[Videolib] Sony/BMG CDs

goberle (goberle@gmu.edu)
Wed, 16 Nov 2005 08:23:17 -0500

This is a multi-part message in MIME format.

--Boundary_(ID_MBJH2MobdeZ3PDPG7czFRQ)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

--Boundary_(ID_MBJH2MobdeZ3PDPG7czFRQ)
Content-type: multipart/alternative;
boundary="Boundary_(ID_cMTU+zsFNvNxKjfqTl1ztA)"

--Boundary_(ID_cMTU+zsFNvNxKjfqTl1ztA)
Content-type: text/plain; charset=ISO-8859-1; format=flowed
Content-transfer-encoding: 7BIT

Hello,
I know that this is the Video list but this might be of interest to
others that are charged with all "media" formats. This message was sent
to the MLA list. I have also attached a couple of links from Electronic
Frontier Foundation that talks about this issue.
George

-------- Original Message --------
> Subject: [ACAT] Sony/BMG CDs may harm your computer
> Date: Wed, 09 Nov 2005 11:48:40 -0600
> From: Sprochi, Amanda K. <sprochia@health.missouri.edu>
> Reply-To: AUTOCAT <AUTOCAT@LISTSERV.BUFFALO.EDU>, "Sprochi, Amanda
> K."
> <sprochia@health.missouri.edu>
> To: AUTOCAT@LISTSERV.BUFFALO.EDU
>
> I don't know if anyone has been following this, but for those of
> you who
> have collections with CDs, be aware that there is a potentially fatal
> problem with the new anti-piracy software that comes with new Song/BMG
> titles. These CDs come bundled with their own player, which has to be
> installed in order for the CD to run. This program then limits the
> numberof copies that can be made from the CD to three. However, in
> doing this it
> also installs a rootkit.
>
> Rootkits, according to Mark Russinovich, who writes a computer
> blog, are
> "cloaking technologies that hide files, Registry keys, and other
> systemobjects from diagnostic and security software, and they are
> usuallyemployed by malware attempting to keep their implementation
> hidden." What
> this rootkit does is actually rewrite parts of the code on your
> OS. Trying
> to delete these files may cripple your system, and may leave it
> vulnerableto other viruses and worms that capitalize on security
> weaknesses in the
> new code. It may also lead to the "Blue Screen of Death" and potential
> loss of data.
>
> Note that nowhere in the licensing agreement we all click without
> readingdoes it say that using the CD will alter your OS or rewrite
> yourcomputer's code. It is also very hard to get the uninstall
> program from
> Sony, and it doesn't seem to work very well if you do get it.
>
> The original problem was noted in Russovich's blog:
> http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-
> rights.html
>
>
> and its follow-up:
> http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-
> decloaking.html
>
>
> It has also been covered by several news outlets and on it
> security
> websites:
> http://www.enterpriseitplanet.com/security/news/article.php/3561181
>
> http://blogs.washingtonpost.com/securityfix/2005/11/hackers_raid_so_1.html
> (this has good links to other ariticles as well)
>
> Because libraries buy and circulate CD copies to mulitple users,
> you may
> want to take a look at the CDs in your collection and avoid these.
> Apartfrom the spyware and privacy aspects, this is potentially a
> huge security
> problem, and may actually cause Windows PCs to fail. Caveat emptor.
>
> Amanda Sprochi
> Health Sciences Cataloger
> J. Otto Lottes Health Sciences Library
> University of Missouri-Columbia
> Health Sciences Center
> One Hospital Drive
> Columbia, MO 65212
> (573) 882-0461
> sprochia@health.missouri.edu
>
> *************************************************************************

-- 
George D. Oberle III
Multi-Media Librarian and 
History Department Liaison Librarian

George Mason University Libraries 4400 University Dr. MSN 1A6 Fairfax, VA 22030 (703) 993-9012 goberle@gmu.edu

--Boundary_(ID_cMTU+zsFNvNxKjfqTl1ztA) Content-type: text/html; charset=ISO-8859-1 Content-transfer-encoding: 7BIT

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> Hello,
I know that this is the Video list but this might be of interest to others that are charged with all "media" formats. This message was sent to the MLA list. I have also attached a couple of links from Electronic Frontier Foundation that talks about this issue.
George

