More on Sony’s copyright infringement with their DRM Rootkit



“What a tangled web…” there is more today at freedom-to-tinker on the evidence that Sony (and or first4internet), have infringed on copyrighted code in their DRM software XCP which has been at the middle of quite a bit of controversy the last few weeks. Most of the coverage has been on some of the cloaking capabilities, the security vulnerabilities and the uninstaller vulnerabilities… but it looks fairly obvious that at least some GPL or LGPL code has been used without abiding by the terms of the GPL/LGPL


A couple of snips…

Matti Nikki (a.k.a. Muzzy) and Sebastian Porst have done great work unearthing evidence pointing to infringement. They claim that the code file ECDPlayerControl.ocx, which ships as part of XCP, contains code from several copyrighted programs, including LAME, id3lib, mpglib, mpg123, FAAC, and most amusingly, DVD-Jon’s DRMS.

If you copy and redistribute such a program, you’re a copyright infringer, unless you’re complying with the terms of the program’s license. The licenses in question are the Free Software Foundation’s GPL for mpg123 and DRMS, and the LGPL for the other programs. The terms of the GPL would require the companies to distribute the source code of XCP, which they’re certainly not doing. The LGPL requires less, but it still requires the companies to distribute things such as the object code of the relevant module without the LGPL-protected code, which the companies are not doing. So if they’re shipping code from these libraries, they’re infringing copyrights.

and…

How strong is the evidence of infringement? For some of the allegedly copied programs, the evidence is very strong indeed. Consider this string of characters that appears in the XCP code:

FAAC – Freeware Advanced Audio Coder (http://www.audiocoding.com/). Copyright (C) 1999,2000,2001 Menno Bakker.

Porst also reports finding many blocks of code that appear to have come from FAAC. Porst claims equally strong evidence of copying from mpglib, LAME, and id3lib. This evidence looks very convincing.

Oops…. apparently the developers of LAME have written a letter to SONY, it’s not clear if there will be lawsuits pending on this matter, but I wouldn’t be surprised if at some point that comes into play.

Oh, and according to the RIAA Sony’s DRM was nothing new (using technology to protect IP), they just had a security vulnerability in it and did a fine job in dealing with it…

Related Posts

Blog Traffic Exchange Related Posts
  • Sony and Amazon to buyback cds It looks as though the recall is being detailed for the Sony cds that use the XCP Digital Rights Management copy protection. Sony has setup a page where customers can request an exchange. Sony will swap cds with DRM for cds without the DRM software. Also, Amazon.com is offering refunds......
  • Sony DRM Rootkit -- it's worse I did this as updates to an earlier post, but it probably deserves it's own post now. The morning brought us the news of SERIOUS flaws in the Uninstaller ActiveX control for Sony's DRM, then came news of ANOTHER flaw, this one a privilige escalation "attacker can take control of......
  • List of Open Source software Packages The following is long, but likely not complete. This is a list of open-source software packages: Computer software licensed under an open-source license. Software that fits the Free software definition may be more appropriately called free software; the GNU project in particular objects to their works being referred to as......
Blog Traffic Exchange Related Websites
  • Coming Up with a Blog Niche Are you beginning a brand new blog? One of the first decisions that you are going to want to make is where you want to put your blog, and then you are going to need to choose a blog niche. One of the best ways to get your blog started......
  • IBP Software Review search engine optimizationThe IBP software is very popular with big companies. Some of the companies known using it have been Ebay and Caterpillar but what is more important is how is it going to benefit you? The main benefits that the company claims is that it is a full SEO......
  • virus scan is warning me that userinit.exe is trying to modify registry or startup? Everything I can find on userinit.exe tells me it is a crucial windows file, but I can't find anything telling me it should modify the registry. I'm concerned that it may be a virus disguised, is this possible? Why would my virus scan prompt me? I'm using charter (my cable......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site