Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

Texas Expands Suit Against Sony BMG

By Nate Mook, BetaNews

December 22, 2005, 12:44 PM

Texas Attorney General Greg Abbott has expanded his state's lawsuit against Sony BMG that was filed in November over the use of illegal spyware in its XCP copy-protection mechanism. The new charges allege that Sony's other DRM software, SunnComm MediaMax, installs even if a user declines the license agreement.

In the initial filing, Abbott sued under Texas' Consumer Protection Against Computer Spyware Act of 2005, and sought civil penalties of $100,000 for each violation of the law, attorneys' fees and investigative costs. The additional allegations invoke the Texas Deceptive Trade Practices Act.

"We keep discovering additional methods SONY used to deceive Texas consumers who thought they were simply buying music," Attorney General Abbott said in a statement. "Thousands of Texans are now potential victims of this deceptive game SONY played with consumers for its own purposes."

Under the Texas Deceptive Trade Practice Act, Abbott can ask Sony to pay $20,000 for each violation of the law.

Abbott has also sent a letter to Texas retailers asking them to take all 52 CDs with SunnComm's MediaMax software off store shelves immediately. He also warned that the retailers could be just as culpable as Sony for continuing to sell the CDS.

"These CDs open the door for malicious hackers to target consumers' computers. Hackers may be using the SONY files to install viruses, malware or even commit identity theft," Abbott said. "Retailers that continue to sell these CDs may be just as liable under the law as Sony."

The Electronic Frontier Foundation is also suing Sony BMG over both the XCP rootkit software and SunnComm's MediaMax. "Sony BMG is to be commended for its acknowledgment of the serious security problems caused by its XCP software, but it needs to go further to regain the public's trust," said Corynne McSherry, EFF Staff Attorney.

The expansion of the Texas lawsuit against Sony follows news that SunnComm's MediaMax copy protection software does not properly protect a directory it installs. Thus, a restricted user account could replace the executables within the MediaMax directory with malicious code, which would then be executed by an administrator upon inserting a CD.

Sony attempted to issue a patch for the vulnerability, but the patch was found to be insecure as well by Princeton researchers Alex Halderman and Edward Felten. Halderman and Felten had previously discovered that SunnComm's software installs even if a user rejects the EULA.

Add a Comment (24 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By maniakmx3

posted Dec 23, 2005 - 9:19 AM

Question, how come Sony BMG is the only one getting sued here? why not SunnComm?? They created the Mediamax software...

Score: 0

By wincement

posted Dec 23, 2005 - 12:29 PM

Good question. I think the AG is just going for extra brownie points with this move. That's why I'm not sure I like it.

SunnComm probably will end up with a lawsuit of its own eventually though.

Score: 0

By maniakmx3

posted Dec 23, 2005 - 2:14 PM

I agree, SunnComm definatly has to take responsibility for their actions as well...

Score: 0

By wincement

posted Dec 23, 2005 - 1:36 AM

Hmmm... I'm all for nailing Sony to the wall over the XCP rootkit, but I think this might be overkill.

Score: 0

By maniakmx3

edited Dec 23, 2005 - 9:16 AM

Damn it, shut up. I'm not saying anything.......................

Score: 0

By wincement

edited Dec 23, 2005 - 12:27 PM

Score: 0

By maniakmx3

edited Dec 23, 2005 - 2:13 PM

lol I'm not saying anything on the subject..I was going too but I changed my mind lol

Score: 0

By wincement

posted Dec 23, 2005 - 12:27 PM

lol @ your P.S. I know. I was just poking fun at you. But now you changed it, so my post doesn't make sense anymore.

*goes to edit*

There.

Score: 0

By KSzostek

posted Dec 22, 2005 - 4:48 PM

Boycott ALL of Sony products!

Score: 0

By mehvii

posted Dec 22, 2005 - 2:38 PM

This is one of the reasons I love Texas.

