|FROM ||Ruben Safir
|SUBJECT ||Re: [NYLXS - HANGOUT] Sony Ships Sneaky DRM Software
|From owner-hangout-at-mrbrklyn.com Thu Nov 3 01:49:29 2005
Received: from www2.mrbrklyn.com (localhost [127.0.0.1])
by www2.mrbrklyn.com (8.13.1/8.13.1/SuSE Linux 0.7) with ESMTP id jA36nR7W004384
for ; Thu, 3 Nov 2005 01:49:29 -0500
Received: (from majordomo-at-localhost)
by www2.mrbrklyn.com (8.13.1/8.13.1/Submit) id jA36nR0N004383
for hangout-outgoings; Thu, 3 Nov 2005 01:49:27 -0500
X-Authentication-Warning: www2.mrbrklyn.com: majordomo set sender to owner-hangout-at-nylxs.com using -f
Received: from stat29.mrbrklyn.com (stat29.mrbrklyn.com [10.0.0.35])
by www2.mrbrklyn.com (8.13.1/8.13.1/SuSE Linux 0.7) with ESMTP id jA36nNkr004379;
Thu, 3 Nov 2005 01:49:26 -0500
Subject: Re: [NYLXS - HANGOUT] Sony Ships Sneaky DRM Software
From: Ruben Safir
To: Evan Inker
Content-Type: text/plain; charset=iso-8859-1
Organization: Brooklyn Linux Solutions
X-Mailer: Ximian Evolution 1.4.4
Date: Thu, 03 Nov 2005 01:52:20 -0500
Wednesday, November 2, 2005 · Last updated 8:23 p.m. PT
Sony unit to distribute software patch
By MATTHEW FORDAHL
AP TECHNOLOGY WRITER
SAN JOSE, Calif. -- After a chorus of criticism, Sony Corp.'s music
division said Wednesday it is distributing a free software patch to
reveal hidden files that automatically installed to hard drives when
some of its music CDs were played on personal computers.
The offending technology was designed to thwart music piracy.
Sony BMG Music Entertainment and its partner, UK-based First 4 Internet,
said they decided to offer the patch as a precaution, not because of any
security vulnerability, which some critics had alleged.
"What we decided to do is take extra precautionary steps to allay any
fears," said Mathew Gilliat-Smith, First 4 Internet's CEO. "There should
be no concern here."
The controversy started Monday after Windows expert Mark Russinovich
posted a Web log report on how he found hidden files on his PC after
playing a Van Zant CD. He also said it disabled his CD drive after he
tried to manually remove it.
Russinovich made the discovery while running a program he had written
for uncovering file-cloaking "RootKits." In this case, the Sony program
hid the antipiracy software from view. Similar technology also has been
used by virus and worm writers to conceal their code.
Click Here!Click Here!
A firestorm quickly erupted over what appeared to be an attempt by the
music company to retain control over its intellectual property by
secretly installing hidden software on the PCs of unsuspecting
Making matters worse, Sony did not disclose exactly what it was doing in
its license agreement, Russinovich said. It only mentions that
proprietary software to enable copy protection would be installed. The
software affects only PCs running the Windows operating system.
"The (license) makes no mention that it's going to install something
that's going to be hidden from view, that will constantly consume CPU
resources even if I'm not listening to music and it will have no
uninstall capability," he said.
Because the technology looks for a specific prefix in the filename, it
also could be used by malware authors to mask their programs,
Russinovich said. There's also the question of how a PC user is supposed
to maintain a system that runs hidden programs.
"If you've got software on your computer that you can't see, there's no
way for you to manage it from a security point of view," he said. "You
don't know if you need updates for it. You don't know if you should
uninstall it because you don't know it's even there."
Though there are no known problems with software, that could change and
leave millions of unsuspecting PC users at risk of having their machines
taken over by malware, said Ero Carrera, a researcher at F-Secure, a
computer security firm.
"The code of the application is not exactly well done," he said. "I
would tend to believe there are people already working on finding
The copy protection technology, which limits how many times a CD can be
copied, was included on about 20 titles, including discs from The Bad
Plus and Vivian Green, among others.
Gilliat-Smith and Sony BMG spokesman John McKay said the technology had
been on the market for about eight months and there had been no major
complaints prior to Russinovich's blog post. Still, a newer, similar
technology was in the process of rolling out before the latest
The patches that reveal the hidden files are being made available to
antivirus companies as well as customers who visit the Sony BMG site.
They do not remove the copy protection software, however.
McKay said customers can request a program to safely uninstall
everything by visiting the Sony BMG Web site at http://cp.sonybmg.com.
That site, however, requires a form to be filled out and submitted.
In a test of the form late Wednesday, an e-mail confirming receipt was
quickly returned by Sony BMG customer service, but it included no
instructions on how to remove the software. The message promised another
The process is unlike the vast majority of Windows software, which can
be easily uninstalled - by the user, without permission - through the
"Add or Remove Programs" tool in the operating system's control panel.
The controversy highlights the need for rules as to what content
providers can and can't install on PCs to protect their property, said
Russinovich, who is co-founder and chief software architect at
Winternals Software, which specializes in advanced systems software for
"We need to get some formality about what's legal, what's ethical and
what's fair - and what level of disclosure there needs to be," he said.
"It's fine for Sony to say we're not going to do that now. What kind of
guarantee do we have they're not going to do it at a future date or that
other companies are not going to do this?"
