All the latest UK technology news, reviews and analysis
|
|
|
10 Nov 2005
Computer Associates has officially blacklisted the Sony BMG XCP Technology that the record label bundles with several of its audio CDs.
CA's PestPatrol anti-spyware application now offers users the ability to remove the application, which it refers to as a Trojan horse.
The vendor justifies referring to the technology as a Trojan by pointing out on its spyware information website that XCP "installs without user permission, presenting only a vague and misleading end user licence agreement".
XCP also changes the system configuration without the user's permission and silently modifies other program information or website content. CA has further alleged that Sony has failed to allow users to remove the tool.
The application is also accused of shortening the life span of the user's hard drive by performing a scan of system processes every 1.5 seconds.
Another widely publicised feature of the technology is a rootkit that hides the digital rights management technology from the system and the user.
The rootkit will actually hide any file, process or registry key that begins with the characters '$sys$', making it extremely easy for virus authors and hackers to hide malicious applications from virus and spyware scanners.
Sony has always denied that there are any security issues associated with the software.
The technology was designed by First 4 Internet, and is bundled with several of Sony's audio CDs. Roughly two million of the CDs have been shipped.
The Electronic Frontier Foundation has compiled a list of some of the offending CDs with instructions on how to prevent getting infected.
Users who seek to play the CD on their computer CDRom drive on a Windows machine are presented with a licence agreement.
While the licence discloses that software will be installed, it does not give details and falsely suggests that it can be uninstalled. Upon agreement, the rootkit and DRM technology is installed.
Sony has released a patch that removes the cloaking feature of the rootkit, but CA pointed out that the patch failed to resolve all security concerns.
To obtain the Sony uninstaller, users are also required to give out personal information that will be used by Sony BMG and undisclosed third parties.
Latest stories from Software
Related articles
Related jobs
Poll
What will be the biggest change to corporate technology in the future?
TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
Chief, Partner Solution / Director, Client Solutions...
ASP.NET, C# Developer, .NET - MS Gold Partner - Preston...
SQL Server DBA (Database Administrator, Administration...
.NET Developer - Financial Services - Basingstoke, Hampshire...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Confused on how to get in on lawsuits
I had no idea what was wrong with my home desktop until I read a story in the Dhakkar times (of all places-forget about it from a domestic news source in US) on Google News page, and began to suspect...I had attempted to play a Silvertide CD; produced by SunnComm. Screwed anything related to playing LEGALLY PURCHASED mp3's on my cmptr, and slowed machine tremendously, etc. Anybody know where I can jump onto an open class-action lawsuit? I live in GA., haven't read about anything from my state. Thanks, and F sony long and hard.
Posted by: Dallas Herring 03 Dec 2005
Boycott Sony!
I and many friends have started a boycott against Sony. A couple of days ago I almost purchased a Sony DVD recorder. When I realized this companies total contempt for their customers I purchased some other brand. I hope their market share will plummet!
Posted by: Erik Malmstrom 13 Nov 2005
removal tools...
CA blacklist it, so do Sophos - the software development company must be geting worried now!! http://www.sophos.com/support/disinfection/rkprf.html for a removal tool... more likely to follow
Posted by: angus Patterson 11 Nov 2005
Sue the scum...
These scum should be put out of business. They are no better than some scumbag virus writer & should be treated as such. Boycott Sony. I for one will never buy anything that has even the slightest hint of having anything to do with this scumbag company.
Posted by: PV 10 Nov 2005
No Big Surprise!
Sony has officially made it safer to steal files over the net than to legally buy it!! They are just attempting to keep an inflated market price that is not at a free market equilibrium point. I bought my 1st CD in 1995 for $14.00, all other technology based industries have reduced cost to compete (what was a computer worth then verse now?) They just have too much EMPIRE to feed and need to realize that anyone with a few thousand bucks can start a recording label and produce and market their own (or other?s) content for much less. All they are protecting is a large marketing / production / distribution network that the internet can and has started to replace. My ?Make / Buy? brake point cost is when the blank media + my opportunity cost (time and equipment deprecation) make it better to buy than make. At this point I would pay $4.00 to get a CD that I want with the artwork. I would still rip to my hard drive and use it where and how I want. Bottom line, they are a dying old technology and they know it, but they are using their shear size and power to continue to breath. Death is near, look at General Motors!!
Posted by: John C. 10 Nov 2005