Sony, once a great product company has given us yet another reason not to buy music CDs anymore. These days Sony seems to be a struggling company spread too thin and having no direction. Sony in recent years has slipped, especially in consumer electronics development. Sony has had to watch Samsung and LG pass them by in this vital area. Seems one bad decision after another has plagued this once great company.

Well to get to my point of this post, you may have heard by now Sony has created a PR mess that will lead to lawsuits, consumer mistrust, and a recall of millions of CDs by playing around with Digital Rights Management (DRM) on music CDs. There are some 52 CDs in the Sony/BMG catalog that are affected. This may be a side effect of a desperate company no longer feeling like they can compete with iTunes/iPod and other devices.

What happens is when you go to play the CD you paid for, in a Windows computer a EULA (End User License Agreement) pops up and asks you to accept it before you can simply play the CD. If you are crazy enough to agree to the EULA, the CD will then install a “malware” called a Rootkit on your machine. Sony’s license agreement is vague about what it’s installing and implies that it can be easily disabled. It cannot. This not only is spyware, but it opens your computer to all sorts of security problems. The Rootkit is basically a DRM Trojan horse installed on your PC. This mainly affects Windows computers, but there have been reports of a Mac version of the Rootkit but I have not seen any confirmed cases.

The public should no longer trust Sony in my opinion. Sony seemed to try everything they could to hide what they were doing. They even tried to patch the Rootkit so it was harder to remove at one point. They claimed it was not spyware, but there is now proof that the “malware” was “phoning” home. Basically, it was telling Sony over the net what songs you were playing. Trying to remove this Rootkit manually is problematic and can actually ruin your CD drive so it will not play anymore.

The biggest problem is that once your computer is infected, hackers can take advantage of this Rootkit by hiding malware on your machine that will not be detected even by spyware scanners and viruses scanners.

Sony actually deployed “real” hacker tools and then tried to hide what they did. There are several lawsuits already filed against Sony and good chance more will follow. Seems along with this misguided act they even used what appears to be some code that belongs to the LAME MP3 codec and some open source code protected under the GPL.

Sony now finally, after trying to “spin”, has no choice but to recall all the CDs infected with this DRM nightmare. Amazon to their credit, has been sending out emails to people who bought these CDs declaring them defective and offering refunds.

The problem is there may be a few million computers that are now infected. Their owners maybe totally unaware they have an infected machine that “hackers” have already been exploiting with at least two confirmed “hacks” to people’s computers taking advantage of Sony’s Rootkit. If you have ever seen anything like this EULA when trying to play a CD, you must get the now available removal tools and rectify the problem. Here is a list of the infected CDs. Sony has started an exchange program on their website.

My advice is not buy CDs that include DRM. The Fair Use laws allow for people buying a CD to be able to play the CD on more than one device. You should be allowed to “rip” a CD to put on your iPod or another MP3 player without restriction. All this DRM does is make criminals out of “PAYING” customers! I will never buy a CD with any DRM on it. This sort of copy protection is not designed to protect against pirating pros. That is not really possible and Sony knows this. Let’s face it if you can play it… it can be copied. All this does is making paying customers inconvenienced. Makes little business sense. But until Sony and others feel it in the pocket this practice will continue.

Sony has now posted a patch to “alleviate any concerns that users may have about the program posing potential security vulnerabilities,” so they say. By installing the Sony patch, users will STILL not be able to remove the copy protection software, called XPC, but the patch will make it visible to third-party system tools and antivirus software. Great. You would think they would remove it for you. Sony claims on their website to be working on a removal tool, but none has appeared from them yet!

You can also use Sysinternals’ Rootkit Revealer or F-Secure’s Blacklight to find the Rootkit – look for $sys$ – but DO NOT remove it or you’ll loose access to your CD-ROM drive. Some have reported success removing the Rootkit with Microsoft’s AntiSpyware.

Just another reason NOT to buy CDs anymore. I feel sorry for the Sony artists. I hope many of them will reconsider their contracts with Sony/BMG. With iTunes and the web, there is a good distribution model for them so they do not need Sony/BMG. Seems Sony can not compete with the iTunes Music Store and the iPod in the market place so they will try this malware DRM method. This sure was not going to stop the real pirates!

I am ashamed of being a Sony factory trained technician. Shame on you Sony, a ONCE great company!

    | Tags: DRM, rootkit, sony, spyware