RSSLawsuit Fights Back Against Sony DRM
By Nate Mook | Published November 10, 2005, 10:07 AM
Sony BMG's CD anti-piracy technology that sparked an outcry for its rootkit-like tactics has now entered the court system. A class-action lawsuit was filed on November 1 in California by consumers who say their computers were harmed by the hidden software, and a second suit was to be filed this week in New York.
The groups claim that Sony's digital rights management, which attempts to stop computer users from copying a CD's audio tracks to a hard drive, is invasive and damaging to computer systems. Sony employed technology from First 4 Internet that uses low-level Windows commands to hide the DRM and prevent its removal.
SysInternals' Mark Russinovich first reported on the software after his company's security tool recognized a "rootkit" on his machine. Rootkits are malicious applications that hide deep within an operating system to perform tasks without a user's knowledge. The technology can be used to cloak viruses and worms, or in this case, DRM.
Russinovich's report spread like wildfire across the Net and was quickly picked up by mainstream media. Sony responded with a statement claiming it no longer used the technology and offered instructions for customers explaining how to remove the hidden software from their PCs.
National Public Radio even covered the fiasco and interviewed Sony BMG's Global Digital Business President Thomas Hesse. But instead of apologizing for the snafu, Hesse only fueled the flames by commenting: "Most people, I think, don't even know what a rootkit is, so why should they care about it?"
The California lawsuit, filed in Superior Court for the County of Los Angeles by attorney Alan Himmelfarb, is asking the court to prevent Sony from using the technique in future CDs and requesting monetary compensation for all customers who purchased CDs containing the DRM rootkit.
Specifically, the suit claims that Sony has violated two California statutes designed to protect consumers from unfair and deceptive business practices, along with another law prohibiting the installation of spyware on an end-user's PC.
In a follow-up report, Russinovich discovered that Sony's DRM "phones home" to Sony's Web site. First 4 Internet responded saying, "No information is ever fed back or collected about the consumer or their activities." But Russinovich notes that, "Sony can make a record of each time their player is used to play a CD, which CD is played, and what computer is playing the CD."
Russinovich also discovered that the DRM software is poorly written and could cause system crashes -- often referred to as a Blue Screen of Death -- on Windows. "This flaw highlights my message that rootkits create reliability risks in addition to security risks," he said.
United States customers aren't the only ones upset with the situation. Italian digital rights advocacy group ALCEI-EFI has asked the Italian government to investigate Sony's actions.
Sony BMG is not commenting on the lawsuits.
This Sony software has caused a major virus on my computer. Does anyone know how I can get the Sony root off my computer? My e-mail is GangiPLG@aol.com. Thanks, Phil Gangi
Score: 0
|Where do I find out about a class action lawsuit? I had just ripped the new Carlos Santana CD to my computer when it crashed and I lost everything on it and had to get a new hard drive.
Score: 0
|I think it's about time to hit Sony (and others that resort to these Gestapo-like tactics) where it hurts; in the profit margin. I for one will not be buying anything that Sony has a part of, be it music, video or motion pictures, or hardware of any kind. Plus, I hope that there are many, many more lawsuits filed against them. I also hope that their artists that are tied up in contracts they can't void with Sony also sue their *** off too. After all, these tactics of Sony's are giving the artist's under contract to them a bad name too. The more money this costs Sony and by boycotting their products, the less revenue they have coming in, the more likely it will be that Sony and other companies think twice about doing stunts like this in the future.
Score: 0
|I'm proud that this lawsuit is originating from my crazy state of California. I had just decided that most people here *liked* getting screwed by big business and big government.
Score: 0
|This story gets better and better. The Sony software is revealed as not only malware but spyware too, and now Russinovich tells us the software was so badly written it can cause the legendary BSOD. Someone must surely take a fall for this fiasco.
First 4 Internet needs to take a look at its business ethics in developing this dubious software for Sony.
Russinovich should receive the freedom of the city - any city he likes - for his work. Without people like him, who knows how long this scam would have gone undetected?
One other thing... have the bands whose CDs were "protected" by this junk commented? Or have they been told to keep quiet?
Score: 0
|That's a good question. If i was one of those bands though, i would be beyond angry. I've read some of the comments from purchasers of some of the CD's that were affected on amazon.com. All i could think of was, if i was on of the artists, i would be seriously looking into any possible ways of voiding my contract with SONY.
