Tag: Privacy

I have good news and bad news about Sony’s other CD DRM technology, the SunnComm MediaMax system. (For those keeping score at home, Ed and I have written a lot recently about Sony’s XCP copy protection technology, but this post is about a separate system that Sony ships on other CDs.) I wrote last weekend…

Jeff Dwoskin and Alex Halderman have developed a simple tool that can immunize a Windows system against the dangerous CodeSupport ActiveX control that we have written about over the past few days. The immunization tool should disable CodeSupport if it is already on your system, and it should prevent any future reinstallation or reactivation of…

Earlier today Ed Felten and I reported a serious security hole opened by the uninstaller that Sony provides to users who want to remove the First4Internet copy protection software. Further testing has confirmed that computers remain vulnerable even after the uninstall process is complete. Sony’s web-based uninstaller is a three step process: You fill out…

[This post was co-written by J. Alex Halderman and Ed Felten.] Over the weekend a Finnish researcher named Muzzy noticed a potential vulnerability in the web-based uninstaller that Sony offers to users who want to remove the First4Internet XCP copy protection software. We took a detailed look at the software and discovered that it is…

Alex Halderman and I have confirmed that Sony’s Web-based XCP uninstallation utility exposes users to serious security risk. Under at least some circumstances, running Sony’s Web-based uninstaller opens a huge security hole on your computer. We have a working demonstration exploit. We are working furiously to nail down the details and will report our results…

Now that virus writers have started exploiting the rootkit built into Sony-BMG albums that utilize First4Internet’s XCP DRM (as I warned they would last week), Sony has at last agreed to temporarily stop shipping CDs containing the defective software: We stand by content protection technology as an important tool to protect our intellectual property rights…

Here’s a handy bag of tricks for people whose computers are (or might be) infected by the SonyBMG/First4Internet rootkit DRM. The instructions here draw heavily from research by Alex Halderman and Mark Russinovich. This DRM system operates only on recent versions of Windows. If you’re using MacOS or Linux, you have nothing to worry about…

Mark Russinovich has yet another great post on the now-notorious SonyBMG/First4Internet CD “copy protection” software. His conclusion: “Without exaggeration I can say that I’ve analyzed virulent forms of spyware/adware that provide more straightforward means of uninstall.” Here’s how the uninstall process works: The user somehow finds the obscure web page from which he can request…