Sony's Awful Week

After posting a round-up of the news about Sony BMG's F4i's XCP digital rights management system (DRM), which hid itself inside consumers' computers' root-kit code, I spent a frantic week simply trying to keep up with all of the breaking news on the issue on my blog. During the week of November 7, I posted no fewer than 9 URLs outlining breaking news on the Sony story. However, by the end of the week, the company was reeling from the news that hackers had managed to install malware (malicious programs that dismantle a computer's firewall protection) on consumers' computers that masked its presence by using the hidden software placed there by Sony BMG's DRM system.

On November 9, Sony announced that it would "temporarily suspend" production of CDs with antipiracy technology that "can leave computers vulnerable to hackers," as the Associated Press worded it. This leaves doubt as to whether Sony intends to return to manufacturing antipiracy technology that leaves computers vulnerable to hackers again at some future date.

The company said, "We stand by content protection technology as an important tool to protect our intellectual property rights and those of our artists. Nonetheless, as a precautionary measure, Sony BMG is temporarily suspending the manufacture of CDs containing XCP technology. We also intend to re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use." Notice how "ease of customer use" is included almost as an afterthought. That's the kind of weasel wordsmanship that one usually finds in statements that begin with "for your convenience" and end with your doing more work.

If that seems harsh, read what Freedom To Tinker has to say about another long-standing DRM technology Sony has been using with less public brouhaha, SunnCom's MediaMax. J. Alex Halderman points out that MediaMax installs "about a dozen" files before you even see an End User License Agreement (EULA) and these remain installed whether or not you agree to the EULA's terms. In addition, there is no usable uninstall feature and the program, Halderman maintains, establishes a connection with SunnCom about how the computer is being used.

And there's more. According to Hack -Fi, using the company's uninstaller for XCP "could have exploitable remote code execution hole in it by design." In other words, it's either ineptly coded or deliberately leaves a back door that could be utilized by evil hackers (or corporate hacks) to invade your computer. Either way, it seems to play consumers for chumps.

In other words, Sony installs files on its consumers' computers without their permission, does not allow the files to be removed, and spies on its customers. Weasels, we calls 'em.

One way to determine whether Sony has simply hit a run of bad luck or truly wants to limit consumers' rights would be to look at other areas in which the company does business. The Inquirer reported on November 9 that Sony has filed a patent application for a DRM system that would restrict a video game from being played on any console other the one in which it was first read. No sharing, no reselling—no fair, we say. It's starting to look like Sony's corporate culture is specifically targeting fair use rights as they now exist.

Shame on Sony.