All the latest UK technology news, reviews and analysis
|
|
|
18 Nov 2005
The technology used by Sony BMG to prevent piracy of audio CDs is allegedly based on stolen code, according to Sebastian Porst and Matti Nikki, two individuals from Germany and Finland who looked into the application.
First 4 Internet, the English developer of the controversial XCP anti-piracy technology deployed on some of Sony's audio CDs, is believed to have included software that is governed by the General Public Licence (GPL).
Further reading
Under terms of that licence, First 4 Internet is obliged to release the software that uses the GPL code. It did not do so.
"Sony is infringing on open source programmers' copyrights by distributing code which they have no right to use. Even though the code in question was developed by [First 4 Internet], Sony has still been distributing it," Nikki wrote on a webpage where he explained the licence violations.
The duo examined the binaries for the XCP software and claim to have found numerous references to functions that were taken from an application called mpg123 as well as other applications governed by open source licences.
Mpg123 is a media player developed in part by John Lech Johansen, the famous DVD cracker. The application is governed by the GPL and parts of it have been made available under the Lesser GPL, which gives developers more liberty when reusing the code.
The XCP technology came under fire after security experts unmasked the anti-piracy technology as a major security risk. After weeks of pressure Sony said last Friday that it would stop shipping CDs with the technology and would take back any CDs that consumers had purchased.
The record label has provided a list of 52 titles and item numbers to help consumers identity infected CDs.
When a user inserts an infected audio CD in a Windows system, the CD installs a new media player, digital rights management technology and a so-called rootkit which hides the technology from the user and the system. The GPL code was found in the media player.
Sony BMG did not respond to a request for further information. First 4 Internet was unable to respond due to the time difference between California and the UK where the firm is headquartered. First 4 Internet has declined in the past to comment on the case.
Latest stories from Open Source
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Java / J2EE analyst programmer with experience of building...
Crystal Reports Developer London or Dublin £340 per day...
Our client is a major Broadcasting company seeking a...
Support Engineer required to work for leading Online...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
KEEP IT IN THE NEWS...MOMENTUM
Think of it, what is Sony's market share in music, I bet its more than 20%...so at least 1 out 5 people who buy music CD's are at risk. And ALL those people have access to a computer (Home, School, Work, etc), where if they played the CD in it, causes security risk that's presently UN-INSTALLABLE, and these people are unaware of it; why there computers are messing up , slowing down, losing CD drives. People lend, give, sell these CD's to more unsuspecting People. And all this has been from sales of CD's since 2004, how many millions of SONY CD's have been sold since then. VIRUS writers are using these computers to hide in, in which the software CANNOT be safely uninstalled and the people are UNAWARE of Sony's hidden software and much less of the VIRUSES and TROJANS it can hide. How many companies have compromise security, for someone played a music CD at work. THIS software also "PHONES HOME". VERY VERY BAD INDEED. We should not let up, we should keep this in the news for as long as possible, a lot of people are not computer savvy to understand how SERIOUS this is. Because it came from left field, and NOT ONE person would suspect that a music CD would be dangerous; and for that, NO ONE cared early on in 2004, that's why we have this mess today. This has done more damage that P2P, where people understand that you are playing with fire, and as such protect themselves accordingly. NOT from music CD's. More time and widespread is this information needed, so ignorant people get whats happening, before more dangers arise because of this FIASCO. BOYCOTT SONY for at least 6 months...spread the word. People will wonder why the BOYCOTT and ask questions accordingly, then they will be knowledgeable of the SERIOUSNESS of this action against a prominent company. SONY want to keep it low key, understandable. But less people are informed, the CD's are still out there, compromising more computers. SONY used the cover of DRM to put this stuff in, and it should be a wake-up call; as to the abuse of companies using DRM and the DMCA to criminalizing and compromising Consumers CHOICE, PRIVACY, SECURITY; and rival companies INNOVATIONS, all for the all mighty Dollar$$$ THIS THE FLASH POINT, THIS THE LAST STRAW.... use this and continue the momentum for change in the DRM, DMCA, EULA, and for consumers "FAIR USE" being taken seriously by all companies. KEEPING PEOPLE TAKING ABOUT IT, will make companies advertise and promote that they are safe, be upfront with our RIGHTS in there EULA to gain our trust and OUR Dollars$$$, congress could be more consumer friendly, when up against large businesses that want to change laws in their favor. Think about it. The momentum is here, now ... Don't let it die down. Help Support EFF.ORG
Posted by: Julian 18 Nov 2005