-------- Original Message --------
> Subject: [ACAT] Sony/BMG CDs may harm your computer
> Date: Wed, 09 Nov 2005 11:48:40 -0600
> From: Sprochi, Amanda K. <sprochia@health.missouri.edu>
> Reply-To: AUTOCAT <AUTOCAT@LISTSERV.BUFFALO.EDU>, "Sprochi, Amanda 
> K." 
> <sprochia@health.missouri.edu>
> To: AUTOCAT@LISTSERV.BUFFALO.EDU
> 
> I don't know if anyone has been following this, but for those of 
> you who
> have collections with CDs, be aware that there is a potentially fatal
> problem with the new anti-piracy software that comes with new Song/BMG
> titles. These CDs come bundled with their own player, which has to be
> installed in order for the CD to run. This program then limits the 
> numberof copies that can be made from the CD to three. However, in 
> doing this it
> also installs a rootkit.
> 
> Rootkits, according to Mark Russinovich, who writes a computer 
> blog, are
> "cloaking technologies that hide files, Registry keys, and other 
> systemobjects from diagnostic and security software, and they are 
> usuallyemployed by malware attempting to keep their implementation 
> hidden." What
> this rootkit does is actually rewrite parts of the code on your 
> OS. Trying
> to delete these files may cripple your system, and may leave it 
> vulnerableto other viruses and worms that capitalize on security 
> weaknesses in the
> new code. It may also lead to the "Blue Screen of Death" and potential
> loss of data.
> 
> Note that nowhere in the licensing agreement we all click without 
> readingdoes it say that using the CD will alter your OS or rewrite 
> yourcomputer's code. It is also very hard to get the uninstall 
> program from
> Sony, and it doesn't seem to work very well if you do get it.
> 
> The original problem was noted in Russovich's blog:
> http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-
> rights.html 
> 
> 
> and its follow-up:
> http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-
> decloaking.html 
> 
> 
> It has also been covered by several news outlets and on it 
> security 
> websites:
> http://www.enterpriseitplanet.com/security/news/article.php/3561181
> 
> http://blogs.washingtonpost.com/securityfix/2005/11/hackers_raid_so_1.html
> (this has good links to other ariticles as well)
> 
> Because libraries buy and circulate CD copies to mulitple users, 
> you may
> want to take a look at the CDs in your collection and avoid these. 
> Apartfrom the spyware and privacy aspects, this is potentially a 
> huge security
> problem, and may actually cause Windows PCs to fail. Caveat emptor.
> 
> Amanda Sprochi
> Health Sciences Cataloger
> J. Otto Lottes Health Sciences Library
> University of Missouri-Columbia
> Health Sciences Center
> One Hospital Drive
> Columbia, MO  65212
> (573) 882-0461
> sprochia@health.missouri.edu
> 
> *************************************************************************

-- 
George D. Oberle III
Multi-Media Librarian and 
History Department Liaison Librarian

George Mason University Libraries
4400 University Dr. MSN 1A6
Fairfax, VA 22030
(703) 993-9012
goberle@gmu.edu

--Boundary_(ID_cMTU+zsFNvNxKjfqTl1ztA)--

--Boundary_(ID_MBJH2MobdeZ3PDPG7czFRQ) Content-type: text/html; charset=ISO-8859-1; name="www.eff.org/IP/DRM/Sony-BMG/?f=open-letter-2005-11-14.html" Content-transfer-encoding: 8BIT Content-disposition: inline; filename="www.eff.org/IP/DRM/Sony-BMG/?f=open-letter-2005-11-14.html" Content-Base: "http://www.eff.org/IP/DRM/Sony-BMG/?f= open-letter-2005-11-14.html" Content-Location: "http://www.eff.org/IP/DRM/Sony-BMG/?f= open-letter-2005-11-14.html"

<!-- open-letter-2005-11-14.html --> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta http-equiv="content-style-type" content="text/css" /> <meta name="Description" content="Electronic Frontier Foundation is a nonprofit group working to protect your digital rights." /> <meta name="keywords" content="EFF,digital rights,freedom of speech,e-voting,DMCA,DRM,FTAA,UCITA,FOIA,intellectual property,censorship,copyright law,file-sharing,P2P,patents,RFID,spam,surveillance,PATRIOT Act,privacy" /> <meta name="author" content="Electronic Frontier Foundation" /> <meta name="distribution" content="global" />

<title>EFF: An Open Letter to Sony-BMG</title>

<!-- RSS feeds --> <link rel="alternate" type="application/rss+xml" title="EFF - Breaking News" href="http://www.eff.org/news/index.xml" /> <link rel="alternate" type="application/rss+xml" title="EFF - Monthly Events Calendar" href="http://www.eff.org/calendar/rss/rss.php?cal=events&rssview=month" /> <link rel="alternate" type="application/rss+xml" title="EFF - MiniLinks" href="http://www.eff.org/minilinks/index.xml" /> <link rel="alternate" type="application/rss+xml" title="EFF - Deep Links" href="http://www.eff.org/deeplinks/index.xml" /> <link rel="stylesheet" rev="stylesheet" href="/stylesheets/eff-fluid.css" media="screen" type="text/css" /> <style type="text/css">@import url(/stylesheets/eff-2box.css);</style> <style type="text/css">@import url(/stylesheets/nav.css);</style> <link rel="copyright" href="http://www.eff.org/copyright.php" /> <link rel="feedback" href="mailto:webmaster&#64;&#101;&#102;&#102;&#46;&#111;&#114;&#103;?subject=www.eff.org%20comments..." /> <link rel="shortcut icon" type="image/x-icon" href="http://www.eff.org/favicon.ico" />

