Sony CD protection sparks security concernsA balancing act
The CD copy protection tools now on the market do let consumers make copies of the music, both in the form of digital files on their computer and a limited number of backup CDs. Labels say they support both these activities, as long as they're for personal use. The files that can be ripped to computers from these discs cannot be played on iPod MP3 players, however. The labels say they have not yet been able to persuade Apple Computer to include this capability. Several earlier versions of copy protection were widely mocked online for being trivially easy to circumvent, by using techniques that included holding the computer's "shift" key down while starting, and coloring the rim of a CD with a magic marker. Later versions of the technology, such as that produced by First 4 Internet, have made it more difficult to disable while still allowing the discs to be played on most computers. "Obviously there are a lot of people who don't like the technology, and we will take note if we need to," Gilliat-Smith said. "Our approach is to make the balance between protection and the consumer experience the best that we can make it for our customers." Sony to patch copy-protected CD SonyBMG Music Entertainment and a technology partner are working with antivirus companies on a fix for a potential security problem in some copy-protected CDs. The antipiracy tool is included on many of SonyBMG's latest music releases, from Van Zant to My Morning Jacket. SonyBMG's technology partner First 4 Internet, a British company, said that it has released a patch to antivirus companies that will eliminate the copy-protection software's ability to hide. In consequence, it will also prevent virus writers from cloaking their work using the copy-protection tools. The record label and First 4 Internet will post a similar patch on SonyBMG's Web site for consumers to download directly, the companies said. "We want to make sure we allay any unnecessary concerns," said Mathew Gilliat-Smith, CEO of First 4 Internet. "We think this is a proactive step and common sense." The issue erupted into the public consciousness late on Monday, when computer developer and author Mark Russinovich published a blog detailing how he had found the First 4 Internet software hiding deep in his computer, after he had listened to a copy-protected CD distributed by SonyBMG. The anticopying technology included a tool called a "rootkit," often used by virus writers. A rootkit takes partial control of a computer's operating system at a very deep level in order to hide the presence of files or ongoing processes.
In the case of the First 4 Internet software, attempts to remove it manually rendered the CD drive of the computer inoperable, Russinovich found. Several antivirus companies followed Russinovich's news with warnings that the First 4 Internet tools could let virus writers hide malicious software on computers, if the coders piggybacked on the file-cloaking functions. "For now it is theoretical, or academic, but it is concerning," said Hypponen. "There's no risk right now that we know of, but I wouldn't keep this on my machine." The patch that First 4 Internet is providing to antivirus companies will eliminate the rootkit's ability to hide itself and the copy-protection software in a computer's recesses. The patch will be automatically distributed to people who use tools such as Norton Antivirus and other similar programs, Gilliat-Smith said. The patch that will be distributed through SonyBMG's Web site will work the same way, Gilliat-Smith said. In both cases, the antipiracy software itself will not be removed, only exposed to view. Consumers who want to remove the copy-protection software altogether from their machine can contact the company's customer support service for instructions, a SonyBMG representative said.
| ||||||||
- Talkback
-
There are currently no comments for this story.
To post comments, you need to become a member. It's FREE.
