Security

Sony Digs Another Hole With ‘Overeager’ DRM Placement

Sony BMG’s overzealous moves to insert digital rights management into its music CDs is causing the company more trouble.

The Electronic Frontier Foundation, the non-profit Internet rights group, said that software Sony embedded into 27 CD titles on sale in the United States and Canada opens a hole through which hackers can take control of a PC running Windows. The word came yesterday in the form of an announcement that SunnComm, the makers of the DRM software, were publishing a software update to plug the hole.

No Way to Know

MediaMax Version 5 installs itself without notice on PCs when consumers try to play the Sony CDs.

“The problem with digital rights management is when you try to be very, very overeager in your implementation,” Michael Gartenberg, vice president and research director, Jupiter Media, told TechNewsWorld. “Apparently Sony has gone way overboard and annoyed their user base.”

Gartenberg said Sony could ill afford the bad publicity the misstep had garnered.

“It’s turned into a P.R. nightmare and a fiasco. In the short term, they’ve been tarnished at a time when they’re way behind in perception of who’s leading in the digital music industry,” he said.

Double Trouble

The news is especially damaging because this is the second time in two months that the company has had to face consumers with news of security flaws in its DRM software. Last month, developer and author Mark Russinovich wrote in his blog that DRM protected CDs from Sony, when played on a PC, install DRM software from First 4 Internet that hides itself on the PC’s hard drive. Sony then released a patch that unveils the software, but uninstalling it completely required the consumer to contact Sony customer service. Security analysts had said that virus writers could use the software, masked by rootkit technology, to sneak in malware that would also be hidden.

“The part that people have the objection to is that Sony has done this without telling consumers,” Gartenberg said. While he said that consumers might not all be techno-geeks, they certainly understand when they try to play a CD on their computer and it doesn’t work or it causes other problems.

Sony has said it will begin a campaign to alert consumers to the potential danger of the CDs and tell them how to find and download the security plug.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Technewsworld Channels