<script language="javascript"> <!-- if (window != top) top.location.href = location.href; //--> </script>

</head>

<body> <div id="header"> <a href="/"><img id="logoimg" src="/images/header.png" alt="Electronic Frontier Foundation" width="562" height="71" border="0" /></a> <a href="/support/"><img src="/images/join.gif" width="202" height="71" class="join" border="0"></a> </div><div class="navcontainer">

<div class="tools"> <a href="/sitemap.php">Sitemap</a> | <a href="/calendar/">Calendar</a> </div> <ul class="nav"> <li><a href="/about/">About EFF</a></li><li><a href="/legal/cases/">Cases</a></li><li><a href="/news/">Press Room</a></li><li><a href="/deeplinks/">DeepLinks</a></li><li><a href="http://action.eff.org/">Action Center</a></li><li><a href="/support/">Join EFF</a></li> <li class="end"><a>&nbsp;</a></li> </ul> <div class="clr">&nbsp;</div> </div> <div class="navshad"></div><div id="bigdiv"> <table id="contentcontainer" cellpadding="0" cellspacing="0" border="0"> <tr><!-- conditional navbars -->

<td class="feature" valign="top">

<div id="crumb"> &gt; <a href="http://www.eff.org/">Home</a> &gt; <a href="/IP/">IP</a> &gt; <a href="/IP/DRM">DRM</a> &gt; <a href="/IP/DRM/Sony-BMG">Sony-BMG</a><span class="crumbspacer">&nbsp;</span> </div>

<div id="featuretext">

<h1>An Open Letter to Sony-BMG</h1>

<p> To: Andrew Lack, CEO of Sony-BMG<br /> Cc: Rolf Schmidt-Holtz, Chairman of the Board, Sony-BMG<br /> Cc: Howard Stringer, CEO of Sony Entertainment<br /> Cc: Gunter Thielen, CEO of Bertelsmann AG<br /> </p>

<p> Dear Mr. Lack, </p>

<p> The Electronic Frontier Foundation (EFF) has viewed with growing concern the revelations regarding the XCP Content Protection Software and the SunnComm MediaMax software that your company has chosen to include on at least two dozen of your music CD releases. We are also concerned by your company's limited response to the concerns of your customers and the computer security community. </p>

<p> As has been documented by independent researcher Mark Russinovich and many others, the XCP software appears to have been designed to have many of the qualities of a &quot;rootkit.&quot; It was written with the intent of concealing its presence and operation from the owner of the computer, and once installed, elements of the software run continuously -- even when no Sony-BMG music CD is in use. It provides no clear uninstallation option. Additionally, without notifying users, the software appears to contact a remote machine under your control. The MediaMax software is somewhat different, but similarly has no true uninstall option and an undisclosed ongoing communication from the usersí computer to SunnComm. </p>

<p> You must be aware that the discovery of this software has shocked and angered your customers. Software that deceives the owner of the computer it runs upon and opens that computer up to attacks by third parties may be expected to come from malicious cyber-attacks; it is certainly not expected nor acceptable to be distributed and sold to paying customers by a major music company. Accordingly, EFF welcomes your company's decision to temporarily halt manufacturing CDs with XCP and to reexamine &quot;all aspects&quot; of your &quot;content protection initiative.&quot; </p>

<p> But if you truly intend to undo the harm you have caused, your company should immediately and publicly commit to the following additional measures: </p>

<ul> <li> Recall all CDs that contain the XCP and SunnComm MediaMax technology. The recall must include removing all infected CDs from store shelves as well as halting all online sales of the affected merchandise. We understand from a recent New York Times article that well over 2 million infected CDs with the XCP technology are in the marketplace and have yet to be sold. </li>

<li> Remove from all current and future marketing materials statements like that on <a href="http://cp.sonybmg.com/xcp/english/updates.html">http://cp.sonybmg.com/xcp/english/updates.html</a> that say the cloaking software &quot;is not malicious and does not compromise security.&quot; </li>

<li> Widely publicize the potential security and other risks associated with the XCP and SunnComm MediaMax technology to allow the 2.1 million consumers who have already purchased the CDs to make informed decisions regarding their use of those CDs. The publicity campaign should include, at a minimum, issuing a public statement describing the risks and listing every Sony CD, DVD or other product that contains XCP or SunnComm MediaMax. The publicity campaign should be advertised in a manner reasonably calculated to reach all consumers who have purchased the products, in all markets where the CDs have been sold. </li>

