Tag: Security
-
G-Men Called on W-Hats for WMVD
[Despite our recent focus on the SonyBMG CD flap, our mandate here at Freedom to Tinker covers infotech and policy generally. So I hope any Sonymaniacs in the audience will forgive me for posting about something else today. (If you need a Sony fix, Bruce Hayden can help.) Regularly scheduled Sony-related programming will resume next…
-
Make Your Own Copy-Protected CD with Passive Protection
Here’s a great gift idea just in time for the holidays: Make your friends and relatives their very own copy-protected CDs using the same industrial-grade passive protection technology built into XCP and Macrovision discs. Passive protection exploits subtle differences between the way computers read CDs and the way ordinary CD players do. By changing the…
-
Inside the MediaMax Prospectus
Bruce Hayden writes that MediaMax, the company associated with the CD-borne spyware product that Sony has not yet recalled, recently filed a prospectus with the SEC in connection with an upcoming stock offering. In the prospectus, the company is required to describe truthfully its business plans and associated risks. MediaMax’s prospectus is a window into…
-
CD Copy Protection: The Road to Spyware
Advocates of DRM (copy protection) have been keeping their heads down lately, while they try to figure out what went wrong in the SonyBMG DRM spyware fiasco. No doubt they’ll try to explain it away as an anomaly – just a little speed bump on the road to the effective, unobtrusive DRM future that they’re…
-
Not Just Another Buggy Program
Was anybody surprised at Tuesday’s announcement that the MediaMax copy protection software on Sony CDs had a serious security flaw? I sure wasn’t. The folks at iSEC Partners were clever to find the flaw, and the details they uncovered were interesting, but it was pretty predictable that a problem like this would turn up. Security…
-
MediaMax Bug Found; Patch Issued; Patch Suffers from Same Bug
iSEC, EFF, and SonyBMG issued a joint press release yesterday, announcing yet another serious security bug in the SunnComm MediaMax copy protection software that ships on many SonyBMG compact discs. (SonyBMG has recalled CDs that use another copy protection system, XCP, but they have not yet recalled discs containing MediaMax.) As we’ve written before, the…
-
DRM, Incompatibility, and Market Power: A Visit to the Sausage Factory
Yesterday Alex wrote about how SonyBMG’s XCP CD copy protection software includes a feature – apparently built on illegally copied open-source code – to translate music files into the FairPlay format used by Apple’s iTunes and iPod, but the feature was not exposed to users. The details are interesting. But equally interesting, I think, is…
-
Hidden Feature in Sony DRM Uses Open Source Code to Add Apple DRM
For weeks, the blogosphere has been abuzz with tales of intrigue about Sony’s XCP copy protection system. Among the strangest revelations was that XCP itself infringes on the copyrights to several open source software projects. In one case, Sam Hocevar found conclusive evidence that part of XCP’s code was copied from a program called DRMS,…
-
The DMCA Should Not Protect Spyware
Yesterday was the deadline to submit requests for limited exemptions from the DMCA’s ban on circumvention of access control technologies. This happens every three years. Alex Halderman and I submitted a request, asking for an exemption that would allow the circumvention of compact disk copy protection technologies that have certain spyware-ish features or create security…
-
Sony, First4 Knew About Rootkit Issue in Advance
Security vendor F-Secure contacted SonyBMG and First4Internet about the companies’ rootkit software on October 4 – about four weeks before the issue became public – according to a Business Week story by Steve Hamm. Here’s the key part of the article’s chronology: Nevertheless, Sony BMG asked First4Internet to investigate. Both Sony BMG and F-Secure say…