A View From The Handbasket

Tuesday, November 15, 2005
Sony shoots self in foot, then sticks it in a bucket of salt, then sets fire to own head
Posted by neros_fiddle at 4:25 PM
This is the story that keeps on giving. Visit the ever-expanding Fiddle Archives for more details, but in short: First Sony puts amazingly evil copy-protection on around 20 CD releases, which includes "rootkit" software that compromises the Windows kernel and is considered malware by everyone except Sony. Finally, Sony relents and allows users (after surrendering all sorts of personal information) to apply a "patch" that replaces the evil copy-protection with merely intolerable copy-protection. Then, as the news breaks that half a million networks are infected with this software, Sony sheepishly announces a recall and exchange program.

But just when Sony thinks a corner has been turned, an oncoming truck appears:

A patch that Sony issued a week ago when virus writers began taking advantage of the software's file-hiding capabilities actually introduces serious new security risks onto the user's machine, according to research released today by Princeton University computer science professor Edward Felten.

The Sony Web page where users can download the removal patch installs a program that remains on the user's PC even after removal tool has done its job, Felten said. And because of the way the tool is configured, he said, it allows any Web page that the user subsequently visits to download, install and run any code that it likes.

Great leapin' Trojans.

In spite of all this, Sony (along with EMI) is still planning to copy-protect every title they release in 2006. On the list of ways to drive the final nail into the music industry's coffin, that ranks right at the top. Driven mad with fear by the spectre of internet piracy, the music industry is killing itself rather than face the problem, as its customers and artists look on in wide-eyed astonishment.

(All links harvested from Slashdot.)

10 comments on this post