First4Internet, the makers of the rootkit DRM that has turned Sony into an infamous villain facing tens of millions in liability, have taken down their website and replaced it with a simple landing page with some contact info.
Link
Previous installments of the Sony Rootkit Roundup: Part I, Part II, Part III
(Cool Sony CD image courtesy of Collapsibletank)
Edward Vielmetti reports that his local library system in Ann Arbor, Michigan, is declaring a moratorium on buying CDs from Sony:
I've passed word on to our selectors not to buy any Sony/BMG copy-protected CDs for the forseeable future. Not only is this reprehensible, but we could get into some support nightmares if people try to remove the rootkit since it's gotten so much press.
— Read the rest
Jiri sez, "I've put together a table of what applies to which of the two Sony DRM thingies (XCP and MediaMax), in the style of a 'checklist feature comparison'. There have been quite a few reports about the two pieces of software, so I figured an 'at a glance' comparison chart might be useful to help keep things straight…"
Link
(Cool Sony CD image courtesy of Collapsibletank)
(Thanks, Jiri! — Read the rest
Fred sez, "Free Culture @ NYU is doing another DRM Demonstration. We'll be handing out flyers at Tower Records to notify consumers that even though Sony is recalling their particularly malicious XCP CDs, DRM is still on the shelves and very undead — Sony's dangerous DRM may just be the tip of the iceberg and the only way to prevent future similar fiascos is for consumers to stand up for their rights. — Read the rest
In addition to the XCP rootkit software that Sony installed on its customers' PCs without permission, Sony has also installed another malicious program called MediaMax, from Suncomm. MediaMax spies on your actions and reports on them to Sony, and the uninstaller they provided leaves your computer vulnerable to an attack where bad code on a web-page can compromise your control over your data, your Internet connection, your privacy and your PC. — Read the rest
Security researcher Ben Edelman has a provocative solution to the problem of notifying all the Sony customers who got infected with the company's rootkit DRM. Since the system has an auto-update feature, why not update it so that it shows all the infected users a warning message that advises them on how to uninstall the software safely and how to get their CDs replaced by Sony? — Read the rest
A very senior Microsoft employee has given a statement to the press disavowing Sony's use of technology that takes control away from users:
"A personal computer is called a personal computer because it's yours," said Andrew Moss, Microsoft's senior director of technical policy.
— Read the rest
EFF has launched a class-action suit against Sony over its DRM practices — now the company is facing at least seven suits!
The suit, to be filed in Los Angeles County Superior court, alleges that the XCP and SunnComm technologies have been installed on the computers of millions of unsuspecting music customers when they used their CDs on machines running the Windows operating system.
— Read the rest
Yee-haw! Texas Attorney General Greg Abbott has brought an anti-spyware lawsuit against Sony over its rootkit DRM:
"Sony has engaged in a technological version of cloak and dagger deceit against consumers by hiding secret files on their computers," said Attorney General Abbott.
— Read the rest
Today's Foxtrot comic strip really zings Sony over their rootkit DRM.
Link, Sony Rootkit Roundup Part I, Sony Rootkit Roundup Part II
(Thanks, boB and Kirsten!)
A high-placed source at Sony BMG has emailed me with some interesting information about the ongoing rootkit DRM fiasco. My source says,
Some of the top Sony BMG artists who had XCP placed on their CDs are complaining directly to the label heads, furious that it will hurt their relationship to their fans and their sales as they go into the massively important Christmas season.
— Read the rest
Mark sez, "This website tracks the class action lawsuits surrounding the Sony BMG Music Entertainment/First4Internet XCP Rootkit. Additionally, it offers information about how individuals who do not wish to wait for the class action can sue Sony in their local small claims court." — Read the rest
RIAA President Cary Sherman gave a recent college press-conference where he addressed Sony's rootkit fiasco (among other things — the whole trascript is worth reading for a quick visit to the planet greed). His take? Other companies do the same thing all the time! — Read the rest
Wow — Sony is not only offering to replace its rootkit CDs with non-rootkit CDs; they're also offering to provide MP3s of all the music on the CDs to the people who bought them. I wonder if the MP3s carry watermarks? — Read the rest
Here's the night's dispatches on the Sony rootkit fiasco:
Pre-order your I HEART ROOTKIT shirts today Link
Get a (partial?) list of Suncomm Mediamax-infected CDs from the "CD in Question" drop-down menu on this page. Link (Thanks, Claire!)
Ed Felten and Alex Halderman report that they're working with Suncomm to fix the Mediamax uninstaller, which currently leaves your computer is worse state than it started. — Read the rest
Last week, I wrote about Princeton DRM researcher Alex Halderman's work on Suncomm's MediaMax, a piece of malware that accompanies the XCP rootkit on many of Sony's DRM CDs. Like the rootkit, Suncomm's software spies on your music usage and finks you out to Sony without your knowledge and consent. — Read the rest
Genius DNS hacker Dan Kaminsky designed a research project that has produced a count of the number of networks that have been infected with the malicious rootkit Sony distributed with its audio CDs: over 500,000 networks contain at least one infected machine. — Read the rest
See Part II, Part III, Part IV, Part V and Part VI of this post for more.
Since Hallowe'en, we've been posting the details about he revelations relating to Sony's DRM systems, which show jaw-dropping contempt for their customers, for copyright law, for fair trading and for the public interest. — Read the rest
On the Freedom to Tinker blog, DRM researcher par excellence J. Alex Halderman dissects a second variety of malicious software that purchasers of Sony music CDs can be infected with. Sony not only uses the now-infamous First4Internet rootkit, but also uses a second piece of malicious software from Suncomm, the less-well-known but still-dangerous MediaMax. — Read the rest
Sony got caught installing malicious rootkits on music-buyers' computers as part of a misbegotten DRM system for CDs. These pose a terrible security risk and couldn't be uninstalled without killing Windows. Now Sony has issued a patch to kill the rootkit, in which they lie about the danger it posed:
SOFTWARE UPDATES/ PLUG-INS
November 2, 2005 – This Service Pack removes the cloaking technology component that has been recently discussed in a number of articles published regarding the XCP Technology used on SONY BMG content protected CDs.
— Read the rest