Back in December, I blogged about the Electronic Frontier Foundation's open letter to SunnComm, the makers of the MediaMax spyware that was automatically installed if you tried to play some Sony music CDs in your computer.
EFF presented a series of demands to SunnComm regarding steps it should take to undo the harm it had wrought on Sony customers. SunnComm has complied with EFF's demands:
SunnComm says it will ensure that future versions of MediaMax will not install when the user declines the end user license agreement (EULA) that appears when a CD is first inserted in a computer CD or DVD drive. SunnComm has also agreed to include uninstallers in all versions of MediaMax software, to submit all future versions to an independent security-testing firm for review, and to release to the public the results of the independent security testing. SunnComm and EFF are discussing how to ensure that legitimate security researchers who have been, are, or will be working to identify security problems with MediaMax will not be accused of copyright violations under the Digital Millennium Copyright Act (DMCA).Link (Thanks, Kurt!)
In January, SunnComm published a complete list of all music CDs that employ the MediaMax technology and sent a letter to the independent labels using MediaMax with information about a security vulnerability in MediaMax version 5. Music label Sony BMG has separately committed to addressing security concerns arising from CDs using MediaMax.
(Sony taproot graphic courtesy of Sevensheaven)