Sony Helps Prove DRM Copy Protection is Harmful
If you don’t think DRM (Digital Rights Management) spells the end for your privacy and freedom, let Sony’s latest stunt help to open your eyes. A Music CD with Sony’s DRM technology (that’s to prevent you from copying the music) has been found to install a rootkit on customer computers. Wikipedia defines a rootkit as “tools frequently used by an intruder after cracking a computer system.” The sum of this is that Sony puts hacker tools on your computer so you can’t copy the music you bought. It makes your computer run slower and it could be used to invade your privacy. And keep in mind that all you did was pop the CD into your computer to listen to music you paid for. Now look who’s being punished by DRM!
Sony Invades Your Privacy and Threatens Your Rights
Rootkit and spyware detection software developer Mark Russinovich stumbled across Sony’s dirty little secret rootkit virus by accident. The Sony rootkit is on many music titles now as a copy protection scheme. The rootkit triggered his rootkit detection tool that he was developing. His method of detection and analysis is rather detailed, and shockingly fascinating. He found the Sony DRM rootkit on the music CD Van Zant’s “Get Right with the Man.”
Sony’s DRM rootkit doesn’t stop the music CD from playing on standard consumer electronics CD players, but when you go to play it on your computer the DRM rootkit automatically installs itself. When played on a Microsoft Windows PC, Sony’s DRM system forces you to play the music though their special software, which secretly installs the rootkit, just like a virus.
Yes, a virus, a trojan horse, a program that hides itself so deep it runs undetected by many spyware detection tools and perhaps all current anti-virus software. A tiny program you weren’t warned about, you didn’t agree to have installed, and that compromises the stability and security of your computer system.
The Sony DRM rootkit is a virus in essence. It hides itself so that even many technical computer experts can’t find it. Furthermore, it scans everything running on the system when active, and it causes computer performance to slow. Mark Russinovich also demonstrates how the Sony DRM rootkit is very poorly written, can could be exploited by parties other than Sony to gain access to your computer data.
If you are actually able to find the Sony DRM rootkit and remove it yourself, you will likely lose access to the CDROM drive on your computer. That’s right, clean removal is extremely difficult, even for a professional computer technician. The way the rootkit replaces a driver for the CD drive will cause your CD drive to be disabled when you remove the Sony DRM rootkit.
Here’s Where DRM is Today
Sony isn’t the only company trying to control your computer and invade your privacy with DRM rootkit viruses. Other huge recording companies have their own DRM rootkit software either in development, or ready to be deployed. C|Net reports that EMI and the Universal Music Group use technology similar to that used by Sony, even though they may deny it.
The company called First 4 Internet Technology (send’em your hate mail) is responsible for developing the Sony DRM rootkit virus. A company called Macrovision is also doing the same thing for the software, music, and movie industry. In fact, Macrovision is perhaps the worst offender historically for taking extreme measures to the detriment of the consumer in preventing music, software, and video piracy. These companies go too far and their prevention measures choking the average consumer that is not trying to copy anything illegally.
The Short Term “Little” Victories
Mark Russinovich is the hero of the day for providing concrete evidence of Sony’s secret DRM rootkit and making the public aware of it. Unfortunately, hackers can also use the information that he published to exploit this rootkit and gain access to people’s computers. This is possible because the rootkit was so poorly written. In response, Sony has been pressured into releasing an update that will remove the rootkit based DRM virus and replace it with less intrusive DRM software; still not good enough! Sony offers no complete removal kit. Consumers already infected with the Sony rootkit should demand complete and total removal, not replacement by a lesser evil. Consumers should also return the music with the copy protection and demand a refund.
Where DRM is Heading
Because each company will eventually develop a unique DRM rootkit for their music and media, your system could very well become infected with a number of these rootkit viruses. After you get three or four installed without your knowledge, your system performance will slow to a crawl. Additionally, the door is open for many hacks and exploits against your machine. No matter how well you lock the front door, the back door will be wide open. Antivirus companies are warning that the Sony DRM rootkit stunt will spark copycat viruses.
