EFF posts open letter to Sony on rootkit and MediaMax DRM

By
Crabbyappleton
-

cdfree used our news submit to tell us that the EFF has gone public with it's concerns over the aggressive DRM tactics that Sony has been employing, including the infamous rootkit and the controversial MediaMax technology from SunnComm. They go so far as to demand a recall of the products from the marketplace and go further by stating why this should be done. Below, you can read a portion of the letter that can be read in it's entirety at EFF.org.

Dear Mr. Lack,

The Electronic Frontier Foundation (EFF) has viewed with growing concern the revelations regarding the XCP Content Protection Software and the SunnComm MediaMax software that your company has chosen to include on at least two dozen of your music CD releases. We are also concerned by your company's limited response to the concerns of your customers and the computer security community.

As has been documented by independent researcher Mark Russinovich and many others, the XCP software appears to have been designed to have many of the qualities of a "rootkit." It was written with the intent of concealing its presence and operation from the owner of the computer, and once installed, elements of the software run continuously -- even when no Sony-BMG music CD is in use. It provides no clear uninstallation option. Additionally, without notifying users, the software appears to contact a remote machine under your control. The MediaMax software is somewhat different, but similarly has no true uninstall option and an undisclosed ongoing communication from the users? computer to SunnComm.

You must be aware that the discovery of this software has shocked and angered your customers. Software that deceives the owner of the computer it runs upon and opens that computer up to attacks by third parties may be expected to come from malicious cyber-attacks; it is certainly not expected nor acceptable to be distributed and sold to paying customers by a major music company. Accordingly, EFF welcomes your company's decision to temporarily halt manufacturing CDs with XCP and to reexamine "all aspects" of your "content protection initiative."

But if you truly intend to undo the harm you have caused, your company should immediately and publicly commit to the following additional measures:

  • Recall all CDs that contain the XCP and SunnComm MediaMax technology. The recall must include removing all infected CDs from store shelves as well as halting all online sales of the affected merchandise. We understand from a recent New York Times article that well over 2 million infected CDs with the XCP technology are in the marketplace and have yet to be sold.

end of partial quote

My word, 2 million of these CD's are still on the
shelves! Let's hope this letter receives a public response soon. Make sure to read the rest of the notice at the EFF website and let's hope pressure such as this from the Internet and it's many organizations, can force Sony to pull these products from the shelves.

Source: EFF

RELATED ARTICLESMORE FROM AUTHOR

No posts to display