windows. So be careful. Don’t visit any websites that you do not trust – a prime example would be the kind of websites you’d encounter if you are looking for free software/games/movies/music, cd-keys and serial numbers, hacks, or anything else that is marginally socially/legally acceptable. Or start using Firefox, which doesn’t have this problem. There is going to be a wave of people looking to exploit this until Microsoft fixes it.

You can read more about this issue here.

Images have an undeniable power. Since the dawn of mankind people have struggled to capture their own likenesses and those of the animals and things around them. The story of art was a steady progression towards more and more perfect images until the 16th century, when they were finally perfected by the great Renaissance painters.

This power is well-understood by practitioners of religion and magic. The Old Testament forbade the creation of images in the Ten Commandments: “Thou shalt not make unto thee a graven image, nor any manner of likeness, of any thing that is in heaven above, or that is in the earth beneath, or that is in the water under the earth”, which didn’t really stop anybody, least of all the people who build churches. (Contrast the huge number of images in a Catholic church compared to their total absence in a mosque.)

The practice of sympathetic magic is also ancient, which involves “the use of physical objects which resemble the object or objects one hopes to influence” (1). The best-known example is the voodoo doll, of New Orleans voodoo fame, although the use of poppets comes from European traditions.

Rooted in these beliefs of the power of images is the legendary story of the “native” who refuses to allow his picture to be taken. He feels that by allowing his perfect replication in an image, he is giving up control over himself in some way. With the power of digital technology to alter images, perhaps he is right.

Now that we’re stuck with the possibility of a holiday election, we will soon be seeing a lot more of our national leaders than any of us really want. I think it’s time to remind them that no matter how important they think they are, we’re still the ones in control. Especially if we own a copy of Photoshop. I’ll go first with Andre Boisclair, the PQ’s new leader:

“Ehhhh Canada, say ‘ello to my little friend!”

                  Sent in by tim

Send ’em in via email and I’ll post them up!

Not signing the Kyoto Protocol on global warming, as in the US? Or signing it and then failing to come anywhere close to meeting it, as in Canada?

All the Canadians who have vehemently criticized the US for not signing on might want to redirect a little of their criticism to our own government.

In June, 1972, South Vietnamese planes bombed a Vietnamese village with napalm and white phosphorus. A photographer named Nick Ut was nearby. The photograph he took of the burned and panicked young girl fleeing the explosions won him a Pulitzer Prize. It was a turning point in the public perception of the war in Vietnam.

Today, the controversy that started with the release of a documentary by Italian state television station RAI still rages. The video claims that US forces used white phosphorus (WP) to kill indiscriminately in the battle of Fallujah, showing footage of the burning phosphorus raining down on huge areas. It includes graphic photos of Iraqi civilians whose flesh had burned to the bone but whose clothing remained remarkably intact.

Following the release of the video, the US totally denied it had used WP in Iraq for anything besides illumination and for creating smoke screens, two widely-accepted uses of the chemical. The denials came from spokesmen for the military, American ambassadors and even the US State Department itself.

But it was true, and the US finally admitted it. Now they claim its use to kill in Fallujah was legal, because the US has signed but not ratified the most relevant international treaty on the use of WP and napalm in civilian areas.

Much of the media focus, especially in the US, has now moved to examining whether or not that legal argument holds water. But the US has shown that it does not care if its actions are legal or not: the war in Iraq, the endless detention of detainees without trial or charge, the secret prison sites, and the abuse, torture and murder of prisoners are all illegal, under international law and the laws of the US itself.

So the legality of using WP as a weapon, especially in civilian areas, is not the most important issue. The important issue is whether or not its use is right. The American government itself gave a telling clue when it denied using it from the beginning. Why deny doing something that is both legal and moral?

Because they know the facts, which speak for themselves. The American military unleashed an indiscriminate incendiary weapon with particularly brutal effects inside a densely populated city, with appalling consequences for the people living there. Examining what actually happened is more important than dusting off UN conventions or chemical weapons treaties. What actually happened is what’s driving the international outrage.

I think it’s time for a United Nations investigation into exactly what happened in that city.