Find Article by Date
Mon, 14 Nov 2005

JP/IT-Sony-HackingCD

IT-Sony-HackingCD

JP/17/VISHNU

New Sony music CD 'hacks' computers

Vishnu K. Mahmud Contributor/Jakarta vmahmud@yahoo.com

The Internet IT community is in an uproar over reports that a number of new Sony BMG music CDs, such as the Van Zant Brothers' ironically titled Get Right With The Man, surreptitiously installs a "spyware" program when played on a computer.

Most alarmingly, this new application is completely undetectable by the user, firewalls, antivirus programs and the Windows operating system.

The hidden application in question appears to be a part of Sony BMG's Digital Rights Management (DRM), a technology that some music lovers believe overly restricts their rights as owners of music CDs.

On the PC, the albums can only be used with a special music player program -- included -- that also allows the creation of three copy-protected "backup" CDs. In short, DRM is used to prevent casual piracy.

From his investigation, Mark Russinovich, Chief Software Architect of Winternals Software, wrote in his blog (www.sysinternals.com/Blog/) that Sony's DRM uses rootkit technology, which Wikipedia.org defines as "a set of tools frequently used by an intruder after cracking a computer system."

As such, the program, which was installed secretly, and whose functions are unknown, is hard to find and difficult to remove. What's more, virus and Trojan writers are now using this new Sony DRM to infect more Windows systems. Mac and Linux users are, so far, not immediately affected.

Changing climate

The music industry has always stated that piracy is an issue that continues to drain its profits, pointing to peer-to-peer (P2P) file-sharing networks as one of the major culprits. The Recording Industry Association of America (RIAA.com) has even filed lawsuits against individual computer users who are suspected of "sharing" or downloading music.

A majority of the suits were settled out of court since most people, whose guilt has yet to be proven, could not afford expensive legal fees against a giant, cartel-like organization.

However, a paper titled The Effect of File Sharing on Record Sales: An Empirical Analysis (www.unc.edu/cigar) by Associate Professors Felix Oberholzer and Koleman Strumpf from Harvard Business School and the University of North Carolina, Chapel Hill, respectively, found little credence to the RIAA's claims as movies, computer software and video games are "actively downloaded, and yet these industries have continued to grow since the advent of file sharing."

They also point to a change in macroeconomic conditions, transformations in the music industry, and a possible consumer backlash against the RIAA's excessive tactics.

The issues facing the recording industry and other content publishers are that the delivery medium to consumers has changed, as has their expectations. One can simply log on to the iTunes Music Store (www.apple.com/itunes) and purchase their music online.

Although the music also is DRM-protected, Apple has the perception that it does not treat customers as potential thieves since its "restrictions" seem to be more acceptable to the general public. Not even a month has passed since Apple introduced videos at the iTunes Store, a million has already been purchased and downloaded.

Inexorable rise of MP3

The music industry should realize that CD players are slowly going the way of the dodo. Small, inexpensive MP3 players from Korea and China have flooded the Indonesian market, with handphone manufacturers now building in MP3 players into their handsets.

With a new type of music playing device, the industry could no longer justify its old business practices of excessive marketing, costly CD pressing and rewarding only a few of its artists.

With the Internet, and companies offering digital music sales, independent artists can completely bypass the middle-man (in this case, the record labels), sign up with an iTunes like service, and do their own marketing, be it online, club gigs and concerts or word of mouth.

They are likely to receive more money than what any recording contract could offer them (unless, of course, they are considered to be a marquee brand and have the full backing of the label's marketing team budget).

Also with the Internet, any attempt to circumvent any rights of users and consumers will be unmasked and made public by the technological priesthood of hackers and IT analysts around the world, highlighting the fact that consumers (as well as artists) are getting smarter.

In this new digital era, such heavy-handed tactics will only distance a company from its target market.

There have been a number of angry responses online calling for the boycott of Sony BMG products, with many others questioning the wisdom of purchasing other Sony brands, such as the PSP or the upcoming PS3. Lawsuits have even begun to be considered in the U.S.

One can therefore conclude that it is vital for businesses to engage consumers, not alienate them.

(Since this article was written the BBC has reported that Sony has announced that it will suspend production of CDs with anti- piracy software that can leave computers vulnerable to viruses)