[Intrepid Homoludens]

Here are a couple links about the Sony BMG scandal:

The Rootkit of All Evil | The New York Times, November 19, 2005

Quote:

SONY BMG can take two lessons from its recent wayward attempt to fend off digital piracy: One, in a world of technology-astute bloggers, it's not easy to get away with secretly infecting your customers' computers with potentially malicious code. And two, as many a politician has learned, explaining your own screw-up badly is often worse than the screw-up itself.

Or as Wired News put it, "The Cover-Up Is the Crime."

It all started on Halloween, when Mark Russinovich, a computer security researcher, discovered that the antipiracy software that a Sony BMG CD had installed on his machine was based on a "rootkit." Rootkits are often used by malicious hackers to disguise spyware, malware and other nasty stuff. Removing one can do damage, even destroying an operating system. Mr. Russinovich posted his tale on his blog, sysinternals.com/blog, and the pile-on commenced.

Sony BMG responded by offering a piece of software it said would remove the rootkit, but at the same time said the rootkit was "not malicious and does not compromise security." Thomas Hesse, president of Sony BMG's Global Digital Business, went on National Public Radio to say that "most people, I think, don't even know what a rootkit is, so why should they care about it?"

Cory Doctorow on boingboing.net wrote: "What petulant jerks. Look, Sony, you got caught sleazing your customers' computers. Telling us that it wasn't so bad is just infuriating and insulting. An apology would have been better received."

Things grew worse for Sony BMG. The company angered many music fans with its complicated uninstall process, which required them to disclose their e-mail addresses and make multiple visits to sonybmg.com. (Several days later, researchers at Princeton asserted that the removal tool itself left computers vulnerable to attack, prompting Sony BMG to remove it temporarily.)

Antivirus companies said they had detected malicious software on the Internet that was aimed at the vulnerability created by the rootkit. Dan Goodin, a Wired News columnist, called for a boycott of Sony BMG.

This week, Sony BMG relented, somewhat, and announced a recall of all rootkit-containing CD's, in exchange for "clean" ones. Mr. Doctorow, less than impressed, called Sony BMG's statement "a non-apology apology."

Worth reading are the updates and accounts about it on boingboing.net:

Quote:

Latest news on Sony lawsuits

Mark sez, "This website tracks the class action lawsuits surrounding the Sony BMG Music Entertainment/First4Internet XCP Rootkit. Additionally, it offers information about how individuals who do not wish to wait for the class action can sue Sony in their local small claims court." Link (Thanks, Mark!), Sony Rootkit Roundup Part I, Sony Rootkit Roundup Part II.

posted by Cory Doctorow at 07:23:32 AM

IIRC, I found a story somewhere in those links about Sony reconsidering the anti-piracy system for PS3. That's a stupid idea, yes, but I don't think Sony are complete 'tards about it, especially now that they're gonna get sued big time (several lawsuits are brewing) over the audio cd ugliness:

Quote:

There are two class action lawsuits already filed, with more certainly on the way. One is based in New York and is designed to cover all US citizens [PDF], the other in California and focuses solely on Californians [ PDF]. It also appears that the Law Firm of Lawrence E. Feldman & Associates is planning to file suit soon.

sonysuit.com

What d'you guys think'll go on with the PS3 in this case? If Sony decide to implement it as we've heard, it could easily affect the sales of the console and further stain their reputation, giving MS and Nintendo better opportunity to snag shares of the market. But they'd still sell a lot of PS3s, I'm sure.