Security

Something Pfishy at Sony?


Being the professionally paranoid individual anyone has to be if they started programming computers in the early 1960’s and is still in the field, not to mention having been a high-tech reporter since before IBM shipped the first IBM-PC, I have been watching the Sony DRM saga unfold with great interest.  After the second major security threat in Sony BMG music CDs appears in a very short period and just before the holiday season, I've begun to have some very nasty thoughts.

You'd have to be pretty incompetent if you were Sony and put these untested chunks of code in your expensive CDs, but you'd have to be a fool to sell Sony this malware and expect to stay in business for long, yet two companies appear to have done so.

Isn't it interesting that the rootkit malware and now the SunnComm MediaMax threat both appear just about the time people are thinking what a nice present it might make to cut a few mix CDs for friends and family?

The new MediaMax threat is particularly worrying because it will be installed on ANY PC which plays the “infected” CDs, EVEN if you decline to accept the EULA which is presented.

Now it would be a nice question trying to determine just how much North American business Sony BMG might loose in the short term from people hesitating to buy new CDs under that imprint, and then compare that potential loss to the potential savings from scaring the holy heck out of anyone who might consider loading any Sony music CD into their PC even to make a legitimate backup exclusively for their own use, let alone blocking any thoughts of making up a few gift mixes for the holidays.

Is it just me, or could this make economic sense? (I say North American because the software in the MediaMax case appears to be only in CDs sold to the U.S. and Canada.)

For further details about these two digital rights foul ups you can look to this week’s issue of my TechRepublic Locksmith Column which will run soon.

BTW, the original patch for this second DRM junk had a flaw. Somehow that sounds familiar too and all in all I ain't about to insert ANY music CD in my PCs for a while.