On Wed, 2005-11-02 at 13:25, Inker, Evan wrote:
> Sony Ships Sneaky DRM Software
> Music giant uses spyware and virus writers' techniques to prevent
> unauthorized music copying.
> Robert McMillan, IDG News Service
> Tuesday, November 01, 2005
> SAN FRANCISCO -- Mark Russinovich couldn't understand how the rootkit had
> sneaked onto his system. An expert on the internals of the Windows operating
> system, he was careful when it came to computer security and generally had a
> pretty good idea of what was running on his PC at any given time. And yet
> the security tool he was using to check his PC was pretty clear: It had
> found the rootkit cloaking software typically used by virus and spyware
> After a bit of detective work, Russinovich eventually tracked down the
> source: a Sony BMG Music Entertainment CD titled Get Right with the Man,
> performed by country music duo Donnie and Johnny Van Zant.
> It turns out that Sony is using techniques normally seen only in spyware and
> computer viruses in order to restrict the unauthorized copying of some of
> its music CDs. Sony's software, licensed by Sony from a Banbury, UK, company
> called First 4 Internet, has become the basis of a dispute that once again
> pits computer advocates against an entertainment company experimenting with
> new ways to prevent the unauthorized copying of its products.
> Sony Says Copy Protection
> Sony has been using First 4's XCP (Extended Copy Protection) software since
> early 2005 as a copy protection mechanism for some of its music CDs,
> according to Sony spokesperson John McKay. He could not say how many of
> Sony's CDs currently use the XCP software, but he said it is one of two
> digital rights management products used by the company. The other is
> SunnComm's MediaMax software, he said.
> The XCP software prevents users from making more than three backup copies of
> any CD, and Sony puts an XCP notification on the back of CDs that use the
> mechanism, according to Mathew Gilliat-Smith, First 4's chief executive
> Although the Van Zant CD software came with an end user license agreement
> (EULA) informing him that he would be installing software that would reside
> on his PC until removed, Russinovich, who works as chief software architect
> with systems software company Winternals Software, said he never expected to
> be installing a product that would then prove to be virtually undetectable
> and extremely difficult to remove.
> Sony's McKay believes that the disclosures in the license agreement are
> adequate. "I think the EULA's pretty clear about what it is," he said. "The
> reason why consumers have really high acceptance levels of these
> content-protected discs is because they have the functionality that people
> The First 4 software does nothing malicious and can be uninstalled, should
> the user want to remove it, McKay said.
> That uninstall process is not exactly straightforward, however, and cannot
> be done through the Add or Remove Programs utility in the Windows control
> panel. When asked for instructions on how to uninstall the software, McKay
> directed the IDG News Service to a section of the Sonybmg.com Web site where
> users could ask Sony customer support for uninstall directions.
> Who Controls Your PC?
> Although many computer users may not care much about the finer points of
> EULAs, people like Russinovich say Sony's software calls a more important
> issue into question: Who gets to have control over your computer?
> "When something like this installs and doesn't advertise itself, you've lost
> control of your own computer," he said. "And the EULA description that
> they've presented doesn't let you make an educated decision about whether
> you'd want this installed or not."
> Ironically, the invasiveness of the XCP software punishes users who pay for
> their music, said Fred von Lohmann, staff attorney with the Electronic
> Frontier Foundation, a digital rights advocacy organization based in San
> Francisco. "They are installing software in a way that makes it very
> difficult for you to know what was installed and makes it very difficult to
> uninstall it. And, worst of all, the software is not very well written," he
> said. "I think most computer users will find that to be very outrageous."
> Lawyers might also be interested in the software, von Lohmann said. The EFF
> attorney said a lawsuit was conceivable. "Sony is using a piece of your
> computer in a way that you didn't expect or authorize," he said. "Depending
> on how clearly this was disclosed, some consumers may be able to make an
> argument that this is actually an unauthorized intrusion," he said. "It's
> not beyond the realm of possibility that Sony BMG could be liable for this."
> In 2001 the other provider of Sony copy protection software, SunnComm, was
> involved in a lawsuit that alleged that the company's software, which was
> then being used by Music City Records, did not adequately notify consumers
> of its capabilities.
> In the long term, Sony appears to be moving away from the techniques that
> have incensed Russinovich.
> First 4's Mathew Gilliat-Smith said his company has spent the last month
> developing a new version of the XCP software that does not use the
> controversial rootkit techniques. "We won't use the same methodology that
> makes the software hidden in the way that people are concerned about," he
> Neither Gilliat-Smith nor Sony's McKay could say when this new software
> would begin appearing in Sony's products or how many existing titles were
> shipping with the XCP software.
> "This is a legitimate technology that we've been charged to produce,"
> Gilliat-Smith said. "People who aren't comfortable with the technology can
> apply to have the software removed."
> This message contains confidential information and is intended only
> for the individual or entity named. If you are not the named addressee
> you should not disseminate, distribute or copy this e-mail.
> Please notify the sender immediately by e-mail if you have received
> this e-mail by mistake and delete this e-mail from your system.
> E-mail transmission cannot be guaranteed to be secure or error-free
> as information could be intercepted, corrupted, lost, destroyed, arrive
> late or incomplete, or contain viruses. The sender therefore does not
> accept liability for any errors or omissions in the contents of this
> message which arise as a result of e-mail transmission.
> If verification is required please request a hard-copy version.
> This message is provided for informational purposes and should not
> be construed as an invitation or offer to buy or sell any securities or
> related financial instruments.
> GAM operates in many jurisdictions and is
> regulated or licensed in those jurisdictions as required.