SONY ROOTKIT OFFICIALLY MAINSTREAM NEWS

Sony is having a bad month. They’re still trying to sweep the whole thing under the rug, but their malware has even hit the comics page.

If you haven’t been following this, here’s my note about the first report that some Sony audio CDs secretly installed a “rootkit” without disclosure – basically a virus that cloaked itself in an unsafe way by changing Windows behind your back and monitoring all CD activity, as well as reporting to Sony.

Sony stonewalled, then blustered, then released an uninstall tool that required strenuous efforts to obtain and that opened up new security holes. Finally it agreed to pull the twenty affected CDs off the market. Then it admitted that there were more like fifty titles – almost five million CDs shipped with the virus, more than two million sold. Now it’s got an exchange program going.

The whole mess called attention to a security flaw in the uninstall program for different DRM software used by Sony. It caused a few people to read the extraordinary conditions buried in Sony’s license agreement. Others noticed that the groundwork was present for similar restrictions aimed at Mac users. In a delicious bit of irony, the offending DRM software appears to itself violate the copyright requirements of software included in it.

Viruses were spotted in the wild that piggybacked on the Sony malware. Lawsuits were filed against Sony in California, New York, and Texas.

And most recently the RIAA president stated at a press conference that Sony had done nothing wrong. Just a silly misunderstanding about a software bug.

With any luck, copy protection – “DRM” – has been set back for years. Unfortunately, there’s a broader issue. We can no longer trust anyone to treat our computers with respect. It would not have been any more responsible for Sony to bring up a long license agreement with an OK button, even though technically it would have disclosed its intent. You probably think you should be able to control what happens on your computer, but here’s an article about all the companies that don’t agree. In addition to adware/spyware, the thing that most often slows computers down now is the array of startup programs installed by commercial software – checking for updates to Quicktime or RealPlayer or a dozen others every fifteen seconds, or nagging about registration, or running processes to speed up access to programs you don’t use, or a hundred other variations. You didn’t ask for them, but there they are.

I’m now approaching every interaction with paranoia – every Internet site is potentially an enemy to be watched with antispyware software, every new piece of software is potentially trying to install unwanted startup programs and peripheral crap. Sony abused our trust. How can we know what company will put its own interests above ours the next time?

This isn’t as much fun as it used to be.