EMI considers opening its DRM to inspection

Summary:The music industry giant is reviewing a request by the EFF to allow reverse engineering of its digital rights management software

The EMI Group is reviewing a request by the Electronic Frontier Foundation (EFF) to allow reverse engineering of its digital rights management (DRM) software, EMI said on Friday.

The EFF, a digital rights group, sent an open letter to EMI earlier this month asking EMI to publicly declare that it would not take any legal action against independent computer security researchers who investigate copy-restriction technologies used on EMI CDs.

A spokesman for EMI told ZDNet UK that the company had received the letter and was reviewing the matter. The spokesman would not comment about how long the review process would take.

The EFF is concerned that the copy-restriction licensing agreements included in EMI CDs forbid computer researchers from reverse-engineering the DRM to test it. The EFF also claimed that "some copy-protection vendors have levelled legal threats against security researchers in the past".

Security researchers are keen to investigate EMI's DRM technologies to check they do not use the same rootkit technologies that were used by Sony BMG.

"Music fans deserve to know whether EMI's copy-restricted CDs are exposing their computers to security risks," said Fred von Lohmann, senior staff attorney with EFF, earlier this month. "When it comes to computer security, it pays to have as many independent experts kick the tires as possible, and that can only happen if EMI assures those experts that they won't be sued for their trouble."

The EMI spokesman told ZDNet UK said that it was "clearly labelled" on EMI Group CDs that they were content protected, and that EMI had "no rootkit issues". The spokesman added that the software on the CDs "never loads DRM onto a user's hard drive without the user's permission."

The rootkit technology used by Sony was exploited by virus writers to try and make their own malicious code undetectable. Some IT departments were forced to consider banning employees from bringing their own CDs into the workplace, in an attempt to avoid infection.

EMI's copy-restriction software is supplied by Macrovision, a US firm that develops DRM software. Macrovision had not returned calls seeking comment at the time of writing.

Topics: Security

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.