Microsoft is building DRM into their next operating system Windows Vista (Longhorn). In a notable article, Alexander Grundner explains why the open platform PC is inevitably going to disappear (at least for Windows users) with the advent of Windows Vista and DRM. Where Grundner goes off course is in calling DRM a “necessary evil.” In all actuality, it is the technology that is going to change no matter how hard Sony and the industry tries to resist. The industry needs to adapt, form a new business model, and make money by being ahead of technology, but by suppressing it.
Many, including this author, will refuse to upgrade to Windows Vista until the necessary hacking tools are available to completely disable and remove the Microsoft DRM, if possible. Otherwise, the popularity of alternative Operating Systems such as Linux will surely benefit as they remain purely open platforms. Linux is making great advancements and could very well match Microsoft Windows in usability before Vista is even released.
Although a more serious threat looms over open platform advocates as companies like Sony and Microsoft use their heavy hands to influence hardware manufactures into incorporating DRM at a hardware level. Imagine buying a computer motherboard with built in DRM that no Operating System could bypass!
It’s Supposed To Be Your Computer
Avoid buying any music that has DRM copy protection technology. In fact, join the large and growing consumer boycott of music with copy protection. When buying music on Amazon.com you can tell if the title has copy protection since Amazon labels it so.
The title “Life In Slow Motion,” David Gray, is denoted [CONTENT/COPY-PROTECTED CD]. That means if you buy it from anywhere, even Wal-Mart, it will still have the copy protection. It is not an issue of where you buy it, only that Amazon.com is kind enough to at least warn consumers first. Kudos to Amazon for the warning. Kudos to consumers who refuse to buy such titles.
DRM is bad news for the consumer. DRM is bad for culture and creativity. DRM threatens your rights and your information security. No matter how careful the industry is, and how well implemented they claim their DRM software is, the consequences will nonetheless impact the consumer by restricting consumer rights, privacy, and security.
Keep this in mind when you consider upgrading your computer to the next version of Microsoft Windows when it is released. If it has built in DRM technology, you are strongly advised to not make the upgrade. The consumer has the power and if enough people protest this new invasion of privacy and control problem, DRM will die and your rights and freedoms will remain in your hands.
November 7th, 2005 at 9:48 pm
Despite claims by Sony to the contrary heard on National Public Radio this morning, Sony’s DRM DOES
actually attempt to contact a server every time the CD is played. The
Sony EULA says nothing about their DRM software attempting to update
itself either. Yet Mark Russinovich’s latest Blog finds that the software seems to be contacting sony.com to request updates.
As if that wasn’t odious enough, the removal tool offered by Sony
(All 3.5 MB of it) requires full name and address disclosure and a
valid e-mail address to mail it to. They also immediately add the
address to their marketing lists. If you want the removal utility, they
insist on this behavior.
The Sony removal tool is apparently quite ineffective. It merely
decloaks the DRM, but does not remove it. Furthermore, this tool runs
the danger of going blue-screen. As Russinovich says:
Apparently Sony not only unrepentant but arrogant to the extreme. We
need to establish limits. What legislatable limits ought to be part and
parcel of some global DRM software rights/responsibility?”
November 7th, 2005 at 9:49 pm
Antivirus firms consider protection against Sony DRM rootkit
Kaspersky calls it spyware, while at Sophos it’s ineptware. Whatever you term the software used by Sony’s digital rights management, antivirus companies are considering adding protection against it to their products.
http://www.zdnetindia.com/news/security/stories/130094.html
November 7th, 2005 at 10:13 pm
Thank you for the information. Please, everyone who has more updates on what is happening with this issue post it here. I also see that Sony was sued today by an Italian Group.
The lawsuit, from ALCEI (Italy’s EFF), charges that Sony’s DRM … of course, is that the DRM has been in place for months, but the rootkit issue.
