Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sony's SunnComm DRM Patch a Security Risk

Posted by Zonk on from the spears-cds-bring-one-of-the-horsemen dept.

Spad writes "The BBC is reporting that mere days after the EFF and Sony announced a patch to fix the vulnerability in its SunnComm DRM system, security researchers Ed Felten and Alex Halderman have discovered that the patch itself introduces yet more vulnerabilities. They have now asked users not to apply the patch and are urging Sony to recall all of the affected CDs from sale. Sony has said that approximately six million CDs using [SunnComm] MediaMax have been shipped to stores. Affected artists include Alicia Keys, Britney Spears, Black Rebel Motorcycle Club and Faithless."

18 of 218 comments (clear)

  1. Phew! by Anonymous Coward · · Score: 5, Funny

    Phew, after seeing the list of artists all I can say is if these are the artists who'll be affected I'll be secure for years to come!

  2. The music gene pool is self correcting by lohphat · · Score: 5, Funny

    Given the titles affected, consumers had it coming.

  3. Bitten by the patch? by ReformedExCon · · Score: 3, Funny

    So you could be hit once by the original flaw. Then you could be hit one more time by the flaw in the patch?

    Someone should write a song about that.

    --
    Jesus saved me from my past. He can save you as well.
    1. Re:Bitten by the patch? by Arhat · · Score: 5, Funny

      Someone should write a song about that.

      Oops, I Did It Again?

    2. Re:Bitten by the patch? by k4_pacific · · Score: 4, Funny

      You can call it:
      DRMed if you do, DRMed if you don't

      --
      Unknown host pong.
    3. Re:Bitten by the patch? by ellijacket · · Score: 4, Funny

      I bought a cd the other day
      then I placed it in my cd tray
      My songs started playing to my delight
      Then I danced away through the night
      Never suspecting the sinister plan
      That was put in place by the music man

      My computer began to sneer and snort
      Viruses were streaming through the ports
      No matter what, I could not see
      The viruses were hidden from me
      I never suspected the sinister plan
      That was put in place by the music man

      I patched the bug and felt ok
      My computer would live another day
      but then my box fell to it's knees
      no more bits could it process for me
      I never suspected the sinister plan
      Now I'll never buy from the music man.

  4. Sony/BMG, A Division of Al-Qaida by swschrad · · Score: 2, Funny

    congratulations, oh bearded one, for your infiltration of computers in the western world. and congratulations for keeping your sizeable stock holdings in Sony and Bertlesmann secret for so long.

    there is no other plausible explaination for the number of times Sony/BMG has shot itself in the nuts over copy protection that cannot do what they want it to do. it MUST be a plot against humanity by the AntiChrist. no other logic works out.

    --
    if this is supposed to be a new economy, how come they still want my old fashioned money?
  5. PS3 Tooooo by Anonymous Coward · · Score: 1, Funny

    PS3 is rumored to be a security risk. While Xbox 360 burns your house down. PS3 sends e-mails out to burglars as to which time you are not at home and how to get in and where you hide your key!

  6. Recall won't be so effective... by FellowConspirator · · Score: 1, Funny

    The damage is most likely done to those who are susceptible.

    Anyway, the patch is a non-issue for Americans who are prohibitted by law from downloading or applying it. The patch issue only effects people in countries where it is not illegal to modify/remove/circumvent DRM software. In the States the solution is much simpler: just format the disk and reinstall the OS.

  7. attempt to stop ripping by johann8384 · · Score: 1, Funny

    Sony will release a statement saying the security holes were put there intentionally to discourage ripping of the cds. This would prevent them from being shared as easily.

  8. Re:Bitten by the patch? Lyrics by amcdiarmid · · Score: 2, Funny

    Hit by the flaw, Bitten by the patch.
    Lyrics by me.

    I got hit by the flaw, and bitten by the patch
    A computer rebuild, a 'driver with a ratchet
    It's hit me, it'll be hitting you
    How much did you pay for that Sony Doo-Doo?

    I Put a music CD in my CD-Drive
    Hit "I Accept" to some DRM jive
    Now I'm here, waiting for the other shoe
    and to make it worse, the music sucked too

    Hit by the flaw, bitten by the patch
    That company just said bend-over biatch
    Bitten by the patch, hit by the flaw
    hold on to your hat, 'cause that ain't all

    Picked it up this morning from the TV news
    Sony got another system that you don't want to use
    As if the first one was'nt bad enough, with your computer flubed up
    They got a second system that's also bad enough

    Hit by the flaw, bitten by the patch
    some big CEO needs to take it up the ass

    "That's enough now, I'm Tired" - Oppourtunites never knock - The Clash - version where the kid sings it.

  9. Re:Eat me, Sony. by amliebsch · · Score: 4, Funny
    No, no, no, it was Jerry and Kramer.
    * Kramer: "Its a write off for them!"
    o Jerry: "How is it a write off?"
    * Kramer: "They just write it off. Jerry, these big companies, they write off everything."
    o Jerry: "(pause) You don't even know what a write off /is/."
    * Kramer: "Do You?"
    o Jerry: "No, I Don't."
    * Kramer: "But /they/ do..and /they're/ the ones writing it off."
    --
    If you don't know where you are going, you will wind up somewhere else.
  10. Re:Bitten by the patch? Lyrics by 93,000 · · Score: 2, Funny

    . . . and to make it worse, the music sucked too

    Something about that line struck me terribly funny. Bravo.

    I hope you're not mad that I reprinted it without permission.

    --
    Sweet informative mod.
  11. finally now i can use p2p again by nazsco · · Score: 3, Funny

    and when sony sues me (thu RIAA), i just load one of those handy cds with digital-rootkit-management and claim that someone else (probably at sony) was hijacking my computer and putting all those mp3, that i've never heard about before, there.

  12. Oh no! Don't write about us on your blog! by Anonymous Coward · · Score: 1, Funny

    As a Sony executive, I am very concerned about your decision to write about this matter on your blog. As you may or may not already know, the self-important ramblings of an individual's personal web log are the strongest force for change yet seen by man. This is even despite the fact that writing about something on the Internet barely breaks the barrier of showing concern about the subject, as it takes very little effort. Nevertheless, we are "shaking in our boots" about your blog and sincerely hope you will reconsider your decision to write about us.

  13. I know! by Ruff_ilb · · Score: 2, Funny

    Lets fix it with a rootkit!

    --
    http://www.TheGamerNation.com/Forums
  14. Then how do we get rid of this thing? by Darthmalt · · Score: 2, Funny

    Friend of mine bought the switchfoot cd and put it in her computer. I've tried using all the so called patches and microsoft's anti spyware all of which failed to remove it. I've gotten to the point where now I can see the files but they're write protected. If I bypass the write protection and delete them will it screw up the laptop?

    CURSE YOU SONY!!! and your sudden but inevitable betrayal.

  15. Re:Eat me, Sony. by Ryosen · · Score: 2, Funny

    "nothing will really happen except they may claim to have lost $xxx,xxx to piracy."

    Fixed it for you.

    --

    Ryosen
    One man's "Troll, +1" is another man's "Insightful, +1".