The Texas Attorney General has been testing XCP, the rootkit that Sony BMG infected its customers' computers with last year (they were trying to stop their customers from making copies of the CDs they purchased). The AG's office has determined that the Sony rootkit, when combined with standard AOL software, could disable your CD drive entirely:
A glitch in the XCP DRM technology meant that anti-spyware features in AOL's Safety and Security Centre software and PestPatrol software could have tried to disable the CD-ROM's configuration.
— Read the rest
The UK All Party Parliamentary Internet Group has published a paper on DRM today that makes a number of very progressive recommendations on DRM in British law. The APPIG solicited public comments, and the UK Open Rights Group submitted a long, detailed set of recommendations on how to make Britain safe from copy-restriction technology. — Read the rest
A new proposed set of amendments to the US's loathsome DMCA — the 1998 copyright that paves the way to censorship, arresting security researchers, and creating monopolies for entertainment and DRM companies — will make the law even worse. The Department of Justice has proposed the amendments to Congress, and IPac and others have action-pages up that will help you fight them. — Read the rest
Here's the sixth installment of the Sony DRM Debacle, tracing the history of all the misdeeds committed by Sony when it covertly installed malicious software on millions of music fans' PCs in order to restrict their ability to make lawful copies of their music. — Read the rest
Canadians whose PCs were infected by the malicious software Sony deliberately included on its music CDs have launched another class-action suit against the company.
Sony BMG was outed on October 31, 2005, for including anti-copying software that employed "rootkits," a technique that made it impossible for users to uninstall without damaging their Windows installation, and which opened them to new security vulnerabilities. — Read the rest
Norm sez, "I am in the midst of a 'haiku essay' project: each essay is exactly 99 words long, plus one for the title. With the Sony Rootkit, ubiquitous DRM and plugging the analog hole on everyone's minds, I took this opportunity to make the fair use case in 99 words." — Read the rest
CRIA, the Canadian equivalent of the RIAA has produced a push-poll on copyright for the Canadian election. Michael Geist expertly deconstructs it in his latest blog post:
The more interesting (or headline grabbing) data will involve the views on stronger copyright laws.
— Read the rest
On today's edition of the NPR News program "Day to Day," I spoke with host Farai Chideya about the most shameful moments in technology news this past year.
Many of those low points will be familar to Boing Boing readers: Yahoo's role in the imprisonment of Chinese journalist Shi Tao, the Sony rootkit debacle extended dance remix, and Apple versus bloggers, to name but three. — Read the rest
Snipped from a reader testimony on Consumerist:
I just got back from the Sony Style store in the Westchester mall, (White Plains, NY) and I saw that the had many CDs in the shelves that had the XCP rootkits.
I asked the manager about this and they said they were, and I quote, "still allowed to sell them".
— Read the rest
Here's the last 2005 installment of the Sony DRM Debacle, posted moments before I leave on vacation — tune in after Jan 1 to see what new disasters Sony can create for itself by deploying technology that punishes people who buy its products instead of downloading them from P2P networks. — Read the rest
EFF has published an open letter to Sunncomm, one of the DRM arms-dealers that provided malicious anti-customer software to Sony, the use of which has resulted in lawsuits being filed against Sony by music fans whose computers were infected with Suncomm's spyware. — Read the rest
This morning, I blogged about a bug that EFF discovered in the Mediamax spyware that Sony includes on 50 of the CDs it releases in Canada and the US. EFF got Sony to release a bug-fix for it, but it turns out that the uninstaller leaves your computer more insecure than the bug! — Read the rest
EFF commissioned a research firm to investigate security vulnerabilities caused by the Suncomm Mediamax spyware, which Sony has included on some 50 CDs, and forced them to release a fix for the vulnerabilities:
The security issue involves a file folder installed on users' computers by the MediaMax software that could allow malicious third parties who have localized, lower-privilege access to gain control over a consumer's computer running the Windows operating system.
— Read the rest
Damien Kulash, the lead singer for the band OK Go, has a great editorial in the NYTimes today, describing why DRM systems are bad for artists:
Tech-savvy fans won't go to the trouble of buying a strings-attached record when they can get a better version free.
— Read the rest
Thirty seven days after Sony was outed for including a rootkit (a piece of software that hides itself from the Windows filesystem and process manager, and allows viruses to opportunistically do the same) they've finally released an uninstaller that you can download and run on your own computer (previous uninstallers ran from the Web and left you computer vulnerable to total takeover through simple attacks like embedding malicious code in web-pages). — Read the rest
Gisela sez, "I got tired of waiting for someone else to start the 'No Xmas for Sony' thing, so I opted to do it myself. There is an image that I have taken up using in my sig files around the Internet, linking it to Mark Russinovich's blog on the Sony rootkit debacle. — Read the rest
BusinessWeek reports that Sony knew on Oct 4 that its DRM system was built on rootkits and exposed its customers to danger of opportunistic infections from other malicious programs. The story wasn't made public until Oct 31, and Sony didn't recall its infected CDs until 11 — five and half weeks later. — Read the rest
New York Attorney General is making threatening noises over Sony's rootkit DRM. There are still CDs infected with the malicious software in his jurisdiction and a spokesperson for his office says that he is "looking into" a lawsuit against Sony. The Texas AG has already announced a lawsuit under his state's anti-spyware law, seeking $100K per CD. — Read the rest
Many Sony CDs install a piece of spyware on listeners' PCs. The program, called MediaMax, from SunComm, has received less attention than the rootkit that made headlines on Hallowe'en, but it is even sneakier, in some ways, than the rootkit was. — Read the rest
Programmers on Sony's less-known DRM, a piece of spyware called MediaMax from a company called Suncomm, posted messages to newsgroups asking for help with their technology. Earlier today I blogged two other exchanges from the authors of the Sony rootkit DRM, First4Internet. — Read the rest