November 7th, 2005 at 10:15 pm
Sony sued over rootkits
Italy kicks it off
INQUIRER http://www.theinquirer.net/?article=27508
SONY IS FINALLY GOING to have to answer the tough questions, because it is being sued. According to the press release here, and the complaint
here, the Italian group ALCEI is suing Sony over the
rootkitting DRM infection.
November 7th, 2005 at 11:08 pm
For more information on DRM, see the following sources:
1. Cory Doctorow - Microsoft DRM Research Talk
2. EFF - Digital Rights Management: A failure in the developed world, a danger to the developing world
3. The Inquirer - Prepare to get screwed by digital rights management
4. P2PNet - Generally good site for information
5. DRM Blog - All things DRM
November 8th, 2005 at 10:52 am
NPR proves it’s worth again by doing a story for non-techies about why this matters. From the site:
After an uproar that started on blogs, privacy and security experts are charging that the technology Sony BMG Music Entertainment has built into some of its music CDs is invasive and exposes users to threats from hackers and viruses.
November 9th, 2005 at 11:51 am
The President of Sony BMG’s global digital business division Thomas Hesse has weighed into the storm over the ‘rootkit’-style copy restriction software introduced on some recent audio CDs.
Sony’s software installs itself by stealth, conceals itself, then intercepts low level Windows systems calls. Removing it causes the CD drive to be rendered inoperable. The only cure is to reformat the disk and reinstall Windows.
Click Here
What responsibility did Hesse feel for the havoc his CDs had caused?
“Most people, I think, don’t even know what a rootkit is, so why should they care about it?” he huffed.
I think we can take that as: “No responsibility at all.”
(Hesse made his comments on NPR radio on Friday - you can hear them here, 1m:50s into the short report.)
But IT departments beg to differ.
A support manager at an IT department in a medium sized corporation told us that a CD-borne infection of Sony DRM is already causing his team headaches.
A major antivirus vendor diagnosed the problem as a nasty case of DRM, he told us, but the problem didn’t end there. The Sony ‘root kit’ causes the antivirus software to go haywire, popping up alerts at the rate of one a second.
Three systems have so far been flattened, he said. The original culprit was a Van Zant CD - from Sony BMG.
And it gets worse.
On Sunday Mark Russinovich of Sysinternals.com, whose forensics last week identified the DRM as a ‘rootkit’ style infection, has been taking a look at the patch subsequently issued by First4Internet, the British company which wrote the crippleware.
All the patch does is force XP to issue Windows commands (eg, “net stop”) that disable the driver. Because XP is a multithreaded OS, this is a brute force procedure that can cause the system to crash if resources are in contention.
Russinovich also notes that the Sony DRM software still contains vulnerabilities that expose a system to a potential blue screen of death. Instead of exiting gracefully and returning standard Windows system errors, the DRM exits disgracefully.
November 10th, 2005 at 11:34 am
Trey Anastasio, Shine (Columbia)
Celine Dion, On ne Change Pas (Epic)
Neil Diamond, 12 Songs (Columbia)
Our Lady Peace, Healthy in Paranoid Times (Columbia)
Chris Botti, To Love Again (Columbia)
Van Zant, Get Right with the Man (Columbia)
Switchfoot, Nothing is Sound (Columbia)
The Coral, The Invisible Invasion (Columbia)
Acceptance, Phantoms (Columbia)
Susie Suh, Susie Suh (Epic)
Amerie, Touch (Columbia)
Life of Agony, Broken Valley (Epic)
Horace Silver Quintet, Silver’s Blue (Epic Legacy)
Gerry Mulligan, Jeru (Columbia Legacy)
Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
The Bad Plus, Suspicious Activity (Columbia)
The Dead 60s, The Dead 60s (Epic)
Dion, The Essential Dion (Columbia Legacy)
Natasha Bedingfield, Unwritten (Epic)
Ricky Martin, Life (Columbia) (labeled as XCP, but, oddly, our disc had no protection
My Morning Jacket, Z
Santana, All That I Am
Sarah McLachlan, Bloom Remix Album
This is not a complete list. So how do you recognize other XCP-laden CDs in the wild?
