WARNING: Some sony music CDs have spyware on them.

[Greg Avakian]

http://www.boingboing.net/2005/11/14/so ... er_te.html

Personally, I hated my Sony Viao because the system was so jammed with proprietary bullshit that it was unstable. I have lost a ton of music that I recorded with Sony's "sonic stage" and then gave away/sold. I lost the music when my system crashed -and even though I backed everything up, my re-installed Sony software wopuldn't recognize any of the music because it was "missing the copyright information".

[Toon Town Dave]

Old news for anyone following the tech sector.

Latest bits are:

- the DRM stuff once installed can be used by other malware to cloak itself
- A removal tool was available but was found to be exploitable
- MS announced they would include stuff in their upcoming anti-virus/anti-spyware product to prevent the Sony DRM from being installed.
- Sony recalled CDs with the offending DRM from store shelves but no recall for CDs already purchased by consumers.
- FSF (Free Software Foundation) found at least 5 functions from the lame encoder were used in the DRM without attributing proper credit to the author in violation of the terms of the LGPL software license. No word yet if legal action will be taken against the company that sold the DRM to Sony.

This fiasco reminds me just just how clueless Sony is WRT software. Their arrogant, hostile behavior toward their customers will mean I will avoid what few Sony products I may have considered purchasing.

[Lawrence]

FYI, below. It is really a black eye for Sony. The good part is that the backlash (both in terms of bad P.R. and litigation costs) will likely curb similar future surreptitious attempts to monitor file sharing.

A link to the list of affected CDs is below, which includes one CD each by Horace Silver, Gerry Mulligan, Billie Holiday, Sinatra. You might also beware of the "Bette Midler sings Peggy Lee" CD as well as Celine Dion's most recent release, which I know Julius must have by now.

As you may have already heard in the news, Sony BMG has recently distributed CDs of various artists which contain additional software, known as a spyware ( http://en.wikipedia.org/wiki/Spyware ). The specific spyware in this instance is known in the computer industry as a rootkit ( http://en.wikipedia.org/wiki/Rootkit ) and can expose the PC and its data (and the network/servers to which it may be attached) to potential harm by criminal hackers.

When one of these affected CD titles from Sony BMG is inserted into the CD-ROM computer, the rootkit is installed after the user agrees to a End User License Agreement (EULA) that appears on their screen --- and you must agree to the EULA before you are allowed to listen to the music. The rootkit that is installed is hidden from the user and is undetected, at this time, to most commercial antivirus and spyware detection software.

For a list of SONY music CDs that contain the hidden software, please visit: http://cp.sonybmg.com/xcp/english/titles.html

The following link will take you to the SONY CD exchange website, should you have purchased one of these titles: http://www.upsrow.com/sonybmg/

For any who might have had this software unknowlingly installed on your home PC or laptop, Sony will provide a separate piece of software which will uninstall the rootkit. To obtain this tool, please go to the following website, which you will need to check periodically until it is released:
http://cp.sonybmg.com/xcp/english/uninstall.html .

The Texas Attorney General's Office also filed a lawsuit against SONY BMG Music Entertainment yesterday related to this hidden software. Read more about it at:
http://www.oag.state.tx.us/oagNews/release.php?id=1266