Re:Sony auto-installing malware from SunnComm...
on
Bad Day To Be Sony
·
· Score: 1
Here's where the story gets worse: the SunnComm software works on Macs, too--although it doesn't autorun--and installs a kernel extension onto Mac OS 10.2 and 10.3 (no 10.4 version has been made--but SunnComm does plan to release one). I spoke with a SunnComm representative for about 30 minutes last Friday. Sony has not stopped production of their CDs.
I haven't been able to find any Mark Russinovich type who's tested the SunnComm software on Windows or Mac OS and find out whether it's as dangerous as the XCP software. Apparently it's not--but it's equally deceptive. Has anyone looked into whether it's actually dangerous? A kernel extension on the Mac OS seems like the equivalent of a rootkit on Windows. Tell me I'm wrong...
Whoa--it prevents you from ripping any CD??? Is that true?
Let's make sure we're talking about the same software--all the press (and slashdot coverage) I've seen is talking about the XCP protection, made by First 4 Internet. The Mac software appears on other CDs, with a Windows counterpart, both of which have SunnComm's Media Max DRM. That's the one that installs a kernel extension or two onto your Mac (btw, it's not compatible with Mac OS 10.4.x). Sony is still shipping the Media Max CD's. The press release today specifically mentions the XCP DRM technology as the one they're quitting.
I just spoke on the phone with a customer service representative from SunnComm (the company that makes the DRM on Imogen Heap's Speak for Yourself.) He informs me that Sony has not suspended the use of their technology.
He did acknowledge, after I pressed him, that SunnComm's DRM software does install a kernel extension, and that it can only be removed with a tool they provide.
This seems to run into the same legal and technical troubles that the XCP faced, except that it hasn't (yet?) been exploited by hackers.
Anyone with technical knowledge of SunnComm's software care to comment on whether it makes a system vulnerable? What about on the PC side?
I called SunnComm at 602 267 7500 (the number is on their website - no harassment, please) to inquire about what exactly their software installs on my Mac. They said they would have someone call me back. I hope they do - I'd like to know how bad this particular DRM is, whether it's removable, and I'd like to talk to them, politely and reasonably, about why I think this sort of thing is a bad idea.
I also think people should talk to Sony about this issue, as well. When the DRM story broke I called Thomas Hesse's office (212 833 8000 is the Sony BMG main line). I wanted to tell him two things: first, that there would be a 100% chance that a virus would exploit Sony's DRM technology, exposing Sony to massive lawsuits and incredibly bad publicity. Second, that it feels like Sony is angry at their customers. Sony's actions regarding DRM are bad for customers, but they're also bad for Sony.
Sony's DRM attitude is the number one reason the iPod is dominant, instead of a Sony-brand mp3 player. Sony had an edge on any portable music device just because of their history and brand--they squandered that advantage, and they'll continue to squander opportunities as they continue to fight their own customers. I hope this latest DRM scandal will wake Sony up. Damaging customers' computers is not the answer--obviously.
Slashdot Mirror
Here's where the story gets worse: the SunnComm software works on Macs, too--although it doesn't autorun--and installs a kernel extension onto Mac OS 10.2 and 10.3 (no 10.4 version has been made--but SunnComm does plan to release one). I spoke with a SunnComm representative for about 30 minutes last Friday. Sony has not stopped production of their CDs.
I haven't been able to find any Mark Russinovich type who's tested the SunnComm software on Windows or Mac OS and find out whether it's as dangerous as the XCP software. Apparently it's not--but it's equally deceptive. Has anyone looked into whether it's actually dangerous? A kernel extension on the Mac OS seems like the equivalent of a rootkit on Windows. Tell me I'm wrong...
Whoa--it prevents you from ripping any CD??? Is that true?
Let's make sure we're talking about the same software--all the press (and slashdot coverage) I've seen is talking about the XCP protection, made by First 4 Internet. The Mac software appears on other CDs, with a Windows counterpart, both of which have SunnComm's Media Max DRM. That's the one that installs a kernel extension or two onto your Mac (btw, it's not compatible with Mac OS 10.4.x). Sony is still shipping the Media Max CD's. The press release today specifically mentions the XCP DRM technology as the one they're quitting.
I just spoke on the phone with a customer service representative from SunnComm (the company that makes the DRM on Imogen Heap's Speak for Yourself.) He informs me that Sony has not suspended the use of their technology.
He did acknowledge, after I pressed him, that SunnComm's DRM software does install a kernel extension, and that it can only be removed with a tool they provide.
This seems to run into the same legal and technical troubles that the XCP faced, except that it hasn't (yet?) been exploited by hackers.
Anyone with technical knowledge of SunnComm's software care to comment on whether it makes a system vulnerable? What about on the PC side?
I called SunnComm at 602 267 7500 (the number is on their website - no harassment, please) to inquire about what exactly their software installs on my Mac. They said they would have someone call me back. I hope they do - I'd like to know how bad this particular DRM is, whether it's removable, and I'd like to talk to them, politely and reasonably, about why I think this sort of thing is a bad idea.
I also think people should talk to Sony about this issue, as well. When the DRM story broke I called Thomas Hesse's office (212 833 8000 is the Sony BMG main line). I wanted to tell him two things: first, that there would be a 100% chance that a virus would exploit Sony's DRM technology, exposing Sony to massive lawsuits and incredibly bad publicity. Second, that it feels like Sony is angry at their customers. Sony's actions regarding DRM are bad for customers, but they're also bad for Sony.
Sony's DRM attitude is the number one reason the iPod is dominant, instead of a Sony-brand mp3 player. Sony had an edge on any portable music device just because of their history and brand--they squandered that advantage, and they'll continue to squander opportunities as they continue to fight their own customers. I hope this latest DRM scandal will wake Sony up. Damaging customers' computers is not the answer--obviously.