Tip-off #1: on the front of the CD, at the left-most edge, in the transparent “spine”, you’ll see “CONTENT PROTECTED” along with the IFPI copy-protection logo. A few photos make this clearer.
Tip-off #2: on the back of the CD, on the bottom or right side, there will be a “Compatible with” disclosure box. Along with compatibility information, the box also includes a URL where you can get help. The URL has a telltale admission buried in it: cp.sonybmg.com/xcp. That lets you know that XCP is on this disc (discs protected with SunnComm have a different URL that includes “sunncomm”).
November 11th, 2005 at 10:45 am
This affects macs as well.
I recently purchased Imogen Heap’s new CD (Speak for Yourself), an RCA Victor release, but with distribution credited to Sony/BMG. Reading recent reports of a Sony rootkit, I decided to poke around. In addition to the standard volume for AIFF files, there’s a smaller extra partition for “enhanced” content. I was surprised to find a “Start.app” Mac application in addition to the expected Windows-related files. Running this app brings up a long legal agreement, clicking Continue prompts you for your username/password (uh-oh!), and then promptly exits. Digging around a bit, I find that Start.app actually installs 2 files: PhoenixNub1.kext and PhoenixNub12.kext.
November 11th, 2005 at 3:59 pm
To uninstall the software completely, a user must fill out a separate customer service form on Sony’s Web site, asking for instructions on how to uninstall the rootkit software.
November 11th, 2005 at 4:52 pm
Bowing to public outrage, Sony BMG has temporarily halted the
use of its controversial anti-piracy software in all of its music CDs, the company said in a statement today.
The move comes just a day after a top Bush administration official
chided Sony and the entertainment industry for going too far: according
to this story over at Washingtonpost.com,
Stewart Baker, the Department of Homeland Security’s policy czar warned
would-be DRM makers: ‘It’s very important to remember that it’s your
intellectual property — it’s not your computer. And in the pursuit of
protection of intellectual property, it’s important not to defeat or
undermine the security measures that people need to adopt in these
days.’ The Post has the full text and video of his commentary.
November 14th, 2005 at 12:19 am
According to a C|Net story “Security tools within Windows will soon seek out and destroy the rootkit-like component of Sony’s CD copy-restriction software.” But don’t applaud Microsoft yet, as it doesn’t completely remove the Sony DRM rootkit, only parts of it. An interesting note about the story is how it first states, “detect and remove part of the copy protection tools” and then later leads readers to believe it will provide complete removal. Hopefully there will be some tool available soon that will totally eradicate the Sony DRM rootkit spyware malware virus Trojan evil little critter!
November 14th, 2005 at 12:40 am
Upcoming releases of Microsoft’s spyware removal tools will
uninstall Sony copy-protection software that functions as a rootkit.
“We have analyzed this software, and have determined that in order to
help protect our customers we will add a detection and removal
signature for the rootkit component of the XCP (Extended Copy
Protection) software,” Jason Garms of Microsoft announced on the Anti-Malware Engineering Team blog.
“Rootkits have a clearly negative impact on not only the security, but
also the reliability and performance of their systems.” The detection
of the Sony tool will be included in upcoming releases of the Malicious
Software Removal Tool, which is updated through Windows Update, as well
as the beta of Windows Antispyware.
Sony uses XCP software to restrict unauthorized copying of music CDs. The software’s controversial operations were detailed by Mark Russinovich
of SysInternals two weeks ago, prompting alarm among many security
experts. “Although the software isn’t itself malicious, the hiding
techniques used are exactly the same that malicious software known as
rootkits use to hide themselves,” noted F-Secure,
which soon discovered a trojan attempting to use the Sony XCP software
to disguise its presence. Fortunately, the trojan had coding errors
that prevented it from spreading widely.