<li> Cooperate fully with any interested manufacturer of anti-virus, anti-spyware, or similar computer security tools to facilitate the identification and complete removal of XCP and SunnComm MediaMax from the computers of those infected. In particular, Sony should publicly waive any claims it may have for investigation or removal of these tools under the Digital Millennium Copyright Act (DMCA) and any similar laws. </li>

<li> Offer to refund the purchase price of infected CDs or, at the consumerís election, provide a replacement CD that does not contain the XCP or SunnComm technology. For those consumers who choose to retain infected CDs, develop and make widely available a software update that will allow consumers to easily uninstall the technology without losing the ability to play the CD on their computers. In addition, consumers should not be required to reveal any personally identifying information to Sony in order to access the update, as Sony is currently requiring. </li>

<li> Compensate consumers for any damage to their computers caused by the infected products, including the time, effort, and expenditure required to remedy the damage or verify that their computer systems or networks were or were not altered or damaged by XCP or SunnComm MediaMax products. </li>

<li> Prior to releasing any future product containing DRM technology, thoroughly test the software to determine the existence of any security risks or other possible damages the technology might cause to any user's computer. </li>

<li> Certify in a statement included in the packaging of every CD containing DRM technology that the product does not contain any concealed software such as the XCP rootkit, does not electronically communicate with Sony-BMG or any other party, does not initiate the download of any software update or other data without informed consent of the consumer immediately prior to each communication, can be uninstalled without any need to contact Sony or disclose personally identifying information to anyone, does not present any security risks to any consumer's computer, and will not damage or reduce the performance of the consumer's computer or data in any way. </li>

</ul>

<p> We look forward to hearing that you are in the process of implementing these measures by 9:00am PST on Friday, November 18, 2005. </p>

<p> Sincerely, </p>

<p> Electronic Frontier Foundation </p>

</div>

</div> </td>

<!-- begin right sidebar module --> <!-- this is a .tpl in case we want to add conditional smarty statements later on --> <td class="sidebar" valign="top"> <div class="contentsidebar"> <span class="search"> <form style="margin-top:0px;margin-bottom:0px;" name="search1" method="get" action="http://www.google.com/custom"> <input type="hidden" name="num" value="50" /> <input type="hidden" name="cof" value="S:http://www.eff.org;VLC:#660000;AH:center;BGC:#FFFFFF;LH:71;LC:#990000;L:http://www.eff.org/images/eff-logo-google.png;ALC:#CC0000;LW:465;T:#000000;AWFID:512b5888f0e2e088;" /> <input type="hidden" name="domains" value="www.eff.org" /> <input type="hidden" name="sitesearch" value="www.eff.org" /> <input type="text" name="q" size="18" maxlength="255" value="Enter search terms" onClick="this.value = ''" /> <input type="submit" class="submit" value="Search EFF" name="sa" /> </form> </span> <div class="clr"> </div> </div>

<div class="contentsidebar"> <h1>Contents</h1> <p> <a href="/press/">EFF in the News</a><br /> <a href="/minilinks/">miniLinks</a><br /> <a href="/awards/pioneer/">Pioneer Awards</a><br /> <a href="/legal/victories/">EFF Victories</a><br /> <a href="/wp/">EFF White Papers</a><br /> </p> </div>

<div class="contentsidebar"> <h1><a href="/effector/">EFFector</a></h1> <!-- form posts to convio --> <form name="survey_1280" id="survey_1280" method="POST" action="http://action.eff.org/site/Survey?JServSessionIdr001=qz62pgrb71.app6a"> <input type="hidden" name="1409_1280_1_1320" id="1409_1280_1_1320_1" value="1041" /> <p> <b>Subscribe to EFFector!</b><br /> [our free email newsletter] <br /><br /> <input type="hidden" name="cons_info_component" id="cons_info_component" value="t" />

<label for="cons_email">Email:</label><br /> <input type="text" name="cons_email" id="cons_email" value="" size="15" maxlength="255" onfocus="select()" /> <br /><br /> Zip / Postal Code <span style="font-size:10px;">(<i>optional</i>)</span><br> <input type="text" name="cons_zip_code" id="cons_zip_code" value="" size="7" maxlength="40" onfocus="select()" /> <br /><br /> <input type="submit" class="submit" name="ACTION_SUBMIT_SURVEY_RESPONSE" id="ACTION_SUBMIT_SURVEY_RESPONSE" value="Subscribe!" class="Button" />

<input type="hidden" name="SURVEY_ID" id="SURVEY_ID" value="1280" /> <input type="hidden" name="USER_HAS_TAKEN" id="USER_HAS_TAKEN" value="null" /> <input type="hidden" name="SURVEY_IGNORE_ERRORS" id="SURVEY_IGNORE_ERRORS" value="TRUE" />

