Posted on 11/11/2005 5:45:59 PM PST by Panerai
Sony BMG Music Entertainment said Friday that it will suspend production of CDs with copy-protection technology that has been exploited by virus writers to try to hide their malicious code on PCs.
The decision by the music label comes after 10 days of controversy around the technology, which is designed to limit the number of copies that can be made of the CD and to prevent a computer user from making unprotected MP3s of the music.
Security experts blasted the technology because it uses "rootkit" techniques to hide itself on hard drives and could be used by virus writers to make their malicious code invisible. The first remote-control Trojan horses that took advantage of the cloak provided by Sony BMG surfaced this week.
"We are aware that a computer virus is circulating that may affect computers with XCP content protection software," the record label said in a statement Friday. "We stand by content protection technology as an important tool to protect our intellectual property rights and those of our artists. Nonetheless, as a precautionary measure, Sony BMG is temporarily suspending the manufacture of CDs containing XCP technology."
The company said it is not halting production of all discs that contain additional copy-protection technologies. It also uses antipiracy technology from SunnComm and will keep manufacturing CDs carrying that software, a Sony BMG representative said.
(Excerpt) Read more at news.com.com ...
Scumbags - let's see them collect the bag of feathers they just threw to the wind.
> ... as a precautionary measure, Sony BMG is temporarily suspending ...
But the real damage is already done ...
... not the cracker exploits tho ...
... the class-action lawsuits.
The sharksuits are in the water, and they smell blood.
Have any of the mainstream commercial anti-virus and/or
anti-spyware suppliers yet provided detection for the
Sone code that actually treats it like the malware it is?
Just return Sony CDs as unplayable. Apparently they won't play without installing malwar on your computer.
Sony is scared and they should be.
What I haven't seen on these threads are the downloading is worse than nuclear war freaks defending the actions of Sony. I wonder why?
How about "You should buy CD's rather than downloading, because downloading might give you a virus?"
Sony's business model is based on 1940's technology... which isn't gonna work today.
They'd love to slap a $10 per blank CD / DVD on every one sold, like they did the DAT tapes.
lol
Am I mistaken in believing that a STOREBOUGHT protected CD will install the malware, not an MP3 rip? Never heard of an MP3 spreading a virus, as it is (afaik) an inert app.
APf
There is a reason that the DAT format was never popular.
"There is a reason that the DAT format was never popular."
The $10 per tape surcharge didn't help....
WMA's can certainly do bad things, and there may be some software which can be 'taken over' by a deliberately-malformed MP3 that causes a buffer overflow (BTW, how hard would it be for a C compiler NOT to store auto variables on the same stack as the execution pointer?) but there is no way that an MP3 which is structurally valid can install any sort of malware, and it is possible for software to analyze an MP3 and determine its validity.
The problem is that by buying and using the CD as intended by Sony will open up your computer to a different sort of virus intrusion that AV software may NOT be able to detect or clean (as the files are hidden from the Windows file system APIs). You can only "see" those files from a command prompt. This is similar to the "super-hidden" attribute used by some strains of CodeRed and some others.
Mark
That is correct.
Mark
From what I've read, you can't even see them there.
Or putting shaving cream back in the can.
Unbelievable. That's like GM saying we have the right to disable your car if we think you haven't paid what we think you should be paying for it, even though you paid showroom price.
I may be wrong, but I believe that you can see them with a "dir /a"
Mark
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.