So, Sony, who are you firing now?
Picture this: you buy a (perfectly legal) machine M, buy some (perfectly legal) content C, and insert C in M for the purpose of playing it.
Content owner O doesn't want you to make too many copies of C (cause you're all supposed to be thieves, right?), so they have the bright idea of installing a piece of software S to control access to your content C on your machine M.
As they're shy about it, they install S in such a way that you cannot see it easily.
Now bring up more mud: S uses hacker-level covert techniques to hide itself and is utterly broken, so that any clever pirate P can use it to install their own pirate software S' on your machine M.
And, last but not least, removing S breaks M...well, that's maybe not that bad as M was bound to be attacked in many ways via S, but still...M is supposed to be your machine and you paid for it right? Well, you even paid for C by the way...
The level of incompetence exposed in all this is hard to believe once you add O = global media company into the equation. Analyses like doxpara's shows that Sony's rootkit has caused at least several hundred thousands of computers to become infected by their software S (or should it be S**t?), and realistically much more than that.
My opinion of Sony was already fairly low after previous experiences, and it's not getting any better.
This DRM junk shows that controlling software that's out in the wild is hard, and is a perfect example of causing more harm to legal customers than helping anybody.
I don't have an easy solution to the overall problem, but taking control of your customer's equipment using broken hacker software is...well, I'm not going to write that here ;-)
Find less rantish info about this Sony rootkit story at:
- Mark Russinovich's site (he's the one who found about this)
- Wired.com (by Bruce Schneier)
- Freedom to tinker
- The Register