Tech: How thieves drove Sony into the spyware business

Not intentionally, of course, but Sony has made the purchase of their CDs too dangerous for customers who might play them on a PC. In a well-deserved twist, it would be much safer for listeners to forego the purchase of a CD and find a pirated copy instead. Is this what Sony had in mind? The Recording Industry Association of America and its members have made a lot of stupid choices in their battle with those who steal recorded music. One of the stupidest was Sony’s decision to use the most dangerous virus-writing technology to limit copying of some of its music CDs.

Stealing music

Napster had two effects on American culture. The first was to make wholesale theft of music easy and downright cool. The second was to expose the moral bankruptcy of millions of Americans. Spoiled brats of all ages decided that they were entitled to own the recorded music they coveted and to decide what – if anything – they would pay for it. In millions of cases, the decision was to pay nothing.

Raised on liberal Democrat social theories, these delinquents believed that they were entitled to determine – with no knowledge of the business – what profit was “fair” for music publishers. They decided that by stealing the products they wanted, they would tell the evil music publishers that they weren’t necessarily entitled to either cost recovery or profits. If you stop to think about it, it’s a short leap from setting an arbitrary minimum wage that eliminates low-value jobs to setting an arbitrary maximum price for CDs that eliminates low-margin artists

Spoon-fed public-school economic theories, they decided that the proper response to prices that they considered too high was to simply steal what they wanted. They were unable to grasp two simple facts:

1. Prices are driven by cost and profit; everyone in the business of music has to recover their costs and make whatever profit they consider sufficient to make the business attractive.
2. When massive theft reduces the number of CDs that are actually sold, the publisher will do something – either raise the price to cover both costs and profits or resort to other measures to make stealing less palatable.

(Ok, I’m being too kind to the thieves. Most of the millions of miscreants didn’t actually think about it all. They just saw something they could steal with little chance of getting caught and they stole it. The few who turned down the volume on their stolen music long enough to permit thought – mostly mature adults who should have known better – generally presented rationalizations along these lines.)

Sony’s spyware solution

Sony responded to the theft with a copy-protection scheme born in one of the sleaziest corners of the Internet, the lair of the virus writer. These folks (who, in terms of moral fiber, have something in common with people who steal music) have a new tool in their kit – root kits. Root kits allow the creation of software that hides from virtually everything – simple directory listings, registry editors, anti-virus and anti-spyware tools, you name it. Imagine the danger of a program running under Windows that Windows itself doesn’t even know is there.

On October 31, Mark Russinovich reported his discovery of root kit software on his PC and posted this blog entry spelling out (in great technical detail) his investigations. He traced the cloaked software to a CD from Sony.

Caught red-handed, Sony confessed that it had been installing a nasty copy-protection tool called XPC on customers’ PCs since early this year. Reaction to Sony’s confession has included a request to Italian police to investigate Sony for possible criminal activity and the decision by a major security software vendor to declare XPC spyware and announce that its tool will identify and remove XPC starting November 12.

In an effort to defend and continue its use of virus technology, Sony posted a patch on its web site that would leave the software in place but un-cloak it. Unfortunately, the patch can cause Windows to crash. Worse, Russinovich has reported that the spyware communicates with Sony’s web site. These two behaviors – avoiding detection and undisclosed communication with another computer over the Internet – are exactly the sort of thing we expect of the most malicious spyware.

Sony gives up for now

As Russinovich warned, viruses have been identified that exploit the cloaked environment created by XCP. With a PR nightmare on its hands, confronted by European rights groups demanding that honest consumers not be treated like criminals, and facing at least one class-action lawsuit, Sony threw in the towel – sort of.

According to this Reuters story, Sony said “as a precautionary measure, Sony BMG is temporarily suspending the manufacture of CDs containing XCP technology,” and added that content protectin is “an important tool to protect our intellectual property rights and those of our artists.” They’ll be back. There is little doubt that Sony (and perhaps others) will continue to ignore honest customers’ legal and ethical rights and will continue to victimize them with harmful technology.

There’s not much consumers can do about this kind of abuse. If Sony and other publishers were required to disclose the limitations imposed on PC users (Mac and Linux users were never at risk), shoppers could at least vote with their pocketbooks and simply decline to buy spyware masquerading as “protection of intellectual property rights”. Perhaps there’s another class-action suit there….

Who’s to blame?

There’s plenty to go around

• The legions of music thieves whose greed forced the issue on the publishers in the first place
• The RIAA members (music publishers) who responded by assuming that all customers were dishonest
• The incompetent programmers at First 4 Internet Ltd who produced the “underhanded and sloppily written software” that Russinovich uncovered
• Sony – a greedy, possibly criminal, company that is willing to infect and possibly disable honest customers’ PCs in the hope of frustrating a few of the more casual thieves.

The only hero in this story is Russinovich. The thieves, the virus-writers at First 4 Internet Ltd, and the spyware distributors at Sony have all contributed to making music less accessible and PCs less reliable. They should all go crawl back under their rocks.

Did Sony install spyware on your PC?

Here are two lists of CDs reported to have been infected with spyware by Sony:

• Electronic Frontier Foundation
• xtracto’s list on Slashdot

If you own one of these CDs and tried to play it on a Windows PC, your computer may be infected. Keep your spyware removal software updated. Microsoft and others have announced plans to include Sony’s XPC in the list of spyware they will remove.

This entry was posted on Monday, November 14th, 2005 at 10:00 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.