less than an hour after i posted this, then this came up: Sony got sued for their rootkit-DRM.
===
i've always been of the opinion that if i buy a CD, i would at least have total freedom on what i can do with the CD. of course, that does not involve actually pirating the stuff on it and distributing it. what i really expect to do, is to actually be able to make a copy so that i wouldn't have to damage the original while in use, maybe rip the music to my mp3 player, or just simply use my own CHOICE of audio player to play the CD on my PC.
seems like we're not allowed to do all that if you buy a copy protected CD from Sony:
Sony, Rootkits and Digital Rights Management Gone Too Far
Mark's Sysinternals Blog
i've my own experience with audio CDs like this. you insert your perfectly legal, original CD into you PC CDROM drive, and it autorun and launches it's own proprietary player that's basically inadequate, poorly programmed and hogs your system resources, to play the songs from the CD. what you get is some cheesy-colored interface, tons of system resources occupied, and inferior sound quality.
if you tried to launch your favourite player (winamp, for instance), it won't play. if you had more than one of such CDs, opening them up one by one will actually create more CDROM drives for you. at least, that's what Windows Explorer shows.
i'm pretty OK with ppl protecting their intellectual property, but when they install things into my PC without letting me know about it, and by the things they installed, governs how i SHOULD enjoy what i BOUGHT with MY money, they're going a little too far. and now, Sony is actually creating security risks by using a rootkit to do what should be done by much better written code, that's just plain stupid.
Sony still keeps arguing that the rootkit-DRM doesn't introduce any security risks here. well, less than a day after the issue was brought up by sysinternals, WoW players already found a way to use it to cheat. it wouldn't belong before someone actually think of some malicious way to use Sony's rootkit-DRM.
More from Sony:
"6. I have heard that the protection software is really malware/spyware. Could this be true?
Of course not. The protection software simply acts to prevent unlimited copying and ripping from discs featuring this protection solution. It is otherwise inactive. The software does not collect any personal information nor is it designed to be intrusive to your computer system. Also, the protection components are never installed without the consumer first accepting the End User License Agreement.
If at some point you wish to remove the software from your machine simply contact customer service through this link. You will, though, be unable to use the disc on your computer once you uninstall the components.
Our technology vendors are constantly looking to improve the product as well as respond to any critical software issues found. Please check here for upgrades to address any known issues."
contacting Sony to remove the rootkit requires the user to fill out a form, using IE and install an ActiveX program. after that form, they'll send you an email telling you there's an upgrade for the DRM software, but if you still wanna proceed to uninstall it, then you'll have to follow another link and fill in another form.
they're still more or less unwilling to provide help for users to uninstall the rootkit, and somehow, by some incomprehensible logic, they actually think that we will still trust them enough after the whole rootkit fiasco to actually run IE and install ActiveX from their site. :)
i think the worse thing here is that if you DO remove the rootkit, you won't be able to listen to the CD on your PC again. basically, you're screwed.
good news is, the CD protection is so badly written, all you need to do is press the shift key while inserting the CD to stop it from autorunning, don't double-click on the CD, or maybe use a Mac or Linux box.
Sony just pissed people off without managing to properly protect their CDs.
Tuesday, November 8, 2005
Subscribe to:
Posts (Atom)
