Sony's technical and PR fiasco continues
Summary: Sony's use of rootkit technology in DRM software on some of their CD's is causing an uproar all over the blogosphere. People are calling for boycotts of Sony products, not just CDs, but all Sony products.
This isn't going away anytime soon, if ever. Sony's use of rootkit technology in DRM software on some of their CD's is causing an uproar all over the blogosphere. People are calling for a boycott of Sony products, not just CDs, but all Sony products. There's even a Boycott Sony blog. Sony has been blasted not only for using the rootkit in the first place, but for their poor response to the public outcry. Ed Bott had some advice for Sony last week, but alas, they didn't seem to listen.
Fire First 4 Internet immediately and publicly.
Remaster the CDs with DRM-free versions.
Offer free replacement CDs to anyone who purchased one of the rootkit-infected CDs.
Provide toll-free tech support for anyone who experiences a problem with their Windows computer that they think is related to this software.
Instead, Sony execs have continued to minimize the problem and deny what Mark Russinovich proved, that the DRM software is phoning home and transmitting information without proper notice and consent. One antivirus vendor has already labeled the software as spyware. Even law professor Eric Goldman agrees on this point.
In my previous post, I said that Sony’s software wasn’t spyware. However, if the software is reporting back information about each user’s behavior, and that reporting back feature wasn't disclosed, then I agree with Suzi that surreptitious and undisclosed monitoring and reporting back of user activity sounds like spyware.
Declan McCullagh, writing for CNET, reports at least one attorney is talking class-action lawsuit. Mark Russinovich, who first documented the rootkit found on a CD he purchased, posted some additional damning info. The vendor of the DRM software, First4Internet, responded to points raised by Russinovich last week and now Russinovich has blasted First4Internet and Sony right out of the water... again. His conclusion:
Instead of admitting fault for installing a rootkit and installing it without proper disclosure, both Sony and First 4 Internet claim innocence. By not coming clean they are making clear to any potential customers that they are a not only technically incompetent, but also dishonest.
Ed Bott gets first place for best blog post title, Sony’s hired guns: incompetent, dishonest, or both?
Today I spoke to a representative from a major anti-spyware company who says Sony's DRM software meets their criteria for detection and removal. Stay tuned -- I'll have the details tomorrow.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
boycott until not more
Put a serious legal action agains sony ......
Well we all know that there too many idiot out there
so nothing will happen
tf
Thomas Hesse Is A Moron
On npr he said "the general puplic does not know what a rootkit is and they don't care."
and
he blaims apple because sonyt's file won't play on an iPod... "flick a switch" to alter its programs to work with the software. "It's just a proprietary decision by Apple to decide whether to play along or not," he said. "I don't know what more waiting we have to do.... Time is ticking, infringement of intellectual property is happening all over."
No Sony products for me... (NT)
Arrogance
I own five Sony TV's, four CD players and several other gizmos. I've bought my last Sony product for a while.
Arrogance
I own five Sony TV's, four CD players and several other gizmos. I've bought my last Sony product for a while.
Sony??
Just how far does this go??
If I move the CD to a different Dell Box with a NEC DVD+RW ND-3100AD it can not read the CD??
I think I will call Dell to see if they have moved to a different supplier.
PR fiasco
They should be uninstalling this software no questions asked. Just provide the uninstaller, don't require an email address that you declare you will sell to spammers (although "reputable" spammers, as we all know that makes a difference).
It's time for the mea culpa and removing obstacles that make it difficult to remove this unwanted software.
:)
Maybe Mr. Russinovich...
Technically, doesn't the DMCA prevent this...
IANAL. Doesn't the DMCA explicitly restrict any US Citizen (of which I am assuming Mr. Russinovich is) from producing and/or utilizing such a piece of software?
Jim
No, it is legal to remove it
But in this case we are talking about removing the software and disabling playback. Not attempting to play the music without the software.
Although it seems rather silly that you can play the CD on a Mac or Linux box with no problems :-)
Thanks for explaining...
And you're right, it is silly that Macs and Linux boxes can play the CDs without problems. I could pop in any Sony CD on my Ubuntu Linux box at home and have no worries. Sony should realize there are better ways of protecting content without screwing up their customer's computers, and AT LEAST admit a mea culpa.
Here's your boycott list
http://www.fatchuck.com/z3.html
http://ukcdr.org/issues/cd/bad/
Rumours, let the self immolation continue!
Publish a list.
Obviously, many of those recordings would have come from Sony.
I would require that a list be published of all offending titles.
I would further require that Sony, and all its subsidiaries be compelled, either by law or by the retailers, to publish that list and display it prominantly at all retail outlets so we can readily identify the offensive CD's and avoid them.
Further, Sony should be forced to pay for the space required to post these warning lists. This would give the needed incentive to the retailers to enforce this plan in each and every outlet. If you don't pay the retailers, they're not too excited about extra work and lost space.
The negative exposure would force Sony to get off its duff and make some real and public changes. I, for one, am wondering whether recent sound tracks I bought could be infected, but I'm not going to put them into my computer just to find out.
It's moronic behavior like this that will drive the public further and further into file sharing rather than to the direct distributor; they know they're taking chances with FTP, and they can/will accept that; but to be shot down by corporate snipers is intolerable.
Sorry Sony, but I can't trust you any more. How many honest buyers in the world will after this?