Trojan horse
Sony XCP technology was poorly designed and could be easily exploited by worm authors

Sony backs out of rootkit anti-piracy scheme

Record label caves in under intense pressure

Written by Tom Sanders in California, vnunet.com

Sony BMG has promised to stop making music CDs that use its controversial XCP anti-piracy technology.

The record label had come under fire for the technology, which security experts warned was poorly designed and could be easily exploited by worm authors to hide malware from antivirus software.

Consumers inserting the CDs in their computers would unknowingly install the application, which was very hard to remove. In an effort to remain installed, the technology used a so-called rootkit to hide itself from the user and the system.

Advertisement

It took only one week for the first virus to surface that exploited the features of the rootkit to try and hide from antivirus software.

The software made alterations at a deep level of the Windows operating system to allow it to monitor and limit the number of copies that a consumer made of a CD, as well as to regulate the file formats that could be used to rip the disk.

Sony reserved the right to explore other anti-piracy technologies, but said it will re-examine its content protection initiatives to ensure that they meet security and ease of use standards. 

The label will recall all unsold CDs from stores and has instated a consumer exchange programme for consumers who have previously purchased XCP equipped CDs. The Electronic Frontier Foundation on its website has published a list of titles affected by the technology and offers instructions on how to recognise the CD.

About two million CDs with the technology have been sold worldwide. Consumers have called for a boycott of Sony's music, and CDs that carried the anti-piracy technology have been slammed on online review sites such Amazon, causing their ratings to drop.  

Sony is also facing lawsuits in California and Italy over the technology and more actions are likely to follow. 

The XCP technology was developed by UK software company First 4 Internet

Several security vendors including Computer Associates, Sophos, Symantec and Microsoft have started to provide or will provide a tool to remove the XCP software.

Sony has always maintained that there were no security risks associated with the anti-piracy technology.

Tags:

Reader comments

More from Computeractive

News

The latest home computing news

Downloads

The best PC tools, applications and more

Reviews

Independent opinions on new hardware and software

Step-by-step guides

Easy-to-follow projects with pictures

PC Help

Solve PC problems with our Q&A

Videos

PC projects demonstrated and product reviews

Articles

An in-depth look at how to get the best from your PC

Magazine

What's coming up in Computeractive

Forums

Get help with your PC problems from our readers

Competitions

Your chance to win computing prizes

Shopping

Great deals on products, services and more

NEW! Computeractive CD Rom 11
All 26 issues of Computeractive from 2008 on one CD-Rom.

Ultimate Guide to Disc Burning
Everything you need to know about creating your own discs.

Create your own calendars softwareCreate your own Calendars
The fun and easy way to create your own calendars!

Computeractive - Issue 280Computeractive Back Issues
Missed an issue? Click here to find a back issue

Blogs

Windows Watch

Windows Watch

Keeping an eye on the latest XP and Vista news

Outlook 2007 email controversy

One of the major changes in Outlook 2007 had nothing to do with the Ribbon but that Word was used to display...

Download Junkie

Download Junkie

Your daily dose of download discussion

Backup important data with SyncBack SE

Keeping certain files backed up helps to keep items safe in case anything disastrous happens to your computer, but although most of...

Advertisement

Free email newsletters

Techno babble demystified...

[Display all definitions]

Or type in any computer-related word and click "Go"

Advertisement

Computeractive is not reponsible for content of Google adverts

Primary Navigation

© Incisive Media Ltd. 2009. Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in England and Wales with company registration number 04038503

Search computeractive.co.uk