- Related Stories
-
Attack targets Sony 'rootkit' fix
November 16, 2005 -
Sony CD protection sparks security concerns
November 1, 2005 -
iPod undermines Microsoft on copy-locked CDs
July 12, 2004
This security flaw dealt with different technology than that which has sparked controversy for nearly three weeks, however.
Recent criticism has focused on Sony's release of discs containing copy-protection software created by British company First 4 Internet, which opened listener's computers to hackers' attack. The latest risk is from an uninstaller program distributed by SunnComm Technologies, a company that provides copy protection on other Sony BMG releases.
Sony said in a statement Friday that SunnComm had removed the uninstall program from the Web, and was in the process of contacting 223 consumers who had downloaded it while it was available.
The security hole in the uninstall program was similar to one discovered with First 4 Internet's uninstall program several days ago.
In each case, Princeton University computer science professor Edward Felten and researcher Alex Halderman found that the uninstall programs responded to commands from their creators' Web sites, but would also respond to malicious instructions from other Web sites.
In its statement, Sony said that SunnComm was developing a new uninstall program for its copy-protection software, and that Felten had agreed to review it before it was posted online.
The SunnComm security risk discovered by Felten and Halderman is limited to the uninstall program, which was distributed separately from the CDs themselves.
See more CNET content tagged:
SunnComm Technologies, First 4 Internet Ltd., copy protection, Sony BMG Music Entertainment, uninstall




POCs are already in the wild. That's the difference.
How do I remove it?
What confuses me is that Sony's malicious efforts appear to have been directed at law abiding consumers that has paid for their CDs.
Why would they do that?
AND a new PR firm!
They've botched this whole thing about as
badly as possible....
http://work-out.blogspot.com/
Sony's gotta go!
If it's Sony, then I'm sorry, but I won't buy it.
After purchasing a MiniDisc player ages ago - surprise - there was Magic Gate, offering to "protect" ME.
From what? I don't own or condone the use of Mini Disc players anymore. The questionable and slow software that Sony forces on people cripples any appeal they once had.
Now, a year or two down the road, after going anti-sony, I'm not surprised about any of this. This is just the classic behaviour I've come to expect from them.
Get smart and stop purchasing Sony products. There are much better alternatives out there for so many good reasons.
sites, but would also respond to malicious instructions from
other Web sites."
So this is pretty much the topic? It's been my understanding that
this kind of thing has been around for a long time. You forgot to
mention that the commands sent by the website are
preprogramed and so the security risk only exist if those
commands did something potentially harmful to the computer
or it's user. Otherwise it could be as basic as the "mailto:" link
protocol in a browser, which generally opens the computer's
default mail program with a new message addressed to the
email address after the "mailto:" potocol.
Their audio products lack user-friendliness because of the DRM software they use. All their electronics have proprietary parts, and they hate technical users of their products... Their customer service and driver support is good for nothing because new products are always cheaper than repairs and drivers do not work.
On top of that, they are hiding their horrible financial standing.
I give them 2 years to burn through their cash..
- Sink SONY!
- by heystoopid April 25, 2008 5:30 PM PDT
- Time has come to sink SONY, in a sea of class action law suits for consumer restitution for this malware/trojan(current and future incantations of this virus transmitted software)/including illegal use of open source software/recording artists if forced to pay restitution from all royalty payments for the replacement consumer cd's on issue/restitution to all users forced to disinfect and remove rootkit from all computers, with hardrive wipe, clean and reinstall of uninfected OS!/legal action from FTC for false advertising and deliberate breach of business and ethics regulations(all) and from the redoubtable NEW YORK AG Eliot Spitzer for 568,000 cases of illegal felony trespass of personal and federal property! Finally , a total consumer boycott of all that is SONY! Me, I will never trust SONY to do the right thing ever, for once bitten twice shy!
- Reply to this comment
-
(17 Comments)