|Sony music CDs, rootkits, and you.
||[Nov. 10th, 2005|11:25 am]
Jen's Sweetie and Code Poet
[Edit: I forgot to mention that this shoddy software can also crash your system and makes it easier for attackers to hide from your anti-virus software if your machine is infected with malicious software.]
If you've missed out on all the drama, a quick summary:
It turns out that Sony has been installing "rootkits" on their customers machines when you insert their copy-protected CDs into your machine.
The EFF has a great summary of this, along with a list of "protected" CDs that you should probably avoid.
A partial list follows:
Trey Anastasio, Shine (Columbia)
Celine Dion, On ne Change Pas (Epic)
Neil Diamond, 12 Songs (Columbia)
Our Lady Peace, Healthy in Paranoid Times (Columbia)
Chris Botti, To Love Again (Columbia)
Van Zant, Get Right with the Man (Columbia)
Switchfoot, Nothing is Sound (Columbia)
The Coral, The Invisible Invasion (Columbia)
Acceptance, Phantoms (Columbia)
Susie Suh, Susie Suh (Epic)
Amerie, Touch (Columbia)
Life of Agony, Broken Valley (Epic)
Horace Silver Quintet, Silver's Blue (Epic Legacy)
Gerry Mulligan, Jeru (Columbia Legacy)
Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
The Bad Plus, Suspicious Activity (Columbia)
The Dead 60s, The Dead 60s (Epic)
Dion, The Essential Dion (Columbia Legacy)
Natasha Bedingfield, Unwritten (Epic)
Ricky Martin, Life (Columbia) (labeled as XCP, but, oddly, our disc had no protection)
My Morning Jacket, Z
Santana, All That I Am
Sarah McLachlan, Bloom Remix Album
The EFF article also lists some techniques that you can use to spot this abusive technology before you make a purchase at a retail store.
I strongly recommend that anyone using windows takes their advice and disables "autorun". This will prevent software from being automatically installed by just inserting a CD into your drive. This will prevent installation CDs from doing the same thing, but you can still get to your installer by browsing to the drive from "My Computer".
Other interesting events:
CA (an anti-virus/spyware vendor) will soon flag this software as spyware (in their next update).
A number of lawsuits have been filed.
Some clever folks have totally wreaked the amazon review rating for many of the copy-protected CDs.