Score: 0

By dvferret

posted Dec 22, 2005 - 10:11 PM

Great place, isnt it? lol

Score: 0

By maniakmx3

posted Dec 23, 2005 - 2:35 PM

Oh yeah, rednecks, shockguns, jacked up trucks, Crime riddin Cities, Houstin Texans, Dallas cowboys...what's not to love?? .... -_-'

Score: 0

By bourgeoisdude

posted Dec 23, 2005 - 4:21 PM

"what's not to love?? .... -_-'"

100% Humidity!

Score: 0

By wincement

posted Dec 23, 2005 - 9:08 PM

Hahaha...

We've definitely got enough of that here in the panhandle of Florida...

Score: 0

By nightops

posted Dec 22, 2005 - 2:28 PM

Um...you go AG? I only wish that the RIAA had something to do with this so their heads would roll as well as Sony BMG.

Score: 0

By bourgeoisdude

posted Dec 22, 2005 - 1:27 PM

I actually think this is overboard on the AG's part. The anti-spyware legislation in Texas is not violated by MediaMax--it allows to uninstall. However installing itself BEFORE the license agreement SHOULD be a no-no, but not yet under law.

Score: 0

By black demon

posted Dec 22, 2005 - 1:49 PM

Actually that is not correct. The un-install was not for the root kit. The root kit remained regardless of any un-install you did of the MediaMax software. The Root kit was un-installable.

Score: 0

By tazzyandpiggy

posted Dec 22, 2005 - 1:41 PM

Is it installing before the license agreement, or in spite of DECLINING the license agreement?

If it's installing after declining the agreement then surely it DOES fall foul of the anti-spyware legislation by virtue of the fact that the end user had NO idea it had installed anything as a result of rejecting the agreement.

The fact that it can be removed matters not, if - by rejecting acceptance - a user was unaware it had installed in the first place.

Score: 0

By black demon

posted Dec 23, 2005 - 7:45 AM

The test I ran here showed that it installed simply by putting the cd in the drive.I didn't even listen to it.

Score: 0

By bourgeoisdude

posted Dec 23, 2005 - 4:20 PM

You're right...

Score: 0

By black demon

edited Dec 22, 2005 - 1:26 PM

Glad to hear this. Hope they nail Sony to the wall. Of course if this was done by joe blow public he would get 50 years in jail but as this is Sony they will get a slap on the wrist and called 'bad boy' by the court and 'don't do that again'

Besides the only regret Sony has about this was they were caught they have no regrets that they did it. Also the comments they made after this came to light go to show you the contempt and lack of respect they have for their customers.

Score: 0

By tazzyandpiggy

posted Dec 22, 2005 - 1:43 PM

Your second paragraph sums it up perfectly.

Score: 0

By eman8ions

posted Dec 22, 2005 - 1:15 PM

Heads should be rolling all over the place at Sony!

Score: 0

By tazzyandpiggy

edited Dec 22, 2005 - 1:24 PM

This just gets funnier* by the day.

* = does not include those affected, obviously.

Score: 0

Sep 5 - 8:44 PM ET Mozilla's Aza Raskin: The journey back to Ubiquity

Sep 5 - 7:10 PM ET Red Hat buys virtualization specialist Qumranet

Sep 5 - 7:06 PM ET Analysts: Online news viewers rising as newspaper readership falls

Sep 5 - 6:55 PM ET Where does Sarah Palin stand on technology issues?

Sep 5 - 6:51 PM ET Adobe Flash to deliver NFL games in full

Sep 5 - 4:29 PM ET Exclusive beta invitation from GameTap and BetaNews

Sep 5 - 4:09 PM ET Report: OLPC buy one, give one deal returns

Sep 5 - 3:45 PM ET No ruling yet in TiVo vs. EchoStar patent case

Sep 5 - 3:37 PM ET Google Analytics starts tracking Chrome, with intriguing results

Sep 5 - 2:14 PM ET Comcast challenges FCC's authority in sanction appeal