The Continuing Stooo-ry of the Sony DRM rootkit debacle….



Let’s see there are a couple more notes to pass along on Sony DRM rootkit news. This story could go on for some time, it’s already had legs for about a week or more and just when things started to wind down a bit, there’s a bit more. First up, the EFF has a writeup on the EULA that Sony sends along with it’s DRM-ified Cds. Among other things it obliges you to wipe any copies of songs of your pc if you’re cd is lost or stolen, it cannot be played on a work computer, you can’t take it with you if you leave the country, you MUST install any and all updates to their software or the content is forfeit, SONY-BMG reserves the right to install backdoors or other means to protect their content, SONY will only be liable for a maximum of $5, if you declare bankrupcy you must forfeit all the music on your pc, no derivitave works, (photo albums for family/friends, mash-ups, or sampling), music on the pc may NOT be transfered even if the cd accompanies the transfer.


Most of us don’t really think TOO much about the above list and what our USUAL rights to a music cd are. I can put it no better than the EFF….

First, a baseline. When you buy a regular CD, you own it. You do not “license” it. You own it outright. You’re allowed to do anything with it you like, so long as you don’t violate one of the exclusive rights reserved to the copyright owner. So you can play the CD at your next dinner party (copyright owners get no rights over private performances), you can loan it to a friend (thanks to the “first sale” doctrine), or make a copy for use on your iPod (thanks to “fair use”). Every use that falls outside the limited exclusive rights of the copyright owner belongs to you, the owner of the CD.

On other fronts, some of the Artists are starting to see effects of SONY’s poor decision making. I saw one individual point out the Amazon reviews that one cd was getting, this isn’t the same one I saw noted, but it’s on “the list”. From what I can see most any on the list are getting rough reviews (and plentiful in most cases) from the Sony rootkit.

Brian Krebs is reporting Windows Defender (Microsoft Anti-Spyware) will be updated to detect and remove files hidden using the method given by the DRM from SONY. Also, in December the malicious software removal tool will be updated to get rid of the rootkit. The malicious software removal tool will be available from Windows update or through automatic updates.

Update — 11/14/05 —

Didn’t I say this could keep going…?

Sunbeltblog is reporting on a juicy bit of irony…. it seems that the DRM software in Sony’s rootkit includes the opensource LAME mp3 audio encoder. OK, well it seems as though …

This software is licensed under the so called Lesser Gnu Public License (LGPL). According to this license Sony must comply with a couple of demands. Amongst others, they have to indicate in a copyright notice that they make use of the software. The company must also deliver the source code to the open-source libraries or otherwise make these available. And finally, they must deliver or otherwise make available the in between form between source code and executable code, the so called objectfiles, with which others can make comparable software.

So either Sony-BMG (distributors of the rootkit) or First 4 (writers of it) have made a slight licensing boo-boo…. oops. More details here.

Update 11-14-05 5:30 EST…. more shoes falling in the story…

It looks like another class action suit is getting warmed up against Sony over the DRM rootkit fiasco. This from the SecurityFix. A lawyer has filed suit in the US District Court for Southern New York against Sony. This class action could wind up including people in all 50 states in the class. Sony and First4Internet are named in the suit. This is the second class action suit over the matter, the first filed in California court, for California residents.

The suit asks the court to intervene in 1)preventing the use of this DRM method in another product and 2) prevent the re-introduction of this DRM method on CD’s.

I suspect this centipede will have a few more shoes to drop before things are said and done.

   Send article as PDF   

Similar Posts