Score: 0
|Switchfoot not only denounced Sony's DRM, but they also posted instructions on how to remove it on their (yahoo?) forum. Mysteriously, that post and the Google cache of it disappeared in a couple of days.
I didn't actually see the info, but links to the no longer existant pages were posted on another forum.
Apparently, the answer to both of your questions is "yes".
Score: 0
|LOL.
I emailed them and said, "This really bothers me, I find you offensive" and he replied back, "I find you offensive, for finding me offensive, hense this rootkit infection."
Next thing I know, my cd drive doesn't work and I'm reminded of the friendly BSOD I was missing soo much from Windows 98.
Score: 0
|"rootkit-like tactics"
Should read "Rootkit"
Nothing "like" about it.
Call a duck a duck, man.
Wouldn't want folks to mistakenly believe Sony is bundling rootkit-like programs. They're not. They're bundling rootkits.
Sounds almost like something Sony would say to downplay the seriousness of this. "Oh, it's just rootkit-like."
Yeah. Sure.
Score: 0
|This will teach other recording companies some valuable lessons. The more news coverage the better.
DRM sucks.
Score: 0
|You know what Sony needs?
JAIL TIME.
Some schmuck on the net released a root kit he would be locked away for life.
Same should be said for every member of this problems approval process and implementation team.
Score: 0
|It's hard to put an entire company in jail lol
"Some schmuck on the net released a root kit he would be locked away for life."
Actually, if one person wrote a root kit, he would get a few years in prison, and then 6-figure job offers from every major PC security company in the country. It's been known to happen...
Score: 0
|More often in urban legends and books than in real life, but yeah, it's been known to happen.
Score: 0
|It's time to fight fire with fire. Sony, the RIAA and the other greedy leaches will not stop until they suck every penny they can. Their lame excuses of protecting the artist are unfounded when you follow the money. The artist suffers along with the consumer. Until the consumers who pay good money utilize the same tools that parasites do, the media moguls Big Brother tactics will only get more aggressive and more imposing. We not only need to hire lawyers but we need to make this political. Because of evolving technologies the big media companies are losing their ability to totally control distribution and pour money in the coffers of our politicians. Politicians will follow the money until the people that put them in office let them know that they will send them home to the unemployment line.
Hard working consumers need to;
1. Write, don't call your representatives and tell them that their job is on the line.
2. Join any class action suit that comes down the pike. Make them sweat.
3. Don't buy from companies that support or sell such insidious products. That includes all their products; CDs, TVs or any other item they produce or sell.
4. Support the artist by buying directly from them. At least then they will get a more deserved share of their property until we have a truly modern distribution process that eliminates the no value parasites.
Score: 0
|law suit? these are illegal practices, lock someone up!
ha th eitalian group is callin the DRM a virus, such poetry
Score: 0
|It is a virus.
Score: 0
|Actually, not all rootkits are viruses. A rootkit is simply a method used to hide viruses and adware. By association, it's considered malware, but it alone, by itself, is not a virus.
Now, the DRM that this rootkit hides could be considered a virus by some since it does phone-home. Not sure yet whether or not it is capable of recieving commands, but it potentially could.
The question is whether Sony did this knowing it would create an easily exploitable vulnerability on the users system.
Score: 0
|Give them the same as their friends the RIAA give the consumers.
Of course a class action suit will get nothing for consumers, but it will still cost Sony. Hopefully lots.
Score: 0
|Few word to sony: DIE IN HELL!
Score: 0
|Sony was, and is, stupid about this issue it seems. They deserve this lawsuit, I can tell you. But geez, that's a little harsh, don't da_n them for it. Besides, people die here on earth, if you're in hell you would be dead already :P
Score: 0
|lol
Score: 0
|http://www.theregister.c...5/11/10/sony_drm_trojan/
Turns out the virus makers are using the root-kit from Sony DRMed CDs already.
One lawsuit is less than Sony deserve - they should be sued in every state, country and province. Then maybe they'll get the picture!
Score: 0
|Had a feeling this was coming.... THANKS SONY!!! Grrrrrrr
Score: 0
|No biggie. Any AV/adware program worth it's salt should already have this and many possible variations pegged.
Score: 0
|