<input type="hidden" name="ERRORURL" id="ERRORURL" value="http://eff.org/effector/signup-error.php" /> </form> </p><br /> <p align="right" style="margin-bottom: -10px;"><a href="/effector/">&raquo; EFFector Archive</a></p> </div>

<div class="contentsidebar"> <h1>Topics</h1> <p> <a href="/Privacy/Anonymity/">Anonymity</a><br /> <a href="/Privacy/Surveillance/biometrics">Biometrics</a><br /> <a href="/bloggers/">Bloggers' Rights</a><br /> <a href="/IP/Video/HDTV/">Broadcast Flag</a><br /> <a href="/Privacy/Surveillance/CALEA/">CALEA</a><br /> <a href="/Privacy/cappsii/">CAPPS II</a><br /> <a href="/Censorship/">Censorship</a><br /> <a href="/IP/">Copyright Law</a><br /> <a href="/IP/DRM/">Digital Rights Management</a><br /> <a href="/IP/DMCA/">DMCA</a><br /> <a href="/Infrastructure/DNS_control">Domain names</a><br /> <a href="/Activism/E-voting/">E-voting</a><br /> <a href="/share/">File-sharing</a><br /> <a href="/Censorship/Censorware/">Filtering</a><br /> <a href="/IP/FTAA/">FTAA</a><br /> <a href="/IP/">Intellectual Property</a><br /> <a href="/IP/WIPO/">International</a><br /> <a href="/Infrastructure/DNS_control/ICANN_IANA_IAHC/">Internet governance</a><br /> <a href="/legal/ISP_liability/">ISP legalities</a><br /> <a href="/IP/UCITA_UCC2B/">Licensing/UCITA</a><br /> <a href="/IP/Linking/">Linking</a><br /> <a href="/patent/">Patents</a><br /> <a href="http://action.eff.org">Pending legislation</a><br /> <a href="/Privacy/">Privacy</a><br /> <a href="/Activism/FOIA/">Public records/FOIA</a><br /> <a href="/IP/Emulation/">Reverse engineering</a><br /> <a href="/Privacy/Surveillance/RFID/">RFID</a><br /> <a href="/spam/">Spam</a><br /> <a href="/State_and_local/">States</a><br /> <a href="/Privacy/Surveillance/">Surveillance</a><br /> <a href="/patriot/">USA PATRIOT Act</a><br /> <a href="/Infrastructure/Wireless_cellular_radio/">Wireless</a><br /> <a href="/IP/WIPO/">WIPO</a> </p> </div> <div class="contentsidebarlast"> <h1><a href="/spanish/">EFF en Espa&ntilde;ol</h1> <p> <a href="/spanish/"> Recursos e informaci&oacute;n de EFF en Espa&ntilde;ol </a>

</a> </p> </div> </td> <!-- end right sidebar module --> <!-- <rdf:RDF xmlns="http://web.resource.org/cc/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <Work rdf:about=""> <license rdf:resource="http://creativecommons.org/licenses/by-nc/1.0/" /> </Work> -->

<License rdf:about="http://creativecommons.org/licenses/by-nc/1.0/"> <requires rdf:resource="http://web.resource.org/cc/Attribution" /> <permits rdf:resource="http://web.resource.org/cc/Reproduction" /> <permits rdf:resource="http://web.resource.org/cc/Distribution" /> <permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" /> <prohibits rdf:resource="http://web.resource.org/cc/CommercialUse" /> <requires rdf:resource="http://web.resource.org/cc/Notice" /> </License>

</rdf:RDF>

<!-- footer --> </tr> </table> </div> <br clear="all" /> <div id="footer"> <a href="/">HOME</a> | <a href="/legal/cases/">CASES</a> | <a href="http://action.eff.org/">ACTION CENTER</a> | <a href="/news/">PRESS ROOM</a> | <a href="/about/">ABOUT THE EFF</a> | <a href="https://secure.eff.org/">DONATE</a> | <a href="/opportunities/" class="footerlink">VOLUNTEER</a> | <a href="/policy/">PRIVACY POLICY</a> </div>

</body> <!-- end footer -->

--Boundary_(ID_MBJH2MobdeZ3PDPG7czFRQ) Content-type: text/html; charset=ISO-8859-1; name="www.eff.org/deeplinks/archives/004144.php" Content-transfer-encoding: 7BIT Content-disposition: inline; filename="www.eff.org/deeplinks/archives/004144.php" Content-Base: "http://www.eff.org/deeplinks/archives/ 004144.php" Content-Location: "http://www.eff.org/deeplinks/archives/ 004144.php"

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta http-equiv="content-style-type" content="text/css" /> <meta name="Description" content="Electronic Frontier Foundation is a nonprofit group working to protect your digital rights." /> <meta name="keywords" content="EFF,digital rights,freedom of speech,e-voting,DMCA,DRM,FTAA,UCITA,FOIA,intellectual property,censorship,copyright law,file-sharing,P2P,patents,RFID,spam,surveillance,PATRIOT Act,privacy" /> <meta name="author" content="Electronic Frontier Foundation" /> <meta name="distribution" content="global" />

