Sony: The aftermath

The Sony story went public, Naturally, they ran the standard corporate playbook:

  1. Deny that the problem exists.
  2. Cast aspersions on those who raised the problem.
  3. Minimize the problem.
  4. Release a “fix” that does not actually fix the problem.
  5. Spin like crazy.

It did not work. The story went cosmic, and the press crucified Sony.

Real Story of the Rogue Rootkit
DRM This, Sony!
Sony’s DRM: It Just Keeps Getting Worse

When the dust had settled, the following was known:

  • Viruses had been found in the wild that used the “cloaking” functionality that was part of the original Sony DRM.
  • Sony released a patch that removed the cloaking functionality.
  • Then they released another patch that replaced the DRM with a different type of DRM.
  • In order to remove the DRM software, you have to beg Sony… then you have to install an ActiveX control (security experts agree that ActiveX is a bad thing).
  • Sony’s DRM could be neutralized by turning off the “autoplay” function… or by the judicious use of a piece of tape.
  • The DRM software itself is in breach of copyright. (more)
  • The United States Computer Emergency Readiness Team (US-CERT) says “Never Install Audio-CD DRM Software

Finally, under a firestorm of public pressure, Sony recalled the “faulty” CDs.

Here’s my favorite quote from this whole mess.

“DRM rootkit to stop piracy: $50,000,000
Patch to water-down DRM rootkit: $5,000,000
Top notch lawyers to sue pirates: $100,000,000
Being sued by the only legitimate users you have: Priceless.
There are some thought processes money can’t buy. For everything else there’s MasterTard ™