On Friday Sony announced it would halt production
of CDs including XCP technology. “We are aware that a computer virus is
circulating that may affect computers with XCP content protection
software,” the record label said in a statement Friday. “We stand by
content protection technology as an important tool to protect our
intellectual property rights and those of our artists. Nonetheless, as
a precautionary measure, Sony BMG is temporarily suspending the
manufacture of CDs containing XCP technology.”
Microsoft’s decision to remove the Sony rootkit may have been
influenced by concerns that the software could interfere with the
stability of Windows. Russinovich told the Windows news site Bink.NU
that a software patch Sony issued to limit XCP capabilities could cause crashes in Windows
during installation. Microsoft and Sony are also ferocious competitors
in the gaming market, where Sony’s PlayStation 2 and Microsoft’s Xbox
are the leading gaming consoles.
November 14th, 2005 at 7:38 pm
[…] And on the Sony Rootkit front Stewart Baker, the Department of Homeland Security’s policy czar warned would-be DRM makers: ‘It’s very important to remember that it’s your intellectual property — it’s not your computer. And in the pursuit of protection of intellectual property, it’s important not to defeat or undermine the security measures that people need to adopt in these days.‘ It’s a rather noncommittal warning but at least it’s something. Guess Baker realizes that voter’s don’t want spyware on their computers either. […]
November 14th, 2005 at 7:49 pm
Anti-spyware: Sony officially uses spyware, says Microsoft
http://www.gameshout.com/news/112005/article1632.htm
Microsoft Corp. announced Saturday that they are updating their anti-spyware software to detect and eliminate the Sony BMG spyware.
Anti-spyware is heading for overload as Microsoft Corp. announced that they are updating their anti-spyware software, now known as “Windows Defender”, to detect and remove Sony BMG’s anti-piracy software.
This is the first step by an anti-spyware developer to come forward and announce Sony BMG’s spyware practices. Microsoft will automate the process through its malicious software removal tool, which is designed to remove infections caused by viruses, worms, and rootkits. The Sony BMG anti-piracy software is considered a
“rootkit”.
Microsoft stated that they have analyzed the Sony BMG anti-piracy software and have determined the proper steps of detection and removal of the rootkit component.
After facing two weeks of criticism, Sony already announced on Friday that they would nolonger use the anti-piracy technology. Security experts warned that the software’s ability to hide files on a user’s machine could also be used by attackers for mass-spamming, viruses, and even exploit Sony’s own anti-piracy software.
For Microsoft, this step to guard against Sony’s BMG anti-piracy software is a brilliant move. The company announced a few days ago that their spyware removal tool will be called “Windows Defender”, which will be included in the upcoming new version of the Windows operating system. The new version of Windows is known as “Vista”, but there are other names floating around as well.
November 15th, 2005 at 4:48 pm
According to a Dutch article the Sony DRM software (or rootkit, if you may prefer) contains code from the LAME MP3 encoder project, which is licensed under the LGPL. However, the source code has not also been distrbuted, hence breaching the license.
November 15th, 2005 at 6:35 pm
Welcome To Planet Sony
Submitted by Dan Kaminsky on Tue, 2005-11-15 09:28.
Sony.
Sony has a rootkit.
The rootkit phones home.
Phoning home requires a DNS query.
DNS queries are cached.
Caches are externally testable (great paper, Luis!), provided you have a list of all the name servers out there.
It just so happens I have such a list, from the audits I’ve been running from http://deluvian.doxpara.com .
So what did I find?
Much, much more than I expected.
It now appears that at least 568,200 nameservers have
witnessed DNS queries related to the rootkit. How many hosts does this
correspond to? Only Sony (and First4Internet) knows…unsurprisingly,
they are not particularly communicative. But at that scale, it doesn’t
take much to make this a multi-million host, worm-scale Incident. The
process of discovering this has led to some significant advances in the
art of cache snooping. Here are some of the factors I’ve dealt with:
Just because you *request* the disabling of recursion, doesn’t mean
it’ll actually happen. A full 353,200 name servers had to be excluded
from the final tally because not only would recursive queries emit from
them whether or not they were desired, but they’d also notify their
neighbors of the results.