<title>EFF: DeepLinks</title>

<!-- RSS feeds --> <link rel="alternate" type="application/rss+xml" title="EFF - Breaking News" href="http://www.eff.org/news/index.xml" /> <link rel="alternate" type="application/rss+xml" title="EFF - Monthly Events Calendar" href="http://www.eff.org/calendar/rss/rss.php?cal=events&rssview=month" /> <link rel="alternate" type="application/rss+xml" title="EFF - MiniLinks" href="http://www.eff.org/minilinks/index.xml" /> <link rel="alternate" type="application/rss+xml" title="EFF - Deep Links" href="http://www.eff.org/deeplinks/index.xml" /> <link rel="stylesheet" rev="stylesheet" href="/stylesheets/eff-fluid.css" media="screen" type="text/css" /> <style type="text/css">@import url(/stylesheets/eff-2box.css);</style> <style type="text/css">@import url(/stylesheets/nav.css);</style> <link rel="copyright" href="http://www.eff.org/copyright.php" /> <link rel="feedback" href="mailto:webmaster&#64;&#101;&#102;&#102;&#46;&#111;&#114;&#103;?subject=www.eff.org%20comments..." /> <link rel="shortcut icon" type="image/x-icon" href="http://www.eff.org/favicon.ico" />

<script language="javascript"> <!-- if (window != top) top.location.href = location.href; //--> </script>

</head>

<body> <div id="header"> <a href="/"><img id="logoimg" src="/images/header.png" alt="Electronic Frontier Foundation" width="562" height="71" border="0" /></a> <a href="/support/"><img src="/images/join.gif" width="202" height="71" class="join" border="0"></a> </div><div class="navcontainer">

<div class="tools"> <a href="/sitemap.php">Sitemap</a> | <a href="/calendar/">Calendar</a> </div> <ul class="nav"> <li><a href="/about/">About EFF</a></li><li><a href="/legal/cases/">Cases</a></li><li><a href="/news/">Press Room</a></li><li><a href="/deeplinks/" class="on">DeepLinks</a></li><li><a href="http://action.eff.org/">Action Center</a></li><li><a href="/support/">Join EFF</a></li> <li class="end"><a>&nbsp;</a></li> </ul> <div class="clr">&nbsp;</div> </div> <div class="navshad"></div><div id="bigdiv"> <table id="contentcontainer" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="feature" valign="top">

<div id="featuretext"> <br /> <a href="http://www.eff.org/deeplinks/"><img src="/images/blogs/dl_logo.png" alt="Deep Links" width="281" height="40" border="0" /></a><br />

<div id="menu"> <a href="http://www.eff.org/deeplinks/archives/004139.php">&laquo; Law Clinic Power: Homedepotsucks.com keeps domain</a> |

<a href="http://www.eff.org/deeplinks/">Main</a> | <a href="http://www.eff.org/deeplinks/archives/004145.php">Now the Legalese Rootkit: Sony-BMG's EULA &raquo;</a>

</div>

<h2 class="pagetitle">Are You Infected by Sony-BMG's Rootkit?</h2>

<div id="blog"> <h2 class="date">November 09, 2005</h2>

<div class="blogbody"> <p>As we've <a href="http://www.eff.org/deeplinks/archives/004138.php">mentioned</a> <a href="http://www.eff.org/deeplinks/archives/004117.php">before</a>, Sony-BMG has been using copy-protection technology called XCP in its recent CDs. You insert your CD into your Windows PC, click "agree" in the pop up window, and the CD automatically installs software that uses rootkit techniques to cloak itself from you. Sony-BMG has released a <a href="http://www.freedom-to-tinker.com/?p=921">"patch"</a> that supposedly "uncloaks" the XCP software, but it creates <a href="http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html">new problems</a>. </p>

<p>But how do you know whether you've been infected? It turns out Sony-BMG has deployed XCP on a number of titles, in variety of musical genres, on several of its wholly-owned labels. </p>

<p>EFF has confirmed the presence of XCP on the following titles (each has a data session, easily read on a Macintosh, that includes a file called "VERSION.DAT" that announces what version of XCP it is using). If you have one of these CDs, and you have a Windows PC (Macs are totally immune, as usual), you may have caught the XCP bug. </p>

