James Delahunty
3 Nov 2005 13:47
Sony BMG has come under criticism for the XCP (Extended Copy Protection) software included with some of its CDs. Mark Russinovich, a renowned Windows programming expert, said that the copy protection he encountered uses cloaked files to hide inside the Windows Operating Systems, making uninstalling a very difficult task. He commented that Sony's anti-piracy efforts have gone too far. XCP was developed by First 4 Internet, a UK based company. It is just one of several copy protection technologies that Sony BMG is trying out.
Russinovich, said that the methods used by this particular protection, are similar to those used by rootkits, which are often used to hide malicious software in the Windows Operating System, to avoid detection by anti-virus software. About 20 titles are thought to contain XCP software and in May 2005, Sony stated that more than two million discs shipped with the technology. It allows consumers to make only three copies of an album, and only allows consumers to listen to the music on a Windows OS through use of proprietary software.
The CDs play back fine in normal CD players and the copy protection is ineffective on either Macs or Linux. "Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall." Russinovich said on his blog. He said that the license agreement made no mention of the fact that you can't uninstall the software. It is possible that under the Computer Misuse Act in the UK, Sony BMG could be open to prosecution for making "unauthorised changes" to a machine, according to law expert Nick Lockett.
"There would be no problem if there's a big screen coming up saying as part of the anti-piracy measures this CD will amend your operating system," he said. Mikko Hypponen, CEO of F-Secure also shared the worries. "What we are scared of is when we find a new virus written by someone that relies on the fact that this [XCP] software is running on tens of thousands of computers around the world," he said. "The rootkit would hide that virus from pretty much any anti-virus program out there."
First 4 Internet however was quick to defend its technology from criticism. Mathew Gilliat-Smith, chief executive of First 4 Internet said there was absolutely no evidence that viruses were being written that took advantage of XCP and that the techniques used by the software are used by many other programs. He said that debate sparked by Russinovich's work, led to the company releasing information on the hidden files to anti-virus companies to help them identify them correctly.
He also said that users were properly warned about the copy protection. "It's clearly packaged on the CD that its copy-protected," he said.
Source:
BBC News