Cyber-rights group the Electronic Frontier Foundation (EFF) claimed on Wednesday to have identified 19 Sony CDs that contain a rootkit-like application that disguises its copy-restriction technology.
This software is hard to remove from a PC without causing damage and can be used to hide malicious code — antivirus vendors warned on Thursday afternoon the first malware to exploit it has been found.
The discovery of the rootkit last week kicked off a furore, but Sony has not said which CDs contain the DRM technology in question.
According to the EFF, the following CDs contain the DRM in question:
- Trey Anastasio, Shine (Columbia)
- Celine Dion, On ne Change Pas (Epic)
- Neil Diamond, 12 Songs (Columbia)
- Our Lady Peace, Healthy in Paranoid Times (Columbia)
- Chris Botti, To Love Again (Columbia)
- Van Zant, Get Right with the Man (Columbia)
- Switchfoot, Nothing is Sound (Columbia)
- The Coral, The Invisible Invasion (Columbia)
- Acceptance, Phantoms (Columbia)
- Susie Suh, Susie Suh (Epic)
- Amerie, Touch (Columbia)
- Life of Agony, Broken Valley (Epic)
- Horace Silver Quintet, Silver's Blue (Epic Legacy)
- Gerry Mulligan, Jeru (Columbia Legacy)
- Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
- The Bad Plus, Suspicious Activity (Columbia)
- The Dead 60s, The Dead 60s (Epic)
- Dion, The Essential Dion (Columbia Legacy)
- Natasha Bedingfield, Unwritten (Epic)
The EFF says it's likely that other CDs also contain the application, although Sony told ZDNet UK last week that discs containing this DRM software had not been distributed in the UK.
The EFF took a dim view on Sony's actions. "Entertainment companies often complain that fans refuse to respect their intellectual property rights. Yet tools like this refuse to respect our own personal property rights," said EFF staff attorney Jason Schultz in a statement. "Sony's tactics here are hypocritical, in addition to being a security threat," Schultz added.