informa
Announcements
Event
Emerging Cybersecurity Technologies: What You Need to Know - A Dark Reading March 23 Virtual Event | <GET YOUR PASS>
Report
Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | <READ IT NOW>
PreviousNext
Risk
2 MIN READ
Commentary

Sony Is Just As Bad As Music Pirates

Sony's latest response to the threat of music piracy is to engage in behavior every bit as bad as the pirates it's trying to protect itself from.
Mitch Wagner
California Bureau Chief, Light Reading
November 07, 2005
Sony's latest response to the threat of music piracy is to engage in behavior every bit as bad as the pirates it's trying to protect itself from.Sony BMG Music Entertainment decided that the threat of piracy was so severe that it needed to protect itself by installing hacker tools on customers' PCs that exposed those systems to massive security vulnerabilities.

Sony included hacker technology called a "rootkit" in the copy-protection software distributed along with one of its music titles. A rootkit is technology used by computer criminals to permit them to break into target systems. The rootkit is such a hairball to remove that security researchers recommended users not try to remove it themselves, but rather contact Sony to get instructions.

Sony countered by saying that the copy-protection software is harmless, and issuing a patch. Hackers, meanwhile, are making a mockery of Sony's claims, by distributing code that they calimed takes advantage of security holes opened by Sony's DRM.

And, as revealed today, the patch presents problems of its own; it can crash Windows.

The Sony software is, plain and simple, spyware, by any reasonable standard of the word. It installs itself without users' knowledge, it runs in stealth modee, it damages the user's system, and it resists removal.

Sony's tactic isn't just a problem for consumers; it's also a problem for business network managers. Employees often enjoy listening to music while at work, and an employee who innocently brings in a CD that's infected with Sony's copy-protection can open a security hole to the entire network.

Sony had no excuse for its behavior. The fact that some of its customers pirate music does not legitimize Sony's hacking into all its customers computers and exposing them to security holes. Sony needs to recall the infected media, confess it did wrong, apologize to customers, and make amends. Meanwhile, law enforcement authorities need to investigate whether Sony is in violation of civil and criminal laws against computer piracy. I'm no lawyer, but it sure looks from here like they are.

Update 11/9: The Electronic Frontier Foundation has released a partial list of what it claims are the CDs that sony has infected with its copy-protection software.

The titles include CDs by Celine Dion, Neil Diamond, Dion, and Ricky Martin. The EFF article also has tips on how you can tell if a CD you bought from Sony contains the copy protection.

More Insights
White Papers
More White Papers
Webinars
More Webinars
Reports
More Reports
Editors' Choice
Microsoft Outlook Vulnerability Could Be 2023's 'It' Bug
Nathan Eddy, Contributing Writer, Dark Reading
Okta Post-Exploitation Method Exposes User Passwords
Elizabeth Montalbano, Contributor, Dark Reading
Chinese Warships Suspected of Signal-Jamming Passenger Jets
Tara Seals, Managing Editor, News, Dark Reading
ChatGPT Gut Check: Cybersecurity Threats Overhyped or Not?
Becky Bracken, Editor, Dark Reading
Webinars
More Webinars
Reports
More Reports
White Papers
More White Papers
Events
More Events
More Insights
White Papers
More White Papers
Webinars
More Webinars
Reports
More Reports