<p>Trey Anastasio, <i>Shine</i> (Columbia)<br /> Celine Dion, <i>On ne Change Pas</i> (Epic)<br /> Neil Diamond, <i>12 Songs</i> (Columbia)<br /> Our Lady Peace, <i>Healthy in Paranoid Times</i> (Columbia)<br /> Chris Botti, <i>To Love Again</i> (Columbia)<br /> Van Zant, <i>Get Right with the Man</i> (Columbia)<br /> Switchfoot, <i>Nothing is Sound</i> (Columbia)<br /> The Coral, <i>The Invisible Invasion</i> (Columbia)<br /> Acceptance, <i>Phantoms</i> (Columbia)<br /> Susie Suh, <i>Susie Suh</i> (Epic)<br /> Amerie, <i>Touch</i> (Columbia)<br /> Life of Agony, <i>Broken Valley</i> (Epic)<br /> Horace Silver Quintet, <i>Silver's Blue</i> (Epic Legacy)<br /> Gerry Mulligan, <i>Jeru</i> (Columbia Legacy)<br /> Dexter Gordon, <i>Manhattan Symphonie</i> (Columbia Legacy)<br /> The Bad Plus, <i>Suspicious Activity</i> (Columbia)<br /> The Dead 60s, <i>The Dead 60s</i> (Epic)<br /> Dion, <i>The Essential Dion</i> (Columbia Legacy)<br /> Natasha Bedingfield, <i>Unwritten</i> (Epic)<br /> Ricky Martin, <i>Life</i> (Columbia) (labeled as XCP, but, oddly, our disc had no protection)</p>

<p>Several other Sony-BMG CDs are protected with a different copy-protection technology, sourced from SunnComm, including:</p>

<p>My Morning Jacket, <i>Z</i><br /> Santana, <i>All That I Am</i><br /> Sarah McLachlan, <i>Bloom Remix Album</i></p>

<p>This is not a complete list. So how do you recognize other XCP-laden CDs in the wild? </p>

<p>Tip-off #1: on the front of the CD, at the left-most edge, in the transparent "spine", you'll see "CONTENT PROTECTED" along with the IFPI copy-protection logo. A few <a href="http://www.eff.org/IP/DRM/Sony-BMG/">photos</a> make this clearer.</p>

<p><a href="http://www.eff.org/IP/DRM/Sony-BMG/" rel="tag"><img src="http://www.eff.org/IP/DRM/Sony-BMG/TreyFrontEnlarge_25.jpg" alt="XCP Spine Label" width="200" height="150" border="0" align="center" title="XCP Spine Label"></a></p>

<p>Tip-off #2: on the back of the CD, on the bottom or right side, there will be a "Compatible with" disclosure box. Along with compatibility information, the box also includes a URL where you can get help. The URL has a telltale admission buried in it: cp.sonybmg.com/xcp. That lets you know that XCP is on this disc (discs protected with SunnComm have a different URL that includes "sunncomm"). </p>

<p><a href="http://www.eff.org/IP/DRM/Sony-BMG/" rel="tag"><img src="http://www.eff.org/IP/DRM/Sony-BMG/TreyBackEnlarge_25.jpg" alt="XCP Label" width="300" height="120" border="0" align="center" title="XCP Label"></a></p>

<p>If you haven't been infected yet, to protect yourself from XCP in the future, <a href="http://www3.ca.com/securityadvisor/pest/collateral.aspx?cid=76351">disable "autorun"</a> on your Windows PC. Once you have done so, however, these CDs may not be accessible under Windows unless you have specialized ripping software installed; these CDs are encoded in a way that intentionally confuses standard Windows CD drivers. For a smarter audio grabber for Windows, you may want to consider using <a href="http://www.exactaudiocopy.de/">Exact Audio Copy</a>, which reportedly can read these CDs if you have turned off autorun and avoided infection by XCP.</p>

<br />

<div class="posted">Posted by Fred von Lohmann at 12:43 AM | <a href="http://www.eff.org/deeplinks/archives/004144.php">Permalink</a> | <a href="http://www.technorati.com/cosmos/links.html?sub=anywheren1&url=http://www.eff.org/deeplinks/archives/004144.php">Technorati</a> </div> </div><!--blogbody-->

</div><!--blog--> </div><!--content--> </div><!--content-wrap-->

<!--FF_IGNORE--> <td class="sidebar" valign="top"> <div class="contentsidebar"> <h1>Search DeepLinks</h1> <span class="search"> <form method="get" action="/cgi/mt/mt-search.cgi"> <input type="hidden" name="IncludeBlogs" value="16" /> <input id="search" name="search" size="20" /><br /> <input type="submit" class="submit" value="Search DeepLinks"> </form> </span> <div class="clr"> </div> </div>

