Tech Talk

Have you tried to play an audio CD on your computer recently? If it happened to be a released by the second largest music label in the world, Sony BMG, your computer might be infected with a virus called Extended Copyright Protection (XCP).

XCP was designed by the UK firm First 4 Internet and licensed by Sony as a form of Digital Rights Management (DRM). DRM is a term that describes technical methods used to control intellectual property. In this case, it means restricting how an audio CD can be used, and in particular, copied. One feature of this particular DRM scheme is that it is only compatible with Sony’s digital music players. So forget copying your newly purchased album to your iPod. Antitrust much?

When you insert an audio CD with XCP into your computer you’ll be presented with a misleading End User License Agreement, which no one reads anyways. If you accept the agreement, XCP will be covertly installed on your computer. If you refuse the agreement the CD will be ejected.

XCP forces you to use its included music player which is actually spyware that reports your activities back to Sony. The software also does a hard drive scan of executable programs every 1.5 seconds eating up system resources and causing unnecessary wear and tear.

Computer Associates and other antivirus program manufacturers have classified the program as a Trojan horse, rootkit and spyware. A Trojan horse is virus disguised as legitimate software. A rootkit is used to conceal activity on a computer. In this case, it is used to hide the Trojan.

XCP causes system instability, and also introduces vulnerabilities that allow an attacker to remotely take control of your computer. There has already been at least one confirmed virus that takes advantage of these vulnerabilities. At least 550,000 computers are affected.

The rootkit was discovered by Mark Russinovich on October 31 and the story was picked up by news agencies shortly thereafter.

Just over a week later, Sony released an upgrade for XCP. The patch doesn’t actually remove XCP, it just removes the rootkit and lowers the load on your system resources. This update installs more software that cannot be uninstalled and introduces a vulnerability that would allow affected computers to be hijacked by malicious websites. The purported fix is also known to cause further system instability. This patch and the “upgraded” version of XCP have both been classified as Trojans.

By November 11 Sony announced that it was temporarily suspending the manufacture of CDs using XCP. Three days later Sony announced an exchange program for the estimated 2.1 million CDs with XCP that were already purchased and said they would recall the unsold 2.5 million in stores. On November 18 Sony provided a “new and improved” patch for XCP. It has been reported to create further security vulnerabilities.

Both patches require you to enter your personal information for marketing purposes. Removing the software manually will cause your CDROM to be disabled and require reconfiguration, something beyond the abilities of the average user.

The United States Computer Emergency Readiness Team, part of the Department of Homeland Security, considers XCP enough of a risk that it recommends not installing the software at all.

Sony now faces two class-action lawsuits and criminal investigations.

There are also accusations that XCP uses code from other programs in a way that constitutes a violation of copyright law. This could lead to further lawsuits.

In an attempt to protect its own intellectual property rights, Sony has violated the private property rights of its customers and the intellectual property rights of others.

Link O’ the Week: Wikipedia’s XCP List

A complete list of CDs that use XCP DRM.

Webcomic O’ the Week: Punks and Nerd by Josh Mirman

There’s a little rebellious dork in all of us.

I have a theory that no one…

Free Application O’ the Week: Trillian 3.1
For who are tired of using more then one chat client, Trillian supports AIM, ICQ, MSN, Yahoo Messenger, and IRC. It also includes a slew of features and enhanced security.

…actually reads these descriptions.

Comments are closed.

Related Posts