qB commented a few posts back that no one need worry about copy protection on music CDs because it was laughably easy to uninstall. Not if you play Sony CDs on Windows, it isn't. An astonishingly unpleasant story, found through Rafe and the Reg, shows that Sony CDs, when played in Windows, install a set of hidden programs (built by a British software house) using pretty advanced spyware techniques, which not only slow your computer down when they are running but completely destroy the system if uninstalled in the obvious way. The details are impenetrably techincal, but the moral is clear. Don't buy Sony CDs until this is removed.
Once again, I demand the right to protect my money the same way that they protect their music and with the same righ to render it useless if they do anything improper with it.
I see that Sony have announced the withdrawal of the XCP software. They will exchange CDs and provide a removal tool.
Posted by: Peter Owen on November 16, 2005 02:31 PMYep. But the new removal tool installs a fresh version of the software, which has an even more horrendous security hole in it. Not, I mean, one which makes Sony insecure, io the sense that you can easily copy your CDs to your ipod, but one which hands your computer over to any passing mafioso. See this page
from which comes the following paragraph:
Posted by: acb on November 16, 2005 02:41 PM... this represents a far greater security risk than even the original Sony rootkit. The consequences of the flaw are severe. It allows any web page you visit to download, install, and run any code it likes on your computer. Any web page can seize control of your computer; then it can do anything it likes. That's about as serious as a security flaw can get.