<div class="contentsidebar"> <h1>Archives</h1> <p> <a href="http://www.eff.org/deeplinks/archives/2005_11.php">November 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2005_10.php">October 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2005_09.php">September 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2005_08.php">August 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2005_07.php">July 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2005_06.php">June 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2005_05.php">May 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2005_04.php">April 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2005_03.php">March 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2005_02.php">February 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2005_01.php">January 2005</a><br /> <a href="http://www.eff.org/deeplinks/archives/2004_12.php">December 2004</a><br /> <a href="http://www.eff.org/deeplinks/archives/2004_11.php">November 2004</a><br /> <a href="http://www.eff.org/deeplinks/archives/2004_10.php">October 2004</a><br /> <a href="http://www.eff.org/deeplinks/archives/2004_09.php">September 2004</a><br /> <a href="http://www.eff.org/deeplinks/archives/2004_08.php">August 2004</a><br /> <a href="http://www.eff.org/deeplinks/archives/2004_07.php">July 2004</a><br /> <a href="http://www.eff.org/deeplinks/archives/2004_06.php">June 2004</a><br /> <a href="http://www.eff.org/deeplinks/archives/2004_05.php">May 2004</a><br /> <a href="http://www.eff.org/deeplinks/archives/2004_04.php">April 2004</a><br /> <a href="http://www.eff.org/deeplinks/archives/2004_03.php">March 2004</a><br />

</p> </div>

<div class="contentsidebar"> <h1>DeepLinks Topics</h1> <p> <a href="http://www.eff.org/deeplinks/archives/cat_announcements.php">Announcements</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_calea.php">CALEA</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_digital_television.php">Digital Television</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_evoting.php">E-voting</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_evoting_lobby_days.php">E-voting Lobby Days</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_eff15.php">EFF15</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_file_sharing.php">File sharing</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_free_speech.php">Free Speech</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_intellectual_property.php">Intellectual Property</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_misc.php">Misc.</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_patents.php">Patents</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_privacy.php">Privacy</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_standardsarchitecture.php">Standards/Architecture</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_trusted_computing.php">Trusted Computing</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_usa_patriot.php">USA PATRIOT</a><br /> <a href="http://www.eff.org/deeplinks/archives/cat_wipo.php">WIPO</a><br />

</p> </div>

<div class="contentsidebar"> <h1>Get Email</h1> <p> Enter your email address to get posts by email: <form method="post" action="/cgi/mt/mt-add-notify.cgi"> <input type="hidden" name="blog_id" value="16" /> <input type="hidden" name="_redirect" value="http://www.eff.org/deeplinks/" /> <input name="email" size="20" /><br /> <input class="submit" type="submit" value="Submit" /> </form> </div>

<div class="contentsidebar"> <h1>RSS Feeds</h1> <p> <a href="http://www.eff.org/deeplinks/index.rdf"><img src="/images/blogs/rss1_button.gif" width="80" height="15" border="0" alt="RSS 1.0 Feed"></a> <a href="http://www.eff.org/deeplinks/index.xml"><img src="/images/blogs/rss2_button.gif" width="80" height="15" border="0" alt="RSS 1.0 Feed"></a> </p> </div> <div class="contentsidebarlast">

<a href="/minilinks/"><img src="/images/blogs/minilinks_small.png" height="18" width="76" alt="miniLinks" border="0" /></a><br /><br /></div>

<?php include("/www/www.eff.org/docs/minilinks/minilinks.inc"); ?> <!--</div>--><!--miniblog--> </div>

<!--FF_END_IGNORE-->

</div> </td>

<!-- <rdf:RDF xmlns="http://web.resource.org/cc/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <Work rdf:about=""> <license rdf:resource="http://creativecommons.org/licenses/by-nc/1.0/" /> </Work> -->

<License rdf:about="http://creativecommons.org/licenses/by-nc/1.0/"> <requires rdf:resource="http://web.resource.org/cc/Attribution" /> <permits rdf:resource="http://web.resource.org/cc/Reproduction" /> <permits rdf:resource="http://web.resource.org/cc/Distribution" /> <permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" /> <prohibits rdf:resource="http://web.resource.org/cc/CommercialUse" /> <requires rdf:resource="http://web.resource.org/cc/Notice" /> </License>

</rdf:RDF>

<!-- footer --> </tr> </table> </div> <br clear="all" /> <div id="footer"> <a href="/">HOME</a> | <a href="/legal/cases/">CASES</a> | <a href="http://action.eff.org/">ACTION CENTER</a> | <a href="/news/">PRESS ROOM</a> | <a href="/about/">ABOUT THE EFF</a> | <a href="https://secure.eff.org/">DONATE</a> | <a href="/opportunities/" class="footerlink">VOLUNTEER</a> | <a href="/policy/">PRIVACY POLICY</a> </div>

</body> <!-- end footer -->

--Boundary_(ID_MBJH2MobdeZ3PDPG7czFRQ) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit

_______________________________________________ Videolib mailing list Videolib@library.berkeley.edu http://www.lib.berkeley.edu/mailman/listinfo/videolib

--Boundary_(ID_MBJH2MobdeZ3PDPG7czFRQ)--