Back to Metroland's Home Page!
 Columns & Opinions
   The Simple Life
   Looking Up
   Myth America
   Rapp On This
 News & Features
   What a Week
   Loose Ends
   This Week's Review
   The Dining Guide
 Cinema & Video
   Weekly Reviews
   The Movie Schedule
   Listen Here
   Art Murmur
   Night & Day
   Event Listings
   View Classified Ads
   Place a Classified Ad
   Online Personals
   Place A Print Ad
 About Metroland
   Where We Are
   Who We Are
   What We Do
   Work For Us
   Place An Ad

The Biggest Hack

As I mentioned here a few months ago, the big record labels have been trying for years to limit what you can do with the music you buy on a CD. What they are trying to do falls under the broad category of what’s called Digital Rights Management, or DRM. If you haven’t already, you’ll be seeing these initials a lot in the future.

They’ve been vainly trying to sell you “copy-protected” CDs, which means for the illegally inflated prices you pay for a CD, you might be getting music with digital handcuffs attached. With copy-protected CDs, if you try to play your CD on your computer, bad stuff happens. Want to bounce the music from your CD into your iPod? No can do!

The industry has been told for years that this is tilting at windmills; that, try as they might, they aren’t going to bend the will of the consumer, and they aren’t going to outrun the smarts of the hacker community, which will deftly undo any shackles the industry tries to put on digital music. Information wants to be free, fight the power, etc. The DRM dog ain’t gonna hunt, bubba.

A few months ago, SONY BMG, in their infinite wisdom, tried something new. They put a few different self-executing DRM programs on a bunch of their CDs. When you stuck one of these CDs into your computer, the programs installed themselves into your Windows operating system. They didn’t tell you they were doing this; if they did, the disclosure was buried in a click-through user agreement that may or may not have popped up on your computer screen when you stuck the CD into your CD drive. These programs took up a considerable amount of space and slowed down your computer. Even worse, these programs monitored what you listened to, and in some cases reported findings, via the Internet, back to SONY BMG’s “security vendor,” a company pleasantly named SunnComm. These programs have features that hide themselves from detection and are hard to remove when detected, and their presence on your machine makes you vulnerable to attacks from vicious hackers. Well, more attacks, I should say, since you’ve already been attacked by a vicious hacker: SONY.

The two programs, titled MediaMax and XCP Rootkit, have been included on almost 25 million CDs that have been sold to the public.

This all blew up a week or so ago, and this is what has happened so far:

After first denying there was a problem (a SONY BMG bigwig told NPR “most people don’t even know what a rootkit is, so why should they worry about it?”), SONY has apologized for one of the two programs, the XCP Rootkit, and offered an uninstall program for it, as well as an exchange program by which they will give a buyer a clean CD and—get this—clean, downloadable MP3s of the songs on the infected disks. Amazon has offered refunds. SONY hasn’t.

Windows has come up with its own uninstall program, too, as have several other consumer groups. None of these uninstall programs has been deemed entirely safe, though, as they all are suspected of leaving computers vulnerable to attack. In other words, it’s unclear that anything will leave your computer the way it was before the Rootkit program got in there.

The Department of Homeland Security’s Computer Readiness Team has advised consumers not to install these programs! Be on a heightened state of alert, cause SONY’s in town! Wired News reports that military and governmental networks have been compromised by SONY’s programs.

On Monday, both the State of Texas and the Electronic Freedom Foundation filed lawsuits against SONY BMG, alleging various violations of consumers’ privacy, damage to property, and anti-spyware laws. That’s right. SONY is being banged just like those loathsome, sweaty little nerds who sneak stuff on your computer while you’re web surfing or looking through your e-mail. The little criminals who’ve forced you to run Spybot every week—SONY’s now one of them.

Meantime the RIAA, the overfunded mouthpiece for the recording industry, has come out in favor of DRM and, despite everything that’s happened, has announced that XCP Rootkit, MediaMax and their ilk are perfectly acceptable ways to control the use of its member-labels’ product, errrr . . . content, errrr . . . music.

If this all sounds serious, it is. Most of the dust on this hasn’t even been kicked up yet, much less had the opportunity to settle. Obviously, SONY would love for this dust to get swept under the carpet, but I don’t think that’s gonna happen, not this time. We haven’t yet heard from the artists, who tend to be a cowardly bunch on stuff like this; but, as consumers’ ire rises about why their new Trey Anastasio CD screwed up their computer, I think artists will have to start screaming. (A list of XCP Rootkit-infected disks that SONY admits to can be found at english/titles.html; I haven’t seen a list of titles with MediaMax infections.)

And folks are gonna stop buying CDs. SONY BMG has caused the perception that CDs are dangerous, because they’ve sold CDs that are. I think, as a punitive measure, SONY ought to put all of the songs on all of its infected CDs on 100 computers connected to broadband and running Morpheus, Grokster, Bearshare, eDonkey, and Limewire. And then pay the artists double royalties for every free download that happens. And then get the hell out of the music business.

—Paul Rapp

Send A Letter to Our Editor
Back Home
In Association with
columbia house DVD 120X90
Copyright © 2002 Lou Communications, Inc., 419 Madison Ave., Albany, NY 12210. All rights reserved.