Ektopia

So here’s the deal with the newly found Sony-BMG’s Rootkit bullshit.

On Monday, October 31, alert users discovered that Sony BMG is using copy-protected CDs to surreptitiously install its digital rights management technology onto PCs. You don’t have to be ripping the CD, either–just playing it from your CD-ROM drive triggers the installation.

You insert your CD into your Windows PC, click “agree” in the pop up window, and the CD automatically installs software that uses rootkit techniques to cloak itself from you.

The software installs itself as a root kit*, which is a set of tools commonly used to make certain files and processes undetectable, and they’re the favored tool of crackers who are, as Wikipedia puts it, attempting to “maintain access to a system for malicious purposes.” In fact, root kits are often classified alongside Trojan horses.

You buy a CD. You put the CD into your PC in order to enjoy your music. Sony grabs this opportunity to sneak into your house like a virus and set up camp, and it leaves the backdoor open so that Sony or any other enterprising intruder can follow and have the run of the place. If you try to kick Sony out, it trashes the place.

But this–using the tactics of criminals to invade our PCs without our knowledge and to expose us to further attack, just so you can keep us from, say, burning a mix CD and giving it to our friends–this is beyond the pale.

You may want to consider using Exact Audio Copy, which reportedly can read these CDs if you have turned off autorun and avoided infection by XCP.

*A simple definition of root kit is a collection of tools used by any criminal intruder to gain access to the root of a remote system, to get control of that computer, and to hide their presence.

I hate to get to political or use bad language here on Ektopia but what a bunch of fucking arseholes. I wonder if the artists know that their CDs are going to be treated with the Sony-BMG’s Rootkit? I certainly won’t be buying any of these titles, which is a shame because I wouldn’t mind getting hold of the new Bad Plus CD. Fuck them, fuck all of them. I’ll either download them or not even bother with them any more…probably the later. It’s incredible to think that their policies are turning people like me off buying music. Idiots! [via]

Update - It turns out that the End Users Licence Agreement that you get with one of these CDs is quite different than that of a standard CD…

1. If your house gets burgled, you have to delete all your music from your laptop when you get home. That’s because the EULA says that your rights to any copies terminate as soon as you no longer possess the original CD.
2. You can’t keep your music on any computers at work. The EULA only gives you the right to put copies on a “personal home computer system owned by you.”
3. If you move out of the country, you have to delete all your music. The EULA specifically forbids “export” outside the country where you reside.
4. You must install any and all updates, or else lose the music on your computer. The EULA immediately terminates if you fail to install any update. No more holding out on those hobble-ware downgrades masquerading as updates.
5. Sony-BMG can install and use backdoors in the copy protection software or media player to “enforce their rights” against you, at any time, without notice. And Sony-BMG disclaims any liability if this “self help” crashes your computer, exposes you to security risks, or any other harm.
6. The EULA says Sony-BMG will never be liable to you for more than $5.00. That’s right, no matter what happens, you can’t even get back what you paid for the CD.
7. If you file for bankruptcy, you have to delete all the music on your computer. Seriously.
8. You have no right to transfer the music on your computer, even along with the original CD.
9. Forget about using the music as a soundtrack for your latest family photo slideshow, or mash-ups, or sampling. The EULA forbids changing, altering, or make derivative works from the music on your computer.

Nice touch guys! [via]

Update 2 - (10/11/05) - The lawsuits are heading Sony-BMG’s way :-)