American Green Inc (ERBB)

[docgfd]

http://www.slyck.com/news.php?story=1040

Sony-BMG – "Most people, I think, don't even know what a Rootkit is, so why should they care about it?"

Remember those words? They’re true. Most people didn’t know what a rootkit was. But Sony-BMG gave us all an excellent education on rootkits, spyware, and Digital Rights Management.

Sony-BMG’s XCP (Extended Copy Protection), designed by First4Internet, is a DRM scheme that prevents individuals from copying unlimited CDs. If an individual is unfortunate enough to have auto run enabled and agrees to the EULA, the XCP CD installs the DRM software. The only problem is the EULA doesn’t include all the specifics. It doesn’t state the DRM would be hidden on one’s machine, and it doesn’t articulate its removal process. In addition, those who are able to remove this software run the risk of damaging their machine. It’s also discovered that Sony-BMG’s proprietary music player “phones home” with information.

Not only did Sony-BMG break the trust with the consumer, it was discovered their copy protection scheme could be easily exploited by a malicious individual. Quite simply, the individual could name a virus identically to the XCP copy protection files. Since a rootkit file or folder is hidden by its very nature, most anti virus or spyware applications would be unable to discover the virus. It was soon discovered that Sony’s other copy protection software, Media Maxx, created by SunnComm, also suffered from easily exploitable vulnerabilities.

Sony-BMG has since been sued by Texas Attorney General Greg Abbott under the states new spyware law. The state of Texas finds that Sony-BMG used deceptive trade practices when they distributed CDs with MediaMax and XCP software.

Because of Sony-BMG’s fiasco, the future of the DRM has been cast into doubt and destroyed any credible argument against online piracy. Most of all, they betrayed the consumer.