Sony BMG was caught red-handed trying to plant secret DRM spyware on customers' computers. It wriggled and writhed but was eventually forced to withdraw a number of CDs which had been poisoned by the application.
DRM can never work. Anything which can be seen or heard can be copied by one means or another. But this doesn't mean the companies and entertainment and software cartels will stop trying and Sony BMG's answer to was try to sneak a DRM application made by Britain's First 4 Internet onto peoples' computers via CDs holding not only music, but also hidden rootkit spyware .
Then it came to light that additional, and dangerous, MediaMax "copy protection" software made by America's SunnComm was also present on some discs.
A file folder installed on users’ computers by MediaMax , "could allow malicious third parties who have localized, lower-privilege access to gain control over a consumer’s computer running the Windows operating system," said the EFF.
That was a while back. Nonetheless, "In accordance with standard information security practices, EFF and iSEC delayed public disclosure of the details of the exploit to provide SunnComm the opportunity to develop an update," said the foundation.
Now, "The Electronic Frontier Foundation (EFF) and SONY BMG Music Entertainment (SONY BMG) said today [December 6] that SunnComm is making available a software update to address a security vulnerability with its MediaMax Version 5 content protection software on certain SONY BMG compact discs (CDs)," says the EFF, going on:
"SONY BMG will notify consumers about this vulnerability and the update through the banner functionality included on the player, as well as through an internet-based advertising campaign. The update is also being provided to major software and Internet security companies. EFF and SONY BMG urge all consumers who receive notice to download and install the patch immediately."
It's all so bland, isn't it? - almost as if Sony BMG had teamed up with the EFF in an honest effort to look after customer interests. Adding to this appearance, "We’re pleased that SONY BMG responded quickly and responsibly when we drew their attention to this security problem," EFF staff attorney Kurt Opsahl is quoted as saying in the EFF statement.
Quickly and responsibly?
The press release adds, "The security vulnerability on SunnComm MediaMax Version 5 software differs from that reported in early November on First4Internet XCP software contained on certain SONY BMG CDs."
Go here for the SunnComm patch, and here for Sony BMG's.
How will you know if your CD is one of those carrying the dangerous SunnComm MediaMax Version 5 DRM software? You can find out by "looking at the back of the CD packaging," says SunnComm in a FAQ. "If you see a black and white table (see top right) with 'Compatible With' on the side, your disc contains some form of content protection software. If the URL at the bottom of table says www.sunncomm.com/support/sonybmg, then the disc contains SunnComm MediaMax Version 5 software. One CD, 'Defined' by Amici Forever contains SunnComm MediaMax Version 5 and the URL but does not have the black and white table noted."
Alternatively, below is a list of CDs poisoned by the SunnComm software..
ARTIST TITLE SELECTION # 1 Alicia Keys Unplugged 82876674242 82876731662 2 Amici Forever Defined 82876688832 3 Babyface Grown & Sexy 82876705682 4 Black Rebel Motorcycle Club Howl 8287671601 5 Britney Spears Hitme - Remix 82876740622 6 Cassidy I'm A Hustla 82876687072 82876680732 7 Chris Brown
Chris Brown
82876733222 8 Cook, Dixon & Young Volume One 82876673342 9 David Gray Life In Slow Motion 82876710682 10 Dido Dido Live 82876658099 11 Faithless Forever Faithless/ENH 82876710142 12 Imogen Heap Speak For Yourself 82876725322 13 Judd & Maggie Subjects 82876692492 14 Leo Kottke/Mike Gordon Sixty Six Steps 82876689092 15 Maroon 5 Live 82876709742 82876699522 16 My Morning Jacket Z 82876710672 17 Raheem Devaughn The Love Experience 82876537232 18 Santana All That I Am 82876597732 19 Sarah McLachlan Bloom (Remix Album) 82876697982 20 Stellastarr* Harmonies for the Haunted 82876688812 21 Syleena Johnson Chapter 3: The Flesh 82876610932 22 T-Pain Rappa Ternt Sanga 82876734472 82876732002 23 Various So Amazing: An All Star Tribute To Luther Vandross 82876624722 24 Various Songs Brown Hotel 82876714112 25 Wakefield Which Side Are You On? 82876685072 82876681352 26 Charlie Wilson Charlie, Last Name Wilson 82876694292 27 YoungBloodZ Everybody Know Me 82876733402 82876731752
Canada
ARTIST TITLE SELECTION # 1 Alicia Keys Unplugged 82876674242 82876731662 2 Amici Forever Defined 82876688832 3 Babyface Grown & Sexy 82876705682 4 Britney Spears Hitme - Remix 82876740622 5 Cassidy I'm A Hustla 82876680732 6 Charlie Wilson Charlie, Last Name Wilson 82876694292 7 Chris Brown Chris Brown 82876733222 8 David Gray Life In Slow Motion 82876710682 9 Imogen Heap Speak For Yourself 82876725322 10 Judd & Maggie Subjects 82876692492 11 Leo Kottke/Mike Gordon Sixty Six Steps 82876689092 12 Maroon 5 Live Friday the 13th 82876709742 13 Melissa O'Neil Melissa O'Neil 82876751572 14 My Morning Jacket Z 82876710672 15 Our Lady Peace Healthy In Paranoid Times CK94777 16 Santana All That I Am 82876597732 17 Say Anything …Is A Real Boy 82876716682 18 Stellastarr* Harmonies for the Haunted 82876688812 19 Syleena Johnson Chapter 3: The Flesh 82876610932 20 The Trews Den of Thieves 82876711162 21 T-Pain Rappa Ternt Sanga 82876732002 22 Various Canadian Idol High Notes 82876711202 23 Various Tribute To Luther 82876624722