Low TTL names exist, and are rather difficult to catch by
cache snooping (they expire before you can find proof of life).
However, they may be hosted by names that last much longer –
updates.xcp-aurora.com has a lifespan of an hour, but xcp-aurora.com’s
NS link to resolver1.first4internet.co.uk will last 150,000 seconds.
Some hosts lie — captive portals, I’m looking at you. Simply
filtering TTL’s that are divisible by 100 has a way of eliminating most
of them; after that, you’re left with surprisingly few NS’s that lie
about IP.
I also have an IP->Geographic data, courtesy of Mike Schiffman’s libipgeo and the fine folks at IP2Location, who have a very impressive database. So, the first thing I did was geolocate the data. After dispensing with the raw stats gather…
What can I say? Pretty pictures. Ugly data, but pretty pictures!
USA
Asia
Europe
And the tool used to make this? Welcome To Planet Sony! (based on Partiview in general and the always awesome PlanetLab’s work in particular)
November 16th, 2005 at 1:17 pm
[…] It is now estimated that the Sony DRM rootkit virus has infected over 500,000 networks. Among the music CD’s that are spreading the virus is Neil Diamond’s latest release. So artists like Neil Diamond need to stop and think for a moment, “What will my loyal fans think when they play my music on their computer and suddenly they have a serious problem?” No matter who the artist is, I would consider holding them responsible along with Sony BMG. Artist, agent, over paid staff alike, someone should be thinking about the implications of screwing with the fans this way. […]
November 23rd, 2005 at 11:23 am
The big story the last few weeks has been the
Sony BMG rootkit and in fact, it’s the kind of story for which
columnists drool: a big company does something unbelievably dumb that
violates basic security principles. Many questions have arisen in my
mind over the past few weeks as I’ve watched this story unfold. I’d
like to share a few of them with you. If you have answers - or more
questions - email them to me at the byline link above.
How many corporate, government, military, and scientific
organizations will ban the use of any Sony CD now on any machine
connected to their networks?
How long until those bans extend to any copy-protected CD made by any music company?
How long until those bans extend to any music CD, period?
How many corporate, government, military, and scientific networks have been compromised by the Sony rootkit?
Have any security breaches occurred on a corporate, government, military, and scientific network due to the Sony rootkit?
What actions will Sony face as a result of any security breaches?
How would those corporate, government, and scientific organizations
have reacted if a group hostile to American interests had engaged in
the same security violations practiced by Sony?
Who did Sony rely on to do the shoddy development work on the ActiveX control used to “uninstall” the Sony rootkit?
Has anyone been damaged by the ActiveX control, which leaves PCs wide open to a variety of attacks?
When will Sony release a method for actually removing all traces of their rootkit from a PC?
Will that method further open up PCs to new security holes?
How many cheats, viruses, and Trojan Horses will use the Sony rootkit as cover for their own installation and actions?
Does anyone at Sony - either in management or IT - really have any understanding about security?
Did Sony ever bother to think through the ramifications of its rootkit?
Who made the decision at Sony to implement the First 4 Internet rootkit?
Is that person - or persons - facing sanctions? Demotion? Firing?
Has anyone sat down with Thomas Hesse, President at Sony BMG and
utterer of the line “Most people, I think, don’t even know what a
rootkit is, so why should they care about it?”, and explained to him
just how stupid his statement is?
How successful will the legal actions against Sony prove?
Are there any legal actions pending against First 4 Internet, the providers of the rootkit software Sony used?
Does anyone at First 4 Internet - a supposed technology company - really have any understanding about security?
If anyone at First 4 Internet does have a glimmer of understanding about security, do they care, or is money their only concern?
Why did Microsoft wait so long before adding Sony’s rootkit to its list of spyware to be removed by Windows Defender?
