We had a thread a few weeks ago on this topic but it pisses me off so bad I'm opening another and sharing an article from the Information Week newsletter I get daily.



Sony Is Just As Bad As Music Pirates



Sony's latest response to the threat of music piracy is to engage in behavior every bit as bad as the pirates it's trying to protect itself from.

Sony BMG Music Entertainment decided that the threat of piracy was so severe that it needed to protect itself by installing on customers' PCs hacker tools that exposed those systems to massive security vulnerabilities.

Sony included hacker technology called a "rootkit" in the copy-protection software distributed along with one of its music titles. A rootkit is technology used by computer criminals to permit them to break into target systems. The rootkit is such a hairball to remove that security researchers recommended users not try to remove it themselves, but rather contact Sony to get instructions.

Sony countered by saying that the copy-protection software is harmless and issuing a patch. Hackers, meanwhile, are making a mockery of Sony's claims by distributing code that they claim takes advantage of security holes opened by Sony's DRM.

And, as revealed Monday, the patch presents problems of its own; it can crash Windows.

The Sony software is, plain and simple, spyware, by any reasonable standard of the word. It installs itself without users' knowledge, it runs in stealth mode, it damages the user's system, and it resists removal.

Sony's tactic isn't just a problem for consumers; it's also a problem for business network managers. Employees often enjoy listening to music while at work, and an employee who innocently brings in a CD that's infected with Sony's copy protection can open a security hole to the entire network.

Sony had no excuse for its behavior. The fact that some of its customers pirate music does not legitimize Sony's hacking into all its customers' computers and exposing them to security holes. Sony needs to recall the infected media, confess it did wrong, apologize to customers, and make amends. Meanwhile, law-enforcement authorities need to investigate whether Sony is in violation of civil and criminal laws against computer piracy. I'm no lawyer, but it sure looks from here like it is.

[/b][/quote]

So Sony's defense is it's harmless - but we will give you a patch that can crash windows -

I see many class actions in the future.
[/b][/quote]

The worst part is the security hole their opening. That just grinds my last nerve.

Basically, they are saying everyone is a crook and we are protecting ourselves from illegal file sharing. Fuck them...I pay for all my music and movies but since some people don't they think they can just fuck with my stuff.

Class action suits with huge awards are in their future.
[/b][/quote]

I'm sure this will come as a suprise to noone....

New virus uses Sony BMG software

New virus uses Sony BMG software

Thursday, November 10, 2005; Posted: 5:20 p.m. EST (22:20 GMT)

AMSTERDAM, Netherlands (Reuters) -- A computer security firm said Thursday it had discovered the first virus that uses music publisher Sony BMG's controversial CD copy-protection software to hide on PCs and wreak havoc.

Under a subject line containing the words "Photo approval," a hacker has mass-mailed the so-called Stinx-E trojan virus to British email addresses, said British anti-virus firm Sophos.

When recipients click on an attachment, they install malware, which may tear down a computer's firewall and give hackers access to a PC. The malware hides by using Sony BMG software that is also hidden -- the software would have been installed on a computer when consumers played Sony's copy-protected music CDs.

"This leaves Sony in a real tangle. It was already getting bad press about its copy-protection software, and this new hack exploit will make it even worse," said Sophos's Graham Cluley.

Later on Thursday, security software firm Symantec Corp. also discovered the first trojans to abuse the security flaw in Sony BMG's copy-protection software. A trojan is a program that appears desirable but actually contains something harmful.

Sony BMG's spokesman John McKay in New York was not immediately available to comment.

The music publishing venture of Japanese electronics conglomerate Sony Corp.and Germany's Bertelsmann AGis distributing the copy-protection software on a range of recent music compact disks (CDs) from artists such as Celine Dion and Sarah McLachlan.

When the CD is played on a Windows personal computer, the software first installs itself and then limits the usage rights of a consumer. It only allows playback with Sony software.

The software sparked a class action lawsuit against Sony in California last week, claiming that Sony has not informed consumers that it installs software directly into the "roots" of their computer systems with rootkit software, which cloaks all associated files and is dangerous to remove.

Sophos said it would have a tool to disable the copy protection software available later on Thursday.

Sony BMG made a patch available on its Web site on Tuesday that rids a PC from the "cloaking" element that is part of the copy-protection software, while claiming that "the component is not malicious and does not compromise security."

The patch does not disable the copy protection itself.

The Sony copy-protection software does not install itself on Macintosh computers or ordinary CD and DVD players.
[/b][/quote]

Of course. I've been waiting for this news to come out.

Fucking assholes...