Tag: CD Copy Protection
-
Hidden Feature in Sony DRM Uses Open Source Code to Add Apple DRM
For weeks, the blogosphere has been abuzz with tales of intrigue about Sony’s XCP copy protection system. Among the strangest revelations was that XCP itself infringes on the copyrights to several open source software projects. In one case, Sam Hocevar found conclusive evidence that part of XCP’s code was copied from a program called DRMS,…
-
The DMCA Should Not Protect Spyware
Yesterday was the deadline to submit requests for limited exemptions from the DMCA’s ban on circumvention of access control technologies. This happens every three years. Alex Halderman and I submitted a request, asking for an exemption that would allow the circumvention of compact disk copy protection technologies that have certain spyware-ish features or create security…
-
Sony, First4 Knew About Rootkit Issue in Advance
Security vendor F-Secure contacted SonyBMG and First4Internet about the companies’ rootkit software on October 4 – about four weeks before the issue became public – according to a Business Week story by Steve Hamm. Here’s the key part of the article’s chronology: Nevertheless, Sony BMG asked First4Internet to investigate. Both Sony BMG and F-Secure say…
-
MediaMax Permanently Installs and Runs Unwanted Software, Even If User Declines EULA
In an earlier post I described how MediaMax, a CD DRM system used by Sony-BMG and other record labels, behaves like spyware. (MediaMax is not the same as XCP, the technology that Sony-BMG has recalled; Sony-BMG is still shipping MediaMax discs.) MediaMax phones home whenever you play a protected CD, automatically installs over 12 MB…
-
What Does MediaMax Accomplish?
I wrote yesterday about the security risks imposed by the SunnComm MediaMax copy protection technology that ships on some Sony CDs. (This is not to be confused with the XCP technology that Sony recalled.) MediaMax advocates may argue that it’s okay to impose these security risks on users, because MediaMax effectively prevents copying of music.…
-
More Suits Filed; MediaMax Insecurity Remains
Yesterday two lawsuits were filed against Sony, by the Texas Attorney General and the EFF. The Texas suit claims that Sony’s XCP technology violates the state’s spyware law. The EFF suit claims that two Sony technologies, XCP and MediaMax, both violate various state laws. One interesting aspect of the EFF suit is its emphasis on…
-
Does Sony's Copy Protection Infringe Copyrights?
The Sony copy protection debacle has so many angles that the mainstream press is having trouble keeping track of them all. The rootkit. The spyware. The other spyware. The big security hole. The other big security hole. It’s not surprising, then, that at least one important angle has gone nearly undiscussed in the mainstream press:…
-
Not Again! Uninstaller for Other Sony DRM Also Opens Huge Security Hole
I have good news and bad news about Sony’s other CD DRM technology, the SunnComm MediaMax system. (For those keeping score at home, Ed and I have written a lot recently about Sony’s XCP copy protection technology, but this post is about a separate system that Sony ships on other CDs.) I wrote last weekend…
-
Immunize Yourself Against Sony's Dangerous Uninstaller
Jeff Dwoskin and Alex Halderman have developed a simple tool that can immunize a Windows system against the dangerous CodeSupport ActiveX control that we have written about over the past few days. The immunization tool should disable CodeSupport if it is already on your system, and it should prevent any future reinstallation or reactivation of…
-
Update: Sony Uninstaller Hole Stays Open
Earlier today Ed Felten and I reported a serious security hole opened by the uninstaller that Sony provides to users who want to remove the First4Internet copy protection software. Further testing has confirmed that computers remain vulnerable even after the uninstall process is complete. Sony’s web-based uninstaller is a three step process: You fill out…