When did Microsoft first know about Sony’s rootkit?
If Microsoft knew about it prior to the 31 October disclosure by Mark Russinovich, why didn’t they act sooner?
When did other anti-virus and anti-spyware companies first know about Sony’s rootkit?
If those companies knew about it prior to the 31 October disclosure
by Mark Russinovich, why didn’t they act sooner? If they knew about it,
exactly why are we paying them?
Did Sony violate the GPL and LGPL by including code for the MP3 encoder LAME, and other GPL and LGPL code, in its rootkit?
If so, what are Sony and First 4 Internet planning to do to address
these LGPL and GPL violations? Open-source their viral rootkit?
Are any other retailers besides Amazon going to notify customers
that they have purchased one of the 52 Sony BMG titles known to contain
the rootkit, and offer a refund?
What effect will the entire Sony debacle have on other music labels using, or considering the use of, DRM on their CDs?
Are any members of the US Congress aware of the Sony rootkit saga, or are they asleep at the wheel?
If so, are any proposing legislation requiring CDs to clearly label
any DRM they may include? Or going one step further, and banning the
practice entirely?
How ironic is it that the actions of Sony’s music division have damaged the PCs made by Sony’s computer division?
Does anyone at Sony appreciate the irony?
How many music lovers will now turn to illegal file sharing
networks to acquire music, since their attempts to do so legally were
met by betrayal, apathy, and malice by the very company selling them
music?
Can you really blame the people who now turn to illegal file sharing?
Does Sony see the irony here?
Sony is offering to replace infected CDs with MP3s; what sorts of
restrictions do those MP3s have? And at what quality level were they
made?
How many problems are we going to see with Sony’s other DRM software made by Suncomm?
Will Sony amend its outrageous EULA, which contains provisions in it that are extreme and nonsensical?
How much have Sony’s sales suffered for all of its CDs? How much will sales suffer in the future?
Will consumers remember this episode? For the near future, will the words “Sony” and “rootkit” be linked in consumers’ minds?
Is Sony going to follow through on its promise to include DRM on all CDs put out by the company?
Will Sony follow any of the advice given to it by the EFF?
Did Sony learn anything from this future business school case
study, or is it just going to try to develop quote-unquote “better” DRM?
Will any other companies currently issuing DRM “protected” CDs learn anything from Sony’s mess?
Will the Sony rootkit incident lead any consumers to switch from
Windows to Mac OS X (which was also vulnerable to Sony malware, but not
as badly as Windows) or Linux (which wasn’t vulnerable at all)?
If consumers are unhappy with the Sony rootkit now, how will they
feel when they learn about the built-in copy protection found in
Windows Media? In future processors and the upcoming Windows Vista?
And finally, do companies have the right to take extreme measure,
to install software like the Sony rootkit, in order to protect their
business models?
FROM: SecurityFocus
February 3rd, 2006 at 11:56 am
[…] Sony has demonstrated the danger of DRM by spreading a virus, which is still in the wild. DRM not only limits the spread of information and enrichment of culture, but also jeopardizes the security of computer systems and networks. DRM is also a nightmare from a support point of view. Companies embracing DRM protected software often find themselves in trouble during an emergency. […]
February 3rd, 2006 at 11:56 am
[…] Sony has demonstrated the danger of DRM by spreading a virus, which is still in the wild. DRM not only limits the spread of information and enrichment of culture, but also jeopardizes the security of computer systems and networks. DRM is also a nightmare from a support point of view. Companies embracing DRM protected software often find themselves in trouble during an emergency. […]
February 3rd, 2006 at 12:21 pm
[…] Sony has demonstrated the danger of DRM by spreading a virus, which is still in the wild. DRM not only limits the spread of information and enrichment of culture, but also jeopardizes the security of computer systems and networks. DRM is also a nightmare from a support point of view. Companies embracing DRM protected software often find themselves